Pawel Wieczorek [Wed, 25 Sep 2019 16:36:06 +0000 (18:36 +0200)]
k8s: Call correct methods for API server auditing flags validation
Issue-ID: SECCOM-235
Change-Id: Ia5d75628b1c5211f378c239f84e9689d45697a04
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Wed, 25 Sep 2019 16:30:10 +0000 (18:30 +0200)]
k8s: Validate API server request timeout
This patch verifies if CIS Kubernetes Benchmark v1.3.0 section
regarding master node configuration is satisfied (1.1.38).
Issue-ID: SECCOM-235
Change-Id: Ic1f175d577c79013ddb49e02b8de69137535c964
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Wed, 25 Sep 2019 14:37:24 +0000 (16:37 +0200)]
k8s: Validate API server included authorization mode
This patch verifies if CIS Kubernetes Benchmark v1.3.0 section
regarding master node configuration is satisfied (1.1.32).
It also fixes wrong documentation comment for similar validator
(1.1.19).
Issue-ID: SECCOM-235
Change-Id: I00cb8a458871b091b16fe60fc0087b7972aa3b6b
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Fri, 20 Sep 2019 09:42:58 +0000 (11:42 +0200)]
k8s: Validate API server crypto ciphers in use
This patch verifies if CIS Kubernetes Benchmark v1.3.0 section
regarding master node configuration is satisfied (1.1.30).
It also covers its duplicate (1.1.39).
Issue-ID: SECCOM-235
Change-Id: I0f3031c080cf225e7c2c03e65dd0bfc780326307
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Bartek Grzybowski [Wed, 25 Sep 2019 14:37:05 +0000 (16:37 +0200)]
Fix hashbang in vCPE Python scripts
Change-Id: Id2b7ec151e1a006a5a85b8544e478fd9cf282715
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: TEST-220
Bartek Grzybowski [Wed, 25 Sep 2019 09:21:42 +0000 (11:21 +0200)]
Automate vCPE closed loop policy pushing
Added a library routine to set up CL policy
in an idempotent fashion.
Description of CL pushing related manual step
was removed from documentation.
Change-Id: I1fad5d71481252ce803dd58c6ccbbcfa0a4d246f
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: INT-1267
yangyan [Tue, 24 Sep 2019 02:51:44 +0000 (10:51 +0800)]
add terminate and del function to hpy_automation scripts
Change-Id: Ie669261bde3723d892706d3d767c08b325afc3e0
Issue-ID: INT-1239
Signed-off-by: yangyan <yangyanyj@chinamobile.com>
yangyan [Fri, 20 Sep 2019 07:47:40 +0000 (15:47 +0800)]
fix the typo error of hpy_automation scripts
Change-Id: I27b43d63042bdb46f1ff362335a26bf6726674a0
Issue-ID: INT-1239
Signed-off-by: yangyan <yangyanyj@chinamobile.com>
Brian Freeman [Fri, 20 Sep 2019 13:29:22 +0000 (08:29 -0500)]
SDNC SSL port, BRG category, DEBUG
Issue-ID: INT-1265
Change-Id: I4ea7bf282b7d8aad58645784317dea9edf373cff
Signed-off-by: Brian Freeman <bf1936@att.com>
Yang Xu [Thu, 19 Sep 2019 16:16:45 +0000 (12:16 -0400)]
Update INFO.yaml
Signed-off-by: Yang Xu <xuyang11@gmail.com>
Issue-ID: INT-1269
Change-Id: I9f76cdd3b53f9519017da851a59b8c7000334797
Pawel Wieczorek [Thu, 19 Sep 2019 14:06:13 +0000 (16:06 +0200)]
k8s: Validate API server certificates and keys
This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections
regarding master node configuration are satisfied (1.1.22, 1.1.25 -
1.1.26 and 1.1.28).
Issue-ID: SECCOM-235
Change-Id: Ic61a796653dc868d20fe69c3ed508e7fa8ba52db
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Thu, 19 Sep 2019 13:27:14 +0000 (15:27 +0200)]
k8s: Validate API server Certificate Authorities
This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections
regarding master node configuration are satisfied (1.1.21, 1.1.29
and 1.1.31).
Issue-ID: SECCOM-235
Change-Id: Ia2f55f6962885a7aa878c970a406189902cfab10
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Tue, 17 Sep 2019 16:47:43 +0000 (18:47 +0200)]
k8s: Validate API server auditing flags
This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections
regarding master node configuration are satisfied (1.1.16 - 1.1.18).
Issue-ID: SECCOM-235
Change-Id: I27b63e37fc3203cf3574b9e1cdc43333041f2a36
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Tue, 17 Sep 2019 16:45:41 +0000 (18:45 +0200)]
k8s: Validate API server auditing is enabled
This patch verifies if CIS Kubernetes Benchmark v1.3.0 section
regarding master node configuration is satisfied (1.1.15).
Issue-ID: SECCOM-235
Change-Id: Ia1d27ed7a9e439bb0abf4bd8941bdd4573a50bd5
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Tue, 17 Sep 2019 15:17:48 +0000 (17:17 +0200)]
k8s: Group tests by flag type
Issue-ID: SECCOM-235
Change-Id: I25ebd2930afec6eb259f0a678fffbf7727eb315b
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Tue, 17 Sep 2019 15:09:37 +0000 (17:09 +0200)]
k8s: Validate API server not excluded authorization mode
This patch verifies if CIS Kubernetes Benchmark v1.3.0 section
regarding master node configuration is satisfied (1.1.19).
Issue-ID: SECCOM-235
Change-Id: I00c9600fd0d351afb7141a5fa16f348eab67b12d
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Tue, 17 Sep 2019 14:31:47 +0000 (16:31 +0200)]
k8s: Validate API server not excluded admission plugins
This patch verifies if CIS Kubernetes Benchmark v1.3.0 section
regarding master node configuration is satisfied (1.1.14).
Issue-ID: SECCOM-235
Change-Id: I63c2f8a5b94bfd6c9963805aae85595e6b6ad6d7
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Brian Freeman [Wed, 18 Sep 2019 17:14:21 +0000 (12:14 -0500)]
Fix rev level in license
Issue-ID: INT-1266
Change-Id: I822becff87484b79d3e7c744038b55943c1dddcb
Signed-off-by: Brian Freeman <bf1936@att.com>
Brian Freeman [Wed, 18 Sep 2019 14:30:05 +0000 (09:30 -0500)]
Updates for ssl sdc
Issue-ID: INT-1265
Change-Id: I64971740c8ae9aee60a06ca1d0e5ff02ccbc9a88
Signed-off-by: Brian Freeman <bf1936@att.com>
ecaiyanlinux [Mon, 16 Sep 2019 07:56:21 +0000 (09:56 +0200)]
Add mr-sim log to console
Change-Id: I9697360d2ee5b8e95dacdb74a9a1a025a1a45e3c
Signed-off-by: ecaiyanlinux <martin.c.yan@est.tech>
Issue-ID: DCAEGEN2-1702
Pawel Wieczorek [Tue, 17 Sep 2019 13:47:24 +0000 (15:47 +0200)]
k8s: Validate API server included admission plugins
This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections
regarding master node configuration are satisfied (1.1.11 - 1.1.13,
1.1.24, 1.1.27, 1.1.33 and 1.1.36).
Issue-ID: SECCOM-235
Change-Id: I920bfd42014b8458126be251648f5bf3dcd84c16
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Mon, 16 Sep 2019 15:51:39 +0000 (17:51 +0200)]
k8s: Validate API server excluded admission plugins
This patch verifies if CIS Kubernetes Benchmark v1.3.0 section
regarding master node configuration is satisfied (1.1.10).
However, CIS Kubernetes Benchmark v1.3.0 mismatches official
documentation: Kubernetes 1.10+ already provides safe defaults from
security standpoint [1] (ONAP Casablanca uses 1.11).
Deprecated admission control plugin flag has also been validated since
it was still available in Kubernetes provided by Rancher [2].
[1] https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#is-there-a-recommended-set-of-admission-controllers-to-use
[2] https://github.com/rancher/rancher/issues/15064
Issue-ID: SECCOM-235
Change-Id: I0e8fe9f885861f155cb8265df085fa93dbdff6d2
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Fri, 30 Aug 2019 14:59:37 +0000 (16:59 +0200)]
k8s: Add note on release-specific dependencies
Issue-ID: SECCOM-235
Change-Id: I35d3e3f413542c69718d17ae25f227275270c8cf
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Marco Platania [Mon, 16 Sep 2019 16:16:54 +0000 (12:16 -0400)]
Improve description of scale out use case
- Describe the ONAP flows
- Describe SO workflow
- Describe how to obtain a TOSCA template from SDC
Issue-ID: INT-1171
Signed-off-by: Marco Platania <platania@research.att.com>
Change-Id: I901ae1a85becbb549804f8307991cb592a251d6d
Marco Platania [Mon, 16 Sep 2019 13:14:35 +0000 (09:14 -0400)]
Fix DCAE cleanup process
Issue-ID: INT-479
Signed-off-by: Marco Platania <platania@research.att.com>
Change-Id: I360d9887842ac8e86e3a52f7a549367dc63ccb7d
Brian Freeman [Fri, 13 Sep 2019 14:23:55 +0000 (09:23 -0500)]
Add sdc keyspaces and longer timeout
Issue-ID: INT-1244
Change-Id: I5bc0f4e02ac3d2d8df867f76327e588353c76da8
Signed-off-by: Brian Freeman <bf1936@att.com>
Lukasz Rajewski [Thu, 12 Sep 2019 07:03:47 +0000 (09:03 +0200)]
Modified vFW DT Use case description
Description of policy configuration and typos fixed
Change-Id: Ib11df95b79987b85c15452d74a5644c152dcbfde
Signed-off-by: Lukasz Rajewski <lukasz.rajewski@orange.com>
Issue-ID: INT-751
Bartek Grzybowski [Fri, 13 Sep 2019 10:50:59 +0000 (12:50 +0200)]
Refactor healthcheck-k8s.py
Error reporting was improved by returning actual
error message from subprocess call to 'kubectl' command.
Code readability was improved by defining a dictionary
of endpoint names to check and their IPs.
Unsecure 'shell=True' property in Popen constructor for
kubectl command in SDNC DB was removed and command string
itself sanitized.
Overall code readability was improved by reusing common
commands in a loop.
Change-Id: I19f8f71e27196bb55a9be3d58cd0885ceba3af0c
Issue-ID: TEST-213
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Bartek Grzybowski [Fri, 13 Sep 2019 06:35:48 +0000 (08:35 +0200)]
Fix mispelled routine name in vcpe scripts
headbridge -> heatbridge
Change-Id: I49cc3af80b74a9d03612625be2a35e039e6d28e1
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: DOC-549
Bartek Grzybowski [Fri, 13 Sep 2019 06:54:14 +0000 (08:54 +0200)]
Remove hardcoded SDNC pod name in vcpe scripts
Sdnc pod name is set as a property in VcpeCommon
class and it should be used across the script.
Also removed hardcoded public net prefix in
get_pod_node_public_ip and use class property
where it's assigned.
Change-Id: I0308c808a764ff114fc43591aed34d9695207fe5
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: TEST-212
Itohan Ukponmwan [Fri, 13 Sep 2019 00:08:39 +0000 (00:08 +0000)]
Fixed Bugs in HPA automtion script
Signed-off-by: Itohan Ukponmwan <itohan.ukponmwan@intel.com>
Issue-ID: INT-1137
Change-Id: I89fefb02d7d58453d490499716c581cb66895b59
Michal Ptacek [Thu, 12 Sep 2019 12:27:47 +0000 (12:27 +0000)]
Better specifying parts supposed to be changed
Following params are needed minimum required to be changed or
cross-checked when vCPE is tried in different lab
Change-Id: I911acc682560c9a727d2e14ae1d4a22206d6e6f8
Issue-ID: TEST-208
Signed-off-by: Michal Ptacek <m.ptacek@partner.samsung.com>
Bartek Grzybowski [Thu, 12 Sep 2019 07:51:34 +0000 (09:51 +0200)]
Add remarks related to Openstack's port security on vCPE
Extended anti-spoofing related notes with some hints on
dealing with Neutron's Port Security Extension Driver
which in some cases may prevent VNFs to function properly.
Change-Id: Icf4f44b8cbcaa70621bf21d5b72ff552be80d4e2
Issue-ID: DOC-549
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Bartek Grzybowski [Thu, 12 Sep 2019 12:04:59 +0000 (14:04 +0200)]
Improve external_net_addr property description in vCPE scripts
Change-Id: Ie06109bb5c62d4132a5db8c6cfeb9d4c297d05a5
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: TEST-208
Abdelmuhaimen Seaudi [Wed, 11 Sep 2019 21:53:04 +0000 (21:53 +0000)]
Deploy CDS in integration-override
Issue-ID: OOM-2085
Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
Change-Id: I324b58868286971c93a54ae269517e20b954d759
Michal Ptacek [Wed, 11 Sep 2019 12:04:35 +0000 (12:04 +0000)]
Adding hint regarding dhcp anti-spoofing for vCPE
Adding instructions for bypassing DHCP anti-spoofing rules
preventing vCPE to work.
Change-Id: Ic0f92a40a41e5e20dc43c360e429baba44a46fa1
Issue-ID: DOC-549
Signed-off-by: Michal Ptacek <m.ptacek@partner.samsung.com>
yangyan [Tue, 10 Sep 2019 04:11:10 +0000 (12:11 +0800)]
Fix the error of hpa when create ns
Change-Id: I6000c83a3a265a185dad8ac8ff90388df88850dd
Issue-ID: INT-1239
Signed-off-by: yangyan <yangyanyj@chinamobile.com>
Bartek Grzybowski [Tue, 10 Sep 2019 11:50:15 +0000 (13:50 +0200)]
Update healthcheck-k8s script synopsis in vCPE manual
This reflects changes made in regard of input parameters
done in Change-Id: Ib6e2875f351f095bd64acd706a6060e169c54e79
Also contains minor fix for 'namespace' and 'environment' vars
usage which are unused otherwise.
Change-Id: Ie479400dfa0d61c89a256d4aafb2c2d184f9b935
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: INT-1213
Brian Freeman [Mon, 9 Sep 2019 20:30:11 +0000 (15:30 -0500)]
Update robot image
Issue-ID: INT-1217
Change-Id: I5d7802def53d986a0bed16151afa806cba96becb
Signed-off-by: Brian Freeman <bf1936@att.com>
ecaiyanlinux [Fri, 6 Sep 2019 09:31:51 +0000 (09:31 +0000)]
Fix a bug in DFC CSIT
when mounting a shared volume, the uid:gid is changed automaticlly
which could cause potential unstable.
Change-Id: If6279489ba0ba3d24fdd6893e02d9babf29d7925
Issue-ID: DCAEGEN2-1702
Signed-off-by: ecaiyanlinux <martin.c.yan@est.tech>
maximesson [Fri, 30 Aug 2019 14:05:15 +0000 (14:05 +0000)]
Updated README files and adaptation of consul/cbs config
Change-Id: I81494f56978a3d0ff06ec0d66968f33f08114103
Issue-ID: DCAEGEN2-1719
Signed-off-by: maximesson <maxime.bonneau@est.tech>
yangyan [Mon, 9 Sep 2019 07:32:43 +0000 (15:32 +0800)]
Fix the bug of cli command error when onboard ns
Change-Id: I832a1cbbbf8b882089f941033fdc2acefce7e387
Issue-ID: INT-1239
Signed-off-by: yangyan <yangyanyj@chinamobile.com>
yangyan [Mon, 9 Sep 2019 07:27:31 +0000 (15:27 +0800)]
Fix bug of cli command error when onboard vnf
Change-Id: I25ca6c5a2cdf6eaca44cdcdb3f94e55c6bad899a
Issue-ID: INT-1239
Signed-off-by: yangyan <yangyanyj@chinamobile.com>
yangyan [Mon, 9 Sep 2019 02:00:23 +0000 (10:00 +0800)]
Fix invalid string error of vnf onboard
Change-Id: I1f0077554db7d37ed33c45cbc68d8fb554339539
Issue-ID: INT-1239
Signed-off-by: yangyan <yangyanyj@chinamobile.com>
Rene_Robert [Fri, 6 Sep 2019 06:02:33 +0000 (08:02 +0200)]
SNDC preload change (http to https, 30202 to 30267)
Issue-ID: DOC-542
Signed-off-by: Rene_Robert <rene.robert@orange.com>
Change-Id: Ice1fc5853d9ad31e79ea8e941a8b053589b80a30
Welch, Lorraine (lb2391) [Wed, 4 Sep 2019 20:45:36 +0000 (16:45 -0400)]
Update latest staging portal docker images
update to 2.6.0-STAGING-latest for now to test
Issue-ID: PORTAL-685
Signed-off-by: Welch, Lorraine (lb2391) <lb2391@att.com>
Change-Id: I5a49caa40c05569a1a5fea2f3378c2a9fd2c064f
Signed-off-by: Welch, Lorraine (lb2391) <lb2391@att.com>
Timoney, Dan (dt5972) [Wed, 4 Sep 2019 18:14:54 +0000 (14:14 -0400)]
Update SDNC/CCSDK staging versions
Update staging versions of CDS and dgbuilder to 0.6-STAGING-latest
and of SDNC to 1.7-STAGING-latest
Change-Id: I4a2a5f3ecdc2ed6085aa31c9e16fe1352e52dbe1
Issue-ID: SDNC-874
Signed-off-by: Timoney, Dan (dt5972) <dtimoney@att.com>
ecaiyanlinux [Fri, 30 Aug 2019 13:39:30 +0000 (13:39 +0000)]
Integrating DfC to use TLS sidecar container
Change-Id: I111bc5596346db70923645dcfe79af3e639c978c
Issue-ID: DCAEGEN2-1702
Signed-off-by: ecaiyanlinux <martin.c.yan@est.tech>
ecaiyanlinux [Wed, 21 Aug 2019 12:10:33 +0000 (12:10 +0000)]
Add tls-init-container to simulator
1.replace dr-sim/dr-redir-sim cert/key
2.update mr-sim, make it support https
3.update ftpes cert/key
Change-Id: I7bbde98f352d1e7d7c8775acf3d8af89a6ef7bdc
Issue-ID: DCAEGEN2-1702
Signed-off-by: ecaiyanlinux <martin.c.yan@est.tech>
Marco Platania [Thu, 29 Aug 2019 17:25:50 +0000 (13:25 -0400)]
Bump infra components version up
Issue-ID: INT-1231
Signed-off-by: Marco Platania <platania@research.att.com>
Change-Id: I3b883ed67e7c34ddf6d92f7069c859a4496ae31f
songgongjun [Wed, 28 Aug 2019 04:06:07 +0000 (21:06 -0700)]
Add comment about how to get cluster-ip
Issue-ID: INT-1227
Signed-off-by: songgongjun <gongjun.song@intel.com>
Change-Id: I40a261079330ca00b9eb15d431fb3b7ae4c319cb
Brian Freeman [Fri, 23 Aug 2019 16:09:18 +0000 (11:09 -0500)]
Add SO STAGING
Issue-ID: INT-1217
Change-Id: Id19619f999dbe00e8501cdc029a0bf5788efd28f
Signed-off-by: Brian Freeman <bf1936@att.com>
Brian Freeman [Thu, 22 Aug 2019 20:29:56 +0000 (15:29 -0500)]
Add staging image override
Issue-ID: INT-1217
Change-Id: I3b4f83552856d8551bba4787899d8901845fc4e6
Signed-off-by: Brian Freeman <bf1936@att.com>
Brian Freeman [Tue, 20 Aug 2019 18:13:58 +0000 (13:13 -0500)]
Ingest onap-lab-ci jjb's
Issue-ID: INT-1215
Change-Id: I448fb7a147daa26d760df6c83fef75aa69f05879
Signed-off-by: Brian Freeman <bf1936@att.com>
umry8364 [Wed, 21 Aug 2019 08:43:14 +0000 (10:43 +0200)]
Fix doc nit in Robot section
Issue-ID: DOC-534
Change-Id: Ibd4856a1b75d75fe786c7aa1d5337fa7972387a0
Signed-off-by: umry8364 <morgan.richomme@orange.com>
Michal Ptacek [Tue, 20 Aug 2019 11:37:43 +0000 (11:37 +0000)]
Making environment name configurable in vcpe healthcheck
Improving handling of arguments in healthcheck-k8s.py,
making environment name configurable.
Issue-ID: INT-1213
Change-Id: Ib6e2875f351f095bd64acd706a6060e169c54e79
Signed-off-by: Michal Ptacek <m.ptacek@partner.samsung.com>
umry8364 [Mon, 19 Aug 2019 16:33:25 +0000 (18:33 +0200)]
Add a section on Robot in the doc
Issue-ID: DOC-534
Change-Id: I62be1a4b8eac385015dac519023db4fb7e6bd4dd
Signed-off-by: umry8364 <morgan.richomme@orange.com>
Marco Platania [Fri, 16 Aug 2019 14:32:58 +0000 (10:32 -0400)]
Make cleanup script more generic
- Fix usage instructions
- Correct wrong input sequence
Issue-ID: INT-1073
Signed-off-by: Marco Platania <platania@research.att.com>
Change-Id: Ic01eb302d92d893d17eb71a9341be514cb12dc3f
Marco Platania [Thu, 15 Aug 2019 16:11:31 +0000 (12:11 -0400)]
Add preload description to scale out doc
Issue-ID: INT-1171
Signed-off-by: Marco Platania <platania@research.att.com>
Change-Id: Ia6f7d8276b720bdf0ff1f71d5f1ba66535283751
Brian Freeman [Thu, 15 Aug 2019 14:30:55 +0000 (09:30 -0500)]
add -n onap and job to cleanup
Issue-ID: INT-1204
Change-Id: I907bb48c2eee62d9448c99a49e4446771113ceff
Signed-off-by: Brian Freeman <bf1936@att.com>
TamasBakai [Thu, 15 Aug 2019 08:25:27 +0000 (08:25 +0000)]
Simulator integration for CSIT of generalized DfC
Issue-ID: DCAEGEN2-1719
Change-Id: I963cfaef30bc4e85d76fecddd310f091e8c00bd0
Signed-off-by: TamasBakai <tamas.bakai@est.tech>
Brian Freeman [Wed, 14 Aug 2019 22:28:09 +0000 (17:28 -0500)]
Revert zfs and ceph volume
Issue-ID: SDC-2502
Change-Id: Ief0bfdc02b05dca33a99d6a041ba905fb3cfd780
Signed-off-by: Brian Freeman <bf1936@att.com>
wsliwka [Thu, 8 Aug 2019 07:56:34 +0000 (09:56 +0200)]
Add onboarding package for pnf sim
Issue-ID: INT-1134
Signed-off-by: wsliwka <wojciech.sliwka@nokia.com>
Change-Id: I4a23e51b5e46f04d0299b1bb997f572ec828e616
Akhila Kishore [Mon, 15 Jul 2019 18:49:33 +0000 (11:49 -0700)]
Updating vfw_edgeX documentation.
Changes to the document has been made on wiki. Relecting those
here to have a uniform documentation available to all.
Issue-ID: MULTICLOUD-709
Signed-off-by: Akhila Kishore <akhila.kishore@intel.com>
Change-Id: I103bf97a54ca42f83baf05d3cf4db2189ab0b5b3
Pawel Wieczorek [Wed, 7 Aug 2019 11:52:49 +0000 (13:52 +0200)]
k8s: Add Makefile targets for testing
Issue-ID: SECCOM-235
Change-Id: I6ac5f3c160f1cd1d8faac90576ab943d4ed213a5
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Wed, 7 Aug 2019 11:38:38 +0000 (13:38 +0200)]
k8s: Add Makefile targets for external dependencies
Building "check" binary now requires several external dependencies. To
minimize setup effort, convenience make targets were provided.
Issue-ID: SECCOM-235
Change-Id: Iec74c0652a5ed3a90d4504216b00ef20bdb7e81f
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Tue, 6 Aug 2019 14:04:53 +0000 (16:04 +0200)]
k8s: Add support for RKE-deployed clusters
RKE is used as a Kubernetes cluster deployment method from ONAP Dublin
release. RKE cluster definition is used to get access to necessary
information.
Issue-ID: SECCOM-235
Change-Id: I588598011ea746b5f7ba327a48f1cea605e56d31
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Tue, 6 Aug 2019 13:56:56 +0000 (15:56 +0200)]
k8s: Add test cases for Dublin API server
Issue-ID: SECCOM-235
Change-Id: Ie6d43b9db767f191f883a2912916bc8abf9d3ad6
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Tue, 6 Aug 2019 13:49:34 +0000 (15:49 +0200)]
k8s: Unify order of API server test cases
So far CIS-compliant configuration has been validated first unless
configuration used in ONAP release did not pass given benchmark.
Issue-ID: SECCOM-235
Change-Id: Ibdb523ab7ab6b8285757719721f75aca57beeb82
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Tomasz Golabek [Wed, 7 Aug 2019 09:02:42 +0000 (11:02 +0200)]
Pnfsimulator-docker push configuration
New configuration for pnfsimulator and netconfsimulator added for docker builds.
Version of maven docker plugin downgraded to 1.0.0
Single tag added to images
Change-Id: Ia0e38b2c65e943614c7463d7889a7ca0b1aa0517
Issue-ID: INT-1134
Signed-off-by: Tomasz Golabek <tomasz.golabek@nokia.com>
Rene_Robert [Fri, 2 Aug 2019 12:16:37 +0000 (14:16 +0200)]
Add doc about ONAP Postman collection
Issue-ID: INT-1185
Signed-off-by: Rene_Robert <rene.robert@orange.com>
Change-Id: I1cf5d79951bfff5ff71e488a1c524099bd2d37a8
Pawel Wieczorek [Wed, 31 Jul 2019 13:38:15 +0000 (15:38 +0200)]
k8s: Make ONAP context default for kubectl
This patch uses previously added alias for kubectl context switching in
case it is needed as a template for other contexts as well.
Issue-ID: SECCOM-235
Change-Id: Ie92641ee3763a027cd74dd21bf4364a2d796eb1d
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Tue, 30 Jul 2019 14:43:19 +0000 (16:43 +0200)]
k8s: Silence package manager and make it noninteractive
This patch sets debconf frontend to noninteractive by including
additional field in the first stanza of configuration file. Its
placement has been chosen arbitrarily - both 'Config' and 'Templates'
fields "are required in this first stanza" [1].
It also makes symlinking script more generic.
[1] man 5 debconf.conf (provided by "debconf-doc" in Ubuntu)
Issue-ID: SECCOM-235
Change-Id: If9dcc712d1ff7f527d3bc59f4c1709cffe4cbda5
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Mon, 29 Jul 2019 11:17:51 +0000 (13:17 +0200)]
k8s: Add kubectl provisioners (downloading and setting up)
Setting up kubectl depends on presence of K8s cluster post-deployment
artifacts, hence it's disabled by default. Relevant information added to
post-up message.
This patch also removes unneeded curly braces from
"tools/dublin/get_rke.sh" script.
Issue-ID: SECCOM-235
Change-Id: I917ebbda588639f0941e16c65759430a7a1e64ff
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Mon, 29 Jul 2019 09:47:26 +0000 (11:47 +0200)]
k8s: Make operator machine destruction graceful
Issue-ID: SECCOM-235
Change-Id: I9913d9a8f525b4b9582bf821008dd567258a719c
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Tue, 30 Jul 2019 14:27:45 +0000 (16:27 +0200)]
k8s: Add post-up message for actual cluster creation
Issue-ID: SECCOM-235
Change-Id: I8f9d4362da50a8b3f2aa1baf3633d818da2ed3a5
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Rene_Robert [Tue, 30 Jul 2019 15:11:26 +0000 (17:11 +0200)]
Issue-ID: INT-1178
updated Postman collection for Dublin
Signed-off-by: Rene_Robert <rene.robert@orange.com>
Change-Id: I94b9180e86b96f75780854211da67d85acc90d48
Konrad Bańka [Tue, 30 Jul 2019 07:02:42 +0000 (09:02 +0200)]
Correct minor issues in onap deployment scripts
Generated by deploy.sh heat template has been fixed to allow
provisioning onap without proxy. Some minor fixes have been
also implemented in openstack resources checks and git operations.
Issue-ID: MULTICLOUD-708
Signed-off-by: Konrad Bańka <k.banka@samsung.com>
Change-Id: Ie97b1845e217068a1c5634fbf8f2864cd4a4da29
Brian Freeman [Tue, 30 Jul 2019 13:42:00 +0000 (08:42 -0500)]
change flavor for longer live migration timeout
Issue-ID: INT-835
Change-Id: I40ba07a98e9b57d9d7ba6232dc8836a0899c3366
Signed-off-by: Brian Freeman <bf1936@att.com>
Marco Platania [Tue, 30 Jul 2019 13:15:35 +0000 (09:15 -0400)]
Fix typo in scale out documentation
Change-Id: Ib9776a1d944fda8d2a325521469988d2c24c8a6b
Issue-ID: INT-1171
Signed-off-by: Marco Platania <platania@research.att.com>
Brian Freeman [Mon, 29 Jul 2019 21:00:06 +0000 (16:00 -0500)]
Convert SB05/06/07 to Shared tenants
Issue-ID: INT-1172
Change-Id: I52e83b370bc1611bdd770258d3860e44c4bde931
Signed-off-by: Brian Freeman <bf1936@att.com>
Pawel Wieczorek [Fri, 26 Jul 2019 13:53:26 +0000 (15:53 +0200)]
k8s: Allow Dublin cluster creation using RKE
This patch adds sample cluster.yml which is based on Dublin cluster
configuration file [1]. Main difference is in avoiding repetition by
using anchors and alias nodes.
Actual cluster creation provisioner is disabled by default because
'control' and 'worker' nodes might not be ready yet.
[1] https://docs.onap.org/en/dublin/_downloads/
27934fe702048777f312d77dc30cd05a/cluster.yml
Issue-ID: SECCOM-235
Change-Id: Ibba0e754ba87e334cdaa61de83e48107f91083d9
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Fri, 26 Jul 2019 12:38:54 +0000 (14:38 +0200)]
k8s: Extract hardcoded synced folder for dotfiles
Issue-ID: SECCOM-235
Change-Id: I85efb88476cb1d6bfaee44b6bcd6275477e77ba5
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Fri, 26 Jul 2019 12:22:03 +0000 (14:22 +0200)]
k8s: Use named provisioners
This not only makes testing easier, but also allows better control over
VM provisioning after its creation.
Issue-ID: SECCOM-235
Change-Id: I29ab3ed46976267e1043c2f61f56578f2c5d7a57
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Fri, 26 Jul 2019 12:14:19 +0000 (14:14 +0200)]
k8s: Add simple logging to provisioning scripts
Issue-ID: SECCOM-235
Change-Id: Iaeb4b3e621f09ea14b9576126223e4df4b8682f3
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Fri, 26 Jul 2019 12:04:39 +0000 (14:04 +0200)]
k8s: Unify provisioning scripts
This patch:
* removes remaining string interpolation (for future script reuse),
* makes DNS replacement provisioner always run.
This way VM definition is more concise and resilient.
Issue-ID: SECCOM-235
Change-Id: I382dae5e256b46577c4c8af3aa45ab4d64d1b2b9
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Fri, 26 Jul 2019 11:58:02 +0000 (13:58 +0200)]
k8s: Remove repetition from provisioning scripts
Issue-ID: SECCOM-235
Change-Id: If286ba074ee74c43705197a30c50322d5162e6fc
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Fri, 26 Jul 2019 11:40:23 +0000 (13:40 +0200)]
k8s: Remove hardcoded password for 'vagrant' user
Password for 'vagrant' user is now passed through exported environmental
variable.
This patch also:
* removes the assumption of having 'vagrant' user on cluster nodes (for
future scripts reuse),
* removes mixed string interpolation and passing shell variables,
* replaces '~' with '$HOME' for proper substitiution.
Issue-ID: SECCOM-235
Change-Id: Id9e7b6acccd902de4c414cd8a0f095ac135fee5a
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Fri, 26 Jul 2019 11:29:50 +0000 (13:29 +0200)]
k8s: Silence download utilities
This patch intends to make virtual environment creation logs more
readable. Parameters were chosen in a way errors will still be shown the
operator.
This patch might also prove itself useful in other virtual environment
creation tools such as 'devtool' [1] (unless maintainers insist on
having full logs).
[1] https://git.onap.org/integration/devtool
Issue-ID: SECCOM-235
Change-Id: I5e07b1b1ed37d36470c18ba0cfe653e40eff300b
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Brian Freeman [Thu, 25 Jul 2019 17:09:15 +0000 (12:09 -0500)]
Update for Keystone V3
Issue-ID: OOM-1982
Change-Id: I919cd28934eceb5595f93bcde52879b9ce6699fd
Signed-off-by: Brian Freeman <bf1936@att.com>
Marco Platania [Wed, 24 Jul 2019 14:17:41 +0000 (10:17 -0400)]
Fix typos in the scale out documentation
Change-Id: Id245450940506af726d2219c34c0033e2151c21b
Issue-ID: INT-1171
Signed-off-by: Marco Platania <platania@research.att.com>
Pawel Wieczorek [Wed, 24 Jul 2019 12:19:46 +0000 (14:19 +0200)]
k8s: Change virtual environment utility scripts privilege requirements
This patch also extends in-file comment on scripts' requirements and
suggested usage.
Issue-ID: SECCOM-235
Change-Id: I0dddbad79fb3392ffe35c3e06d4006cd499d9923
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Tue, 23 Jul 2019 13:02:00 +0000 (15:02 +0200)]
k8s: Add "vagrant" user to "docker" group in virtual environment
Node customization scripts do that for "ubuntu" user only (added by
default on OpenStack images). Vagrant boxes use "vagrant" user [1]
instead.
[1] https://www.vagrantup.com/docs/boxes/base.html#quot-vagrant-quot-user
Issue-ID: SECCOM-235
Change-Id: Ic4f832aa9a37230503e3c5bd29f8ae5fcd3883db
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Piotr Darosz [Mon, 22 Jul 2019 05:38:00 +0000 (07:38 +0200)]
Get rid of binary files in pnfsimulator repo
Remove usage of binary files in pnfsimulator vcs
Issue-ID: INT-1134
Signed-off-by: Piotr Darosz <piotr.darosz@nokia.com>
Change-Id: I23b8f01a099b7e80542d258b2e0bcd34742d3684
Pawel Wieczorek [Fri, 19 Jul 2019 17:10:07 +0000 (19:10 +0200)]
k8s: Add virtual environment for Dublin
Default cluster nodes customization scripts were extracted in the same
manner as those for Casablanca release [1]. Constraints still apply.
[1] SHA-1:
ea8bc1a719a36c89e7eae42080b1835e5ef0c28d
(Change-Id: I57f9f3caac0e8b391e9ed480f6bebba98e006882)
Issue-ID: SECCOM-235
Change-Id: I54ada5fade3b984dedd1715f20579e3ce901faa3
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Mon, 15 Jul 2019 16:24:32 +0000 (18:24 +0200)]
k8s: Extract all remaining hardcoded constants
Vagrant VM definition no longer contains hardcoded values in cluster
definition.
Issue-ID: SECCOM-235
Change-Id: Id9f2d9878a7d788a62d5a12ccd47dfafe9f39fe3
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Mon, 15 Jul 2019 16:10:02 +0000 (18:10 +0200)]
k8s: Replace default DNS to work in corporate networks
Default DNS addresses used in "generic/ubuntu1604" box (4.2.2.1,
4.2.2.2, 208.67.220.220) might not work properly in corporate
environment. To deal with this, host machine DNS configuration can be
used instead.
Issue-ID: SECCOM-235
Change-Id: Ic8a5553f01989e1a2b00228fa0449a680f11d452
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Gary Wu [Fri, 19 Jul 2019 17:47:12 +0000 (10:47 -0700)]
Script to pull ONAP images in helm charts
Issue-ID: INT-1117
Signed-off-by: Gary Wu <gary.wu@futurewei.com>
Change-Id: Iefba99a8cec034e3fb8d0bf828aeb342ee0f8d5e
Wojciech Sliwka [Wed, 10 Jul 2019 11:48:52 +0000 (13:48 +0200)]
Opensourcing new version of Simulator
Additional info in README.md
Issue-ID: INT-1134
Signed-off-by: Wojciech Sliwka <wojciech.sliwka@nokia.com>
Change-Id: I06d41fd3f361b7a451b30b702882810e4136a129
bilal.iqbal [Fri, 19 Jul 2019 13:37:10 +0000 (13:37 +0000)]
SDC alignment SOL004 2.6.1
Updating TOSCA.meta metadata Created-by key to Created-By
Issue-ID: SDC-2402
Change-Id: I15ce47d3d97b5809ad5baa34a366c0d10333cb00
Signed-off-by: bilal.iqbal <bilal.iqbal@est.tech>