From 50aafc5ef50a1280c9e85d12be3d24104258ae95 Mon Sep 17 00:00:00 2001 From: Dominic Lunanuova Date: Fri, 30 Mar 2018 02:29:23 +0000 Subject: [PATCH] Initial chart for dmaap - 2nd attempt This should conform to new OOM standard helm structure. It starts a directory called dmaap which will hold all dmaap components. But for now it only has buscontroller. Once we get this working, we can add message-router. (see DMAAP-386) Patch 2 gets private postgresql working. I'd prefer to integreate with common postgresql from Tony in a future commit to avoid any immediate delivery timing dependency. Patch 3 corrects some port mapping from service to pod. Change-Id: Id9838d7ddb2ccccfc8b0e3f3b9e50f9b5672c484 Signed-off-by: Dominic Lunanuova Issue-ID: DMAAP-117 Signed-off-by: Dominic Lunanuova --- kubernetes/dmaap/.helmignore | 21 ++++ kubernetes/dmaap/Chart.yaml | 18 +++ kubernetes/dmaap/README.md | 11 ++ kubernetes/dmaap/charts/postgresql/Chart.yaml | 16 +++ .../dmaap/charts/postgresql/templates/Notes.txt | 35 ++++++ .../dmaap/charts/postgresql/templates/_helpers.tpl | 36 ++++++ .../charts/postgresql/templates/deployment.yaml | 128 +++++++++++++++++++++ .../charts/postgresql/templates/networkpolicy.yaml | 28 +++++ .../dmaap/charts/postgresql/templates/pvc.yaml | 28 +++++ .../dmaap/charts/postgresql/templates/secrets.yaml | 19 +++ .../dmaap/charts/postgresql/templates/svc.yaml | 30 +++++ kubernetes/dmaap/charts/postgresql/values.yaml | 123 ++++++++++++++++++++ kubernetes/dmaap/requirements.yaml | 18 +++ kubernetes/dmaap/resources/config/README.txt | 10 ++ .../dmaap/resources/config/application.properties | 1 + .../dmaap/resources/config/buscontroller.env | 12 ++ kubernetes/dmaap/templates/NOTES.txt | 19 +++ kubernetes/dmaap/templates/configmap.yaml | 21 ++++ kubernetes/dmaap/templates/deployment.yaml | 113 ++++++++++++++++++ kubernetes/dmaap/templates/service.yaml | 60 ++++++++++ kubernetes/dmaap/values.yaml | 118 +++++++++++++++++++ 21 files changed, 865 insertions(+) create mode 100644 kubernetes/dmaap/.helmignore create mode 100644 kubernetes/dmaap/Chart.yaml create mode 100644 kubernetes/dmaap/README.md create mode 100644 kubernetes/dmaap/charts/postgresql/Chart.yaml create mode 100644 kubernetes/dmaap/charts/postgresql/templates/Notes.txt create mode 100644 kubernetes/dmaap/charts/postgresql/templates/_helpers.tpl create mode 100644 kubernetes/dmaap/charts/postgresql/templates/deployment.yaml create mode 100644 kubernetes/dmaap/charts/postgresql/templates/networkpolicy.yaml create mode 100644 kubernetes/dmaap/charts/postgresql/templates/pvc.yaml create mode 100644 kubernetes/dmaap/charts/postgresql/templates/secrets.yaml create mode 100644 kubernetes/dmaap/charts/postgresql/templates/svc.yaml create mode 100644 kubernetes/dmaap/charts/postgresql/values.yaml create mode 100644 kubernetes/dmaap/requirements.yaml create mode 100644 kubernetes/dmaap/resources/config/README.txt create mode 100644 kubernetes/dmaap/resources/config/application.properties create mode 100644 kubernetes/dmaap/resources/config/buscontroller.env create mode 100644 kubernetes/dmaap/templates/NOTES.txt create mode 100644 kubernetes/dmaap/templates/configmap.yaml create mode 100644 kubernetes/dmaap/templates/deployment.yaml create mode 100644 kubernetes/dmaap/templates/service.yaml create mode 100644 kubernetes/dmaap/values.yaml diff --git a/kubernetes/dmaap/.helmignore b/kubernetes/dmaap/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/dmaap/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/dmaap/Chart.yaml b/kubernetes/dmaap/Chart.yaml new file mode 100644 index 0000000000..a83b50b2d3 --- /dev/null +++ b/kubernetes/dmaap/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: a Helm chart to deploy ONAP DMaaP componetns in Kubernetes +name: dmaap +version: 2.0.0 diff --git a/kubernetes/dmaap/README.md b/kubernetes/dmaap/README.md new file mode 100644 index 0000000000..e185fdc6a7 --- /dev/null +++ b/kubernetes/dmaap/README.md @@ -0,0 +1,11 @@ +# Helm Chart for ONAP DMaaP Applications + +ONAP includes the following Kubernetes services: + +1) message-router - a message bus for applications +2) dmaap-prov - an API to provision DMaaP resources + +# Service Dependencies + +message-router depends on AAF +dmaap-prov depends on AAF and Postgresql. NOTE: until Postgresql is available as a common service in ONAP, this chart deploys a private instance based on kubernetes/stable chart diff --git a/kubernetes/dmaap/charts/postgresql/Chart.yaml b/kubernetes/dmaap/charts/postgresql/Chart.yaml new file mode 100644 index 0000000000..c64338735a --- /dev/null +++ b/kubernetes/dmaap/charts/postgresql/Chart.yaml @@ -0,0 +1,16 @@ +name: postgresql +version: 0.9.3 +description: Object-relational database management system (ORDBMS) with an emphasis on extensibility and on standards-compliance. +keywords: +- postgresql +- postgres +- database +- sql +home: https://www.postgresql.org/ +icon: https://www.postgresql.org/media/img/about/press/elephant.png +sources: +- https://github.com/kubernetes/charts +- https://github.com/docker-library/postgres +maintainers: +- name: databus23 +engine: gotpl diff --git a/kubernetes/dmaap/charts/postgresql/templates/Notes.txt b/kubernetes/dmaap/charts/postgresql/templates/Notes.txt new file mode 100644 index 0000000000..9b49bb2982 --- /dev/null +++ b/kubernetes/dmaap/charts/postgresql/templates/Notes.txt @@ -0,0 +1,35 @@ +# PostgreSQL can be accessed via port 5432 on the following DNS name from within your cluster: +# {{ template "postgresql.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local +# +# To get your user password run: +# +# PGPASSWORD=$(kubectl get secret --namespace {{ .Values.global.nsPrefix }} {{ template "postgresql.fullname" . }} -o jsonpath="{.data.postgres-password}" | base64 --decode; echo) +# +# To connect to your database run the following command (using the env variable from above): +# +# kubectl run --namespace {{ .Values.global.nsPrefix }} {{ template "postgresql.fullname" . }}-client --restart=Never --rm --tty -i --image postgres \ +# --env "PGPASSWORD=$PGPASSWORD" \{{- if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }} +# --labels="{{ template "postgresql.fullname" . }}-client=true" \{{- end }} +# --command -- psql -U {{ default "postgres" .Values.postgresUser }} \ +# -h {{ template "postgresql.fullname" . }} {{ default "postgres" .Values.postgresDatabase }} +# +# {{ if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }} +# Note: Since NetworkPolicy is enabled, only pods with label +# {{ template "postgresql.fullname" . }}-client=true" +# will be able to connect to this PostgreSQL cluster. +# {{- end }} +# +# To connect to your database directly from outside the K8s cluster: +# {{- if contains "NodePort" .Values.service.type }} +# PGHOST=$(kubectl get nodes --namespace {{ .Values.global.nsPrefix }} -o jsonpath='{.items[0].status.addresses[0].address}') +# PGPORT=$(kubectl get svc --namespace {{ .Values.global.nsPrefix }} {{ template "postgresql.fullname" . }} -o jsonpath='{.spec.ports[0].nodePort}') +# +# {{- else if contains "ClusterIP" .Values.service.type }} +# PGHOST=127.0.0.1 +# PGPORT={{ default "5432" .Values.service.port }} +# +# # Execute the following commands to route the connection: +# export POD_NAME=$(kubectl get pods --namespace {{ .Values.global.nsPrefix }} -l "app={{ template "postgresql.fullname" . }}" -o jsonpath="{.items[0].metadata.name}") +# kubectl port-forward --namespace {{ .Values.global.nsPrefix }} $POD_NAME {{ default "5432" .Values.service.port }}:{{ default "5432" .Values.service.port }} +# +# {{- end }} diff --git a/kubernetes/dmaap/charts/postgresql/templates/_helpers.tpl b/kubernetes/dmaap/charts/postgresql/templates/_helpers.tpl new file mode 100644 index 0000000000..b2d3d523a9 --- /dev/null +++ b/kubernetes/dmaap/charts/postgresql/templates/_helpers.tpl @@ -0,0 +1,36 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "postgresql.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "postgresql.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for networkpolicy. +*/}} +{{- define "postgresql.networkPolicy.apiVersion" -}} +{{- if and (ge .Capabilities.KubeVersion.Minor "4") (le .Capabilities.KubeVersion.Minor "6") -}} +"extensions/v1beta1" +{{- else if ge .Capabilities.KubeVersion.Minor "7" -}} +"networking.k8s.io/v1" +{{- end -}} +{{- end -}} diff --git a/kubernetes/dmaap/charts/postgresql/templates/deployment.yaml b/kubernetes/dmaap/charts/postgresql/templates/deployment.yaml new file mode 100644 index 0000000000..57acfbda9b --- /dev/null +++ b/kubernetes/dmaap/charts/postgresql/templates/deployment.yaml @@ -0,0 +1,128 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ template "postgresql.fullname" . }} + namespace: {{ .Values.global.nsPrefix }} + labels: + app: {{ template "postgresql.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + template: + metadata: + labels: + app: {{ template "postgresql.fullname" . }} + spec: + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.tolerations }} + tolerations: +{{ toYaml .Values.tolerations | indent 8 }} + {{- end }} + {{- if .Values.schedulerName }} + schedulerName: "{{ .Values.schedulerName }}" + {{- end }} + containers: + - name: {{ template "postgresql.fullname" . }} + image: "{{ .Values.image }}:{{ .Values.imageTag }}" + imagePullPolicy: {{ default "" .Values.imagePullPolicy | quote }} + args: + {{- range $key, $value := default dict .Values.postgresConfig }} + - -c + - '{{ $key | snakecase }}={{ $value }}' + {{- end }} + env: + - name: POSTGRES_USER + value: {{ default "postgres" .Values.global.postgresUser | quote }} + # Required for pg_isready in the health probes. + - name: PGUSER + value: {{ default "postgres" .Values.global.postgresUser | quote }} + - name: POSTGRES_DB + value: {{ default "" .Values.global.postgresDatabase | quote }} + - name: POSTGRES_INITDB_ARGS + value: {{ default "" .Values.postgresInitdbArgs | quote }} + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + - name: POSTGRES_PASSWORD + value: {{ default "postgres" .Values.global.postgresPassword | quote }} +# original code: +# valueFrom: +# secretKeyRef: +# name: {{ template "postgresql.fullname" . }} +# key: postgres-password + - name: POD_IP + valueFrom: { fieldRef: { fieldPath: status.podIP } } + ports: + - name: postgresql + containerPort: 5432 + livenessProbe: + exec: + command: + - sh + - -c + - exec pg_isready --host $POD_IP + initialDelaySeconds: 120 + timeoutSeconds: 5 + failureThreshold: 6 + readinessProbe: + exec: + command: + - sh + - -c + - exec pg_isready --host $POD_IP + initialDelaySeconds: 5 + timeoutSeconds: 3 + periodSeconds: 5 + resources: +{{ toYaml .Values.resources | indent 10 }} + volumeMounts: + - name: data + mountPath: {{ .Values.persistence.mountPath }} + subPath: {{ .Values.persistence.subPath }} +{{- if .Values.metrics.enabled }} + - name: metrics + image: "{{ .Values.metrics.image }}:{{ .Values.metrics.imageTag }}" + imagePullPolicy: {{ default "" .Values.metrics.imagePullPolicy | quote }} + env: + - name: DATA_SOURCE_NAME + value: postgresql://postgres@127.0.0.1:5432?sslmode=disable + ports: + - name: metrics + containerPort: 9187 + {{- if .Values.metrics.customMetrics }} + args: ["-extend.query-path", "/conf/custom-metrics.yaml"] + volumeMounts: + - name: custom-metrics + mountPath: /conf + readOnly: true + {{- end }} + resources: +{{ toYaml .Values.metrics.resources | indent 10 }} +{{- end }} + volumes: + - name: data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim | default (include "postgresql.fullname" .) }} + {{- else }} + emptyDir: {} + {{- end }} + {{- if and .Values.metrics.enabled .Values.metrics.customMetrics }} + - name: custom-metrics + secret: + secretName: {{ template "postgresql.fullname" . }} + items: + - key: custom-metrics.yaml + path: custom-metrics.yaml + {{- end }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.imagePullSecrets }} + {{- end }} diff --git a/kubernetes/dmaap/charts/postgresql/templates/networkpolicy.yaml b/kubernetes/dmaap/charts/postgresql/templates/networkpolicy.yaml new file mode 100644 index 0000000000..92f3b71b15 --- /dev/null +++ b/kubernetes/dmaap/charts/postgresql/templates/networkpolicy.yaml @@ -0,0 +1,28 @@ +{{- if .Values.networkPolicy.enabled }} +kind: NetworkPolicy +apiVersion: {{ template "postgresql.networkPolicy.apiVersion" . }} +metadata: + name: "{{ template "postgresql.fullname" . }}" + labels: + app: {{ template "postgresql.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + podSelector: + matchLabels: + app: "{{ template "postgresql.fullname" . }}" + ingress: + # Allow inbound connections + - ports: + - port: 5432 + {{- if not .Values.networkPolicy.allowExternal }} + from: + - podSelector: + matchLabels: + {{ template "postgresql.fullname" . }}-client: "true" + {{- end }} + # Allow prometheus scrapes + - ports: + - port: 9187 +{{- end }} diff --git a/kubernetes/dmaap/charts/postgresql/templates/pvc.yaml b/kubernetes/dmaap/charts/postgresql/templates/pvc.yaml new file mode 100644 index 0000000000..f1d38dfb14 --- /dev/null +++ b/kubernetes/dmaap/charts/postgresql/templates/pvc.yaml @@ -0,0 +1,28 @@ +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ template "postgresql.fullname" . }} + labels: + app: {{ template "postgresql.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubernetes/dmaap/charts/postgresql/templates/secrets.yaml b/kubernetes/dmaap/charts/postgresql/templates/secrets.yaml new file mode 100644 index 0000000000..6dd4c7da55 --- /dev/null +++ b/kubernetes/dmaap/charts/postgresql/templates/secrets.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "postgresql.fullname" . }} + labels: + app: {{ template "postgresql.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +type: Opaque +data: + {{ if .Values.postgresPassword }} + postgres-password: {{ .Values.postgresPassword | b64enc | quote }} + {{ else }} + postgres-password: {{ randAlphaNum 10 | b64enc | quote }} + {{ end }} + {{- if .Values.metrics.customMetrics }} + custom-metrics.yaml: {{ toYaml .Values.metrics.customMetrics | b64enc | quote }} + {{- end }} diff --git a/kubernetes/dmaap/charts/postgresql/templates/svc.yaml b/kubernetes/dmaap/charts/postgresql/templates/svc.yaml new file mode 100644 index 0000000000..f6373c8368 --- /dev/null +++ b/kubernetes/dmaap/charts/postgresql/templates/svc.yaml @@ -0,0 +1,30 @@ +apiVersion: v1 +kind: Service +metadata: + name: dmaap-prov-{{ template "postgresql.name" . }} + namespace: {{ .Values.global.nsPrefix }} + labels: + app: {{ template "postgresql.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.metrics.enabled }} + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "9187" +{{- end }} +spec: + type: {{ .Values.service.type }} + ports: + - name: postgresql + port: {{ .Values.service.port }} + targetPort: postgresql + {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }} + nodePort: {{ .Values.service.nodePort }} + {{- end }} +{{- if .Values.service.externalIPs }} + externalIPs: +{{ toYaml .Values.service.externalIPs | indent 4 }} +{{- end }} + selector: + app: {{ template "postgresql.fullname" . }} diff --git a/kubernetes/dmaap/charts/postgresql/values.yaml b/kubernetes/dmaap/charts/postgresql/values.yaml new file mode 100644 index 0000000000..37bbddaef9 --- /dev/null +++ b/kubernetes/dmaap/charts/postgresql/values.yaml @@ -0,0 +1,123 @@ +## postgres image repository +image: "postgres" +## postgres image version +## ref: https://hub.docker.com/r/library/postgres/tags/ +## +imageTag: "9.6.2" + +## Specify a imagePullPolicy +## 'Always' if imageTag is 'latest', else set to 'IfNotPresent' +## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images +## +# imagePullPolicy: + +## Specify imagePullSecrets +## ref: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod +## +# imagePullSecrets: myregistrykey + +## Create a database user +## Default: postgres +#postgresUser: "dmaap" +## Default: random 10 character string +#postgresPassword: "onapdemodb" + +## Create a database +## Default: the postgres user +#postgresDatabase: "dmaap" + +## Specify initdb arguments, e.g. --data-checksums +## ref: https://github.com/docker-library/docs/blob/master/postgres/content.md#postgres_initdb_args +## ref: https://www.postgresql.org/docs/current/static/app-initdb.html +# postgresInitdbArgs: + +## Use an alternate scheduler, e.g. "stork". +## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ +## +# schedulerName: + +## Specify runtime config parameters as a dict, using camelCase, e.g. +## {"sharedBuffers": "500MB"} +## ref: https://www.postgresql.org/docs/current/static/runtime-config.html +# postgresConfig: + +## Persist data to a persitent volume +persistence: + enabled: false + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + accessMode: ReadWriteOnce + size: 8Gi + subPath: "postgresql-db" + mountPath: /var/lib/postgresql/data/pgdata + + # annotations: {} + +metrics: + enabled: false + image: wrouesnel/postgres_exporter + imageTag: v0.1.1 + imagePullPolicy: IfNotPresent + resources: + requests: + memory: 256Mi + cpu: 100m + ## Define additional custom metrics + ## ref: https://github.com/wrouesnel/postgres_exporter#adding-new-metrics-via-a-config-file + # customMetrics: + # pg_database: + # query: "SELECT d.datname AS name, CASE WHEN pg_catalog.has_database_privilege(d.datname, 'CONNECT') THEN pg_catalog.pg_database_size(d.datname) ELSE 0 END AS size FROM pg_catalog.pg_database d where datname not in ('template0', 'template1', 'postgres')" + # metrics: + # - name: + # usage: "LABEL" + # description: "Name of the database" + # - size_bytes: + # usage: "GAUGE" + # description: "Size of the database in bytes" + +## Configure resource requests and limits +## ref: http://kubernetes.io/docs/user-guide/compute-resources/ +## +resources: + requests: + memory: 256Mi + cpu: 100m + +service: + type: ClusterIP + port: 5432 + externalIPs: [] + ## Manually set NodePort value + ## Requires service.type: NodePort + # nodePort: + +networkPolicy: + ## Enable creation of NetworkPolicy resources. + ## + enabled: false + + ## The Policy model to apply. When set to false, only pods with the correct + ## client label will have network access to the port PostgreSQL is listening + ## on. When true, PostgreSQL will accept connections from any source + ## (with the correct destination port). + ## + allowExternal: true + +## Node labels and tolerations for pod assignment +## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector +## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature +nodeSelector: {} +tolerations: [] +affinity: {} diff --git a/kubernetes/dmaap/requirements.yaml b/kubernetes/dmaap/requirements.yaml new file mode 100644 index 0000000000..a5ef229145 --- /dev/null +++ b/kubernetes/dmaap/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~2.0.0 + repository: '@local' diff --git a/kubernetes/dmaap/resources/config/README.txt b/kubernetes/dmaap/resources/config/README.txt new file mode 100644 index 0000000000..5cc01497f5 --- /dev/null +++ b/kubernetes/dmaap/resources/config/README.txt @@ -0,0 +1,10 @@ +This directory contains all external configuration files that +need to be mounted into an application container. + +See the configmap.yaml in the templates directory for an example +of how to load (ie map) config files from this directory, into +Kubernetes, for distribution within the k8s cluster. + +See deployment.yaml in the templates directory for an example +of how the 'config mapped' files are then mounted into the +containers. diff --git a/kubernetes/dmaap/resources/config/application.properties b/kubernetes/dmaap/resources/config/application.properties new file mode 100644 index 0000000000..496a15a531 --- /dev/null +++ b/kubernetes/dmaap/resources/config/application.properties @@ -0,0 +1 @@ +sampleConfigKey=sampleConfigValue \ No newline at end of file diff --git a/kubernetes/dmaap/resources/config/buscontroller.env b/kubernetes/dmaap/resources/config/buscontroller.env new file mode 100644 index 0000000000..74d7822faa --- /dev/null +++ b/kubernetes/dmaap/resources/config/buscontroller.env @@ -0,0 +1,12 @@ +DMAAPBC_PG_ENABLED=true +DMAAPBC_PGHOST=dmaap-prov-postgresql +DMAAPBC_PGDBNAME={{ .Values.global.postgresDatabase }} +DMAAPBC_PGCRED={{ .Values.global.postgresPassword }} +DMAAPBC_PGUSER={{ .Values.global.postgresUser }} +DMAAPBC_MR_CNAME={{ .Values.dmaapMessageRouterService }} +DMAAPBC_AAF_URL={{ .Values.aafURL }} +DMAAPBC_TOPICMGR_USER={{ .Values.topicMgrUser }} +DMAAPBC_TOPICMGR_PWD={{ .Values.topicMgrPwd }} +DMAAPBC_ADMIN_USER={{ .Values.adminUser }} +DMAAPBC_ADMIN_PWD={{ .Values.adminPwd }} + diff --git a/kubernetes/dmaap/templates/NOTES.txt b/kubernetes/dmaap/templates/NOTES.txt new file mode 100644 index 0000000000..33b47cfc02 --- /dev/null +++ b/kubernetes/dmaap/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Values.global.nsPrefix }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}-prov) + export NODE_IP=$(kubectl get nodes --namespace {{ .Values.global.nsPrefix }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Values.global.nsPrefix }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Values.global.nsPrefix }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/dmaap/templates/configmap.yaml b/kubernetes/dmaap/templates/configmap.yaml new file mode 100644 index 0000000000..0d6a348249 --- /dev/null +++ b/kubernetes/dmaap/templates/configmap.yaml @@ -0,0 +1,21 @@ +# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ .Values.global.nsPrefix }} +data: +{{ tpl (.Files.Glob "resources/config/buscontroller.env").AsConfig . | indent 2 }} diff --git a/kubernetes/dmaap/templates/deployment.yaml b/kubernetes/dmaap/templates/deployment.yaml new file mode 100644 index 0000000000..824548bd5e --- /dev/null +++ b/kubernetes/dmaap/templates/deployment.yaml @@ -0,0 +1,113 @@ +# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + #name: {{ .Release.Name }}-{{ include "common.name" . }}-buscontroller + name: {{ include "common.name" . }}-{{ .Values.buscontroller.service }} + namespace: {{ .Values.global.nsPrefix }} + labels: + app: {{ include "common.name" . }}-{{ .Values.buscontroller.service }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.buscontroller.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }}-{{ .Values.buscontroller.service }} + release: {{ .Release.Name }} + spec: + initContainers: +#Example init container for dependency checking +# - command: +# - /root/ready.py +# args: +# - --container-name +# - mariadb +# env: +# - name: NAMESPACE +# valueFrom: +# fieldRef: +# apiVersion: v1 +# fieldPath: metadata.namespace +# image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" +# imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} +# name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }}-{{ .Values.buscontroller.service }} + image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image.buscontrollerImage }}:{{ .Values.image.buscontrollerVersion }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.buscontroller.httpExternalPort }} +# wait till we get SSL certs before enabling this port +# - containerPort: {{ .Values.buscontroller.httpsPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + httpGet: + port: {{ .Values.buscontroller.httpExternalPort }} + path: /webapi/info + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + httpGet: + port: {{ .Values.buscontroller.httpExternalPort }} + path: /webapi/info + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: +#Example environment variable passed to container +# - name: DEBUG_FLAG +# value: {{ .Values.global.debugEnabled | default .Values.debugEnabled | quote }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/config + name: {{ include "common.name" . }}-config + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.name" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + items: + - key: buscontroller.env + path: conf +#Example config file mount into container +# - name: {{ include "common.fullname" . }}-config +# configMap: +# name: {{ include "common.fullname" . }}-configmap +# items: +# - key: application.properties +# path: application.properties + imagePullSecrets: + - name: "{{ .Values.global.nsPrefix }}-docker-registry-key" diff --git a/kubernetes/dmaap/templates/service.yaml b/kubernetes/dmaap/templates/service.yaml new file mode 100644 index 0000000000..9580e75590 --- /dev/null +++ b/kubernetes/dmaap/templates/service.yaml @@ -0,0 +1,60 @@ +# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#{{ if not .Values.disableBuscontroller }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.name" . }}-{{ .Values.buscontroller.service }} + namespace: {{ .Values.global.nsPrefix }} + labels: + app: {{ .Values.buscontroller.service }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +# Example MSB registration annotation +# msb.onap.org/service-info: '[ +# { +# "serviceName": "so", +# "version": "v1", +# "url": "/ecomp/mso/infra", +# "protocol": "REST" +# "port": "8080", +# "visualRange":"1" +# } +# ]' +spec: + type: {{ .Values.buscontroller.type }} + ports: + {{if eq .Values.buscontroller.type "NodePort" -}} + - port: {{ .Values.buscontroller.httpExternalPort }} + targetPort: {{ .Values.buscontroller.httpExternalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.buscontroller.httpPort }} + name: "{{ .Values.buscontroller.name }}-http-port" +# This will be needed when we get SSL certificates +# - port: {{ .Values.buscontroller.httpsExternalPort }} +# targetPort: {{ .Values.buscontroller.httpsExternalPort }} +# nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.buscontroller.httpsPort }} +# name: "{{ .Values.buscontroller.name }}-https-port" + {{- else -}} + - port: {{ .Values.buscontroller.externalPort }} + targetPort: {{ .Values.buscontroller.httpPort }} + name: {{ .Values.buscontroller.name }} + {{- end}} + selector: + app: {{ include "common.name" . }}-{{ .Values.buscontroller.service }} + release: {{ .Release.Name }} + +#{{ end }} diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml new file mode 100644 index 0000000000..9a0bc34ce5 --- /dev/null +++ b/kubernetes/dmaap/values.yaml @@ -0,0 +1,118 @@ +# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + postgresDatabase: dmaap + postgresUser: dmaap_admin + postgresPassword: onapdemodb + nsPrefix: onap + + +################################################################# +# Application configuration defaults. +################################################################# +#nsPrefix: onap +pullPolicy: Always + +# application images +repository: nexus3.onap.org:10001 + +image: + buscontrollerImage: onap/dmaap/buscontroller + buscontrollerVersion: 1.0.2 + + +# application configuration +# Example: +config: +# username: myusername +# password: mypassword +dmaapMessageRouterService: dmaap +aafURL: https://onap-aaf:8905/proxy/ +topicMgrUser: m23456@dmaapbc.onap.org +topicMgrPwd: onapdemo +adminUser: m12345@dmaapbc.onap.org +adminPwd: onapdemo + + + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +buscontroller: + service: prov-api + type: NodePort + name: buscontroller + httpExternalPort: 8080 + httpsExternalPort: 8443 + httpPort: 42 + httpsPort: 43 +# default number of instances + replicas: 1 +# flag to enable debugging - application support required + debugEnabled: false + +service: + #Example service definition with external, internal and node ports. + #Services may use any combination of ports depending on the 'type' of + #service being defined. + type: NodePort + name: + externalPort: <8080> + internalPort: <80> + nodePort: + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi -- 2.16.6