[SO] Service mesh compatibility

Patch on SO charts dedicated to allign the service port names
according to Istio naming schema.
Change the mariadb job to wait for the sidecar and kill it afterwards.
Remove CertInitializer TLS job, if AAF is not enabled
Added all missing changed from https://gerrit.onap.org/r/c/oom/+/124231

Issue-ID: OOM-2824

Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I5b333ab19673ad248fd2e3bd138a99fe15025f5e

diff --git a/kubernetes/so/Chart.yaml b/kubernetes/so/Chart.yaml
index d746647..0c47c3b 100755 (executable)
--- a/kubernetes/so/Chart.yaml
+++ b/kubernetes/so/Chart.yaml
@@ -28,6 +28,7 @@ dependencies:
   - name: certInitializer
     version: ~10.x-0
     repository: '@local'
+    condition: global.aafEnabled
   - name: readinessCheck
     version: ~10.x-0
     repository: '@local'

diff --git a/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml b/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml
index 4b46721..808c439 100644 (file)
--- a/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml
+++ b/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml
@@ -116,7 +116,7 @@ spec:
 
         ports:
         - containerPort: {{ index .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
           protocol: TCP
       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes: {{ include "so.certificate.volumes" . | nindent 6 }}

diff --git a/kubernetes/so/components/so-admin-cockpit/templates/service.yaml b/kubernetes/so/components/so-admin-cockpit/templates/service.yaml
index c443978..b23e5ab 100644 (file)
--- a/kubernetes/so/components/so-admin-cockpit/templates/service.yaml
+++ b/kubernetes/so/components/so-admin-cockpit/templates/service.yaml
@@ -39,14 +39,12 @@ spec:
     {{if and (eq .Values.service.type "NodePort") (.Values.global.aafEnabled) -}}
     - port: {{ .Values.service.internalPort }}
       nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- else -}}
     - port: {{ .Values.service.externalPort }}
       targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- end}}
   selector:
     app: {{ include "common.name" . }}
     release: {{ include "common.release" . }}
-
-

diff --git a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml
index 360936d..9feab4d 100755 (executable)
--- a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml
@@ -17,7 +17,11 @@ aai:
   auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}}
   dme2:
     timeout: '30000'
+  {{ if (include "common.needTLS" .) }}
   endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://aai.{{ include "common.namespace" . }}:8080
+  {{ end }}
   workflowAaiDistributionDelay: PT30S
   pnfEntryNotificationTimeout: P14D
 cds:
@@ -158,7 +162,11 @@ mso:
   oof:
     auth: {{ .Values.mso.oof.auth }}
     callbackEndpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
+    {{ if (include "common.needTLS" .) }}
     endpoint: https://oof-osdf.{{ include "common.namespace" . }}:8698
+    {{ else }}
+    endpoint: http://oof-osdf.{{ include "common.namespace" . }}:8698
+    {{ end }}
     timeout: PT30M
   workflow:
     CreateGenericVNFV1:

diff --git a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml
index 57a2b2c..2b8b827 100755 (executable)
--- a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml
@@ -87,7 +87,7 @@ spec:
 {{ include "so.helpers.livenessProbe" .| indent 8 }}
         ports:
         - containerPort: {{ index .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
           protocol: TCP
       # Filebeat sidecar container
       {{ include "common.log.sidecar" . | nindent 6 }}

diff --git a/kubernetes/so/components/so-bpmn-infra/templates/service.yaml b/kubernetes/so/components/so-bpmn-infra/templates/service.yaml
index 6eb6f27..5b8dee0 100755 (executable)
--- a/kubernetes/so/components/so-bpmn-infra/templates/service.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/templates/service.yaml
@@ -29,11 +29,11 @@ spec:
     {{if eq .Values.service.type "NodePort" -}}
     - port: {{ .Values.service.internalPort }}
       nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- else -}}
     - port: {{ .Values.service.externalPort }}
       targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- end}}
   selector:
     app: {{ include "common.name" . }}

diff --git a/kubernetes/so/components/so-bpmn-infra/values.yaml b/kubernetes/so/components/so-bpmn-infra/values.yaml
index d5ff829..af185ae 100755 (executable)
--- a/kubernetes/so/components/so-bpmn-infra/values.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/values.yaml
@@ -123,7 +123,7 @@ service:
   type: ClusterIP
   internalPort: *containerPort
   externalPort: 8081
-  portName: so-bpmn-port
+  portName: http
 updateStrategy:
   type: RollingUpdate
   maxUnavailable: 1

diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml
index 30e5551..fa9d3a6 100755 (executable)
--- a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml
@@ -85,7 +85,7 @@ spec:
 {{ include "so.helpers.livenessProbe" .| indent 8 }}
         ports:
         - containerPort: {{ index .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
           protocol: TCP
       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes: {{ include "so.certificate.volumes" . | nindent 6 }}

diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml
index 6eb6f27..5b8dee0 100755 (executable)
--- a/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml
@@ -29,11 +29,11 @@ spec:
     {{if eq .Values.service.type "NodePort" -}}
     - port: {{ .Values.service.internalPort }}
       nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- else -}}
     - port: {{ .Values.service.externalPort }}
       targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- end}}
   selector:
     app: {{ include "common.name" . }}

diff --git a/kubernetes/so/components/so-catalog-db-adapter/values.yaml b/kubernetes/so/components/so-catalog-db-adapter/values.yaml
index a5961ee..b436094 100755 (executable)
--- a/kubernetes/so/components/so-catalog-db-adapter/values.yaml
+++ b/kubernetes/so/components/so-catalog-db-adapter/values.yaml
@@ -87,7 +87,7 @@ service:
     type: ClusterIP
     internalPort: *containerPort
     externalPort: *containerPort
-    portName: so-catdb-port
+    portName: http
 updateStrategy:
     type: RollingUpdate
     maxUnavailable: 1

diff --git a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml
index c99465b..0c2f679 100755 (executable)
--- a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml
@@ -16,7 +16,11 @@
 
 aai:
   auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.server.aai.auth ) }}
+  {{ if (include "common.needTLS" .) }}
   endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://aai.{{ include "common.namespace" . }}:8080
+  {{ end }}
   enabled: {{ .Values.global.aai.enabled }}
 logging:
   path: logs
@@ -50,4 +54,3 @@ management:
       prometheus:
         enabled: true # Whether exporting of metrics to Prometheus is enabled.
         step: 1m # Step size (i.e. reporting frequency) to use.
-

diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml
index 5fc28e2..7c1cb1b 100644 (file)
--- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml
@@ -17,7 +17,11 @@
 aai:
   auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}}
   version: v19
+  {{ if (include "common.needTLS" .) }}
   endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://aai.{{ include "common.namespace" . }}:8080
+  {{ end }}
 spring:
   datasource:
     hikari:
@@ -54,7 +58,11 @@ so:
 etsi-catalog-manager:
   base:
   {{- if .Values.global.msbEnabled }}
+    {{ if (include "common.needTLS" .) }}
     endpoint: https://msb-iag:443/api
+    {{ else }}
+    endpoint: http://msb-iag:443/api
+    {{ end }}
   http:
     client:
       ssl:

diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml
index e6a1d7c..33b38ad 100755 (executable)
--- a/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml
@@ -16,7 +16,11 @@
 aai:
   auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}}
   version: v15
+  {{ if (include "common.needTLS" .) }}
   endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://aai.{{ include "common.namespace" . }}:8080
+  {{ end }}
 spring:
   security:
     usercredentials:
@@ -42,7 +46,11 @@ sdc:
   username: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.username "value2" .Values.sdc.username )}}
   password: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.password "value2" .Values.sdc.password )}}
   key: {{ .Values.sdc.key }}
+  {{ if (include "common.needTLS" .) }}
   endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://sdc-be.{{ include "common.namespace" . }}:8080
+  {{ end }}
 vnfmadapter:
   endpoint: http://so-etsi-sol003-adapter.{{ include "common.namespace" . }}:9092
 etsi-catalog-manager:

diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml
index 3272bfd..7751bf4 100755 (executable)
--- a/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml
@@ -76,7 +76,7 @@ spec:
           failureThreshold: {{ .Values.livenessProbe.failureThreshold}}
         ports:
         - containerPort: {{ .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
           protocol: TCP
       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes: {{ include "so.certificate.volumes" . | nindent 6 }}

diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml
index 5772a89..96a2acd 100755 (executable)
--- a/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml
@@ -40,11 +40,11 @@ spec:
     {{if eq .Values.service.type "NodePort" -}}
     - port: {{ .Values.service.internalPort }}
       nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- else -}}
     - port: {{ .Values.service.externalPort }}
       targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- end}}
   selector:
     app: {{ include "common.name" . }}

diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml
index dd46da0..e1e2fc2 100755 (executable)
--- a/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml
@@ -45,7 +45,11 @@ mso:
   msb-port: 80
   adapters:
     requestDb:
+      {{ if (include "common.needTLS" .) }}
       endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+      {{ else }}
+      endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+      {{ end }}
       auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}}
 #Actuator
 management:

diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml
index 4f8f4d9..1abf218 100755 (executable)
--- a/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml
@@ -94,7 +94,7 @@ spec:
           failureThreshold: {{ .Values.livenessProbe.failureThreshold}}
         ports:
         - containerPort: {{ .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
           protocol: TCP
       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes: {{ include "so.certificate.volumes" . | nindent 6 }}

diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml
index 2ecc66f..5b8dee0 100755 (executable)
--- a/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml
@@ -29,12 +29,12 @@ spec:
     {{if eq .Values.service.type "NodePort" -}}
     - port: {{ .Values.service.internalPort }}
       nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- else -}}
     - port: {{ .Values.service.externalPort }}
       targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- end}}
   selector:
     app: {{ include "common.name" . }}
-    release: {{ include "common.release" . }}
\ No newline at end of file
+    release: {{ include "common.release" . }}

diff --git a/kubernetes/so/components/so-mariadb/templates/job.yaml b/kubernetes/so/components/so-mariadb/templates/job.yaml
index 2a84fac..d9c6009 100644 (file)
--- a/kubernetes/so/components/so-mariadb/templates/job.yaml
+++ b/kubernetes/so/components/so-mariadb/templates/job.yaml
@@ -53,13 +53,17 @@ spec:
         command:
         - /bin/bash
         - -c
-        - mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb nfvo > /var/data/mariadb/backup-`date +%s`.sql
+        - |
+          {{- if include "common.onServiceMesh" . }}
+          echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
+          mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb nfvo > /var/data/mariadb/backup-`date +%s`.sql
         volumeMounts:
         - mountPath: /etc/localtime
           name: localtime
           readOnly: true
         - name: backup-storage
           mountPath: /var/data/mariadb
+      {{ include "common.waitForJobContainer" . | indent 6 | trim }}
       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes:
       - name: localtime
@@ -105,6 +109,8 @@ spec:
         - /bin/bash
         - -c
         - >
+          {{- if include "common.onServiceMesh" . }}
+          echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
           mysql() { /usr/bin/mysql  -h ${DB_HOST} -P ${DB_PORT} "$@"; };
           export -f mysql;
           mysql --user=root --password=${MYSQL_ROOT_PASSWORD} requestdb -e exit > /dev/null 2>&1 {{ if not .Values.global.migration.enabled }} && echo "Database already initialized!!!" && exit 0 {{ end }};
@@ -157,6 +163,7 @@ spec:
         {{- end }}
         resources:
 {{ include "common.resources" . | indent 12 }}
+      {{ include "common.waitForJobContainer" . | indent 6 | trim }}
       {{- if .Values.nodeSelector }}
       nodeSelector:
 {{ toYaml .Values.nodeSelector | indent 10 }}

diff --git a/kubernetes/so/components/so-mariadb/values.yaml b/kubernetes/so/components/so-mariadb/values.yaml
index 58e34b7..13dd086 100755 (executable)
--- a/kubernetes/so/components/so-mariadb/values.yaml
+++ b/kubernetes/so/components/so-mariadb/values.yaml
@@ -21,7 +21,7 @@ global:
   nodePortPrefix: 302
   nodePortPrefixExt: 304
   repository: nexus3.onap.org:10001
-  readinessImage: onap/oom/readiness:3.0.1
+  readinessImage: onap/oom/readiness:4.1.0
   ubuntuInitRepository: docker.io
   mariadbGalera:
     nameOverride: &mariadbName mariadb-galera
@@ -187,3 +187,7 @@ serviceAccount:
   nameOverride: so-mariadb
   roles:
     - read
+
+wait_for_job_container:
+  containers:
+    - '{{ include "common.name" . }}-config'

diff --git a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml
index 75db547..1d8a97c 100755 (executable)
--- a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml
@@ -15,7 +15,11 @@
 */}}
 aai:
   auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}}
+  {{ if (include "common.needTLS" .) }}
   endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://aai.{{ include "common.namespace" . }}:8080
+  {{ end }}
 logging:
   path: logs
 spring:
@@ -51,7 +55,11 @@ mso:
   msb-port: 80
   adapters:
     requestDb:
+      {{ if (include "common.needTLS" .) }}
       endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+      {{ else }}
+      endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+      {{ end }}
       auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}}
 #Actuator
 management:

diff --git a/kubernetes/so/components/so-nssmf-adapter/values.yaml b/kubernetes/so/components/so-nssmf-adapter/values.yaml
index 2489ddd..29f9f4e 100755 (executable)
--- a/kubernetes/so/components/so-nssmf-adapter/values.yaml
+++ b/kubernetes/so/components/so-nssmf-adapter/values.yaml
@@ -107,7 +107,7 @@ app: nssmf-adapter
 service:
   type: ClusterIP
   ports:
-    - name: api
+    - name: http
       port: *containerPort
 updateStrategy:
     type: RollingUpdate

diff --git a/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml
index 5013c34..8db5d26 100755 (executable)
--- a/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml
@@ -42,7 +42,11 @@ mso:
       endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
   oof:
     auth: ${OOF_LOGIN}:${OOF_PASSWORD}
+    {{ if (include "common.needTLS" .) }}
     endpoint: https://oof-osdf.{{ include "common.namespace" . }}:8698
+    {{ else }}
+    endpoint: http://oof-osdf.{{ include "common.namespace" . }}:8698
+    {{ end }}
 #Actuator
 management:
   endpoints:

diff --git a/kubernetes/so/components/so-oof-adapter/values.yaml b/kubernetes/so/components/so-oof-adapter/values.yaml
index 863e0e9..530c35a 100755 (executable)
--- a/kubernetes/so/components/so-oof-adapter/values.yaml
+++ b/kubernetes/so/components/so-oof-adapter/values.yaml
@@ -89,7 +89,7 @@ app: so-oof-adapter
 service:
     type: ClusterIP
     ports:
-      - name: api
+      - name: http
         port: *containerPort
 updateStrategy:
     type: RollingUpdate

diff --git a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml
index e332f98..487e931 100755 (executable)
--- a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml
@@ -15,7 +15,11 @@
 */}}
 aai:
   auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}}
+  {{ if (include "common.needTLS" .) }}
   endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://aai.{{ include "common.namespace" . }}:8080
+  {{ end }}
 server:
   port: {{ index .Values.containerPort }}
 spring:

diff --git a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml
index f370fbd..55493f7 100755 (executable)
--- a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml
@@ -87,7 +87,7 @@ spec:
 {{ include "so.helpers.livenessProbe" .| indent 8 }}
         ports:
         - containerPort: {{ index .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
           protocol: TCP
       # Filebeat sidecar container
       {{ include "common.log.sidecar" . | nindent 6 }}

diff --git a/kubernetes/so/components/so-openstack-adapter/templates/service.yaml b/kubernetes/so/components/so-openstack-adapter/templates/service.yaml
index 6eb6f27..5b8dee0 100755 (executable)
--- a/kubernetes/so/components/so-openstack-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/templates/service.yaml
@@ -29,11 +29,11 @@ spec:
     {{if eq .Values.service.type "NodePort" -}}
     - port: {{ .Values.service.internalPort }}
       nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- else -}}
     - port: {{ .Values.service.externalPort }}
       targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- end}}
   selector:
     app: {{ include "common.name" . }}

diff --git a/kubernetes/so/components/so-openstack-adapter/values.yaml b/kubernetes/so/components/so-openstack-adapter/values.yaml
index 057f8a0..28338cf 100755 (executable)
--- a/kubernetes/so/components/so-openstack-adapter/values.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/values.yaml
@@ -95,7 +95,7 @@ service:
     type: ClusterIP
     internalPort: *containerPort
     externalPort: *containerPort
-    portName: so-optack-port
+    portName: http
 updateStrategy:
     type: RollingUpdate
     maxUnavailable: 1

diff --git a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml
index 30e5551..fa9d3a6 100755 (executable)
--- a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml
@@ -85,7 +85,7 @@ spec:
 {{ include "so.helpers.livenessProbe" .| indent 8 }}
         ports:
         - containerPort: {{ index .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
           protocol: TCP
       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes: {{ include "so.certificate.volumes" . | nindent 6 }}

diff --git a/kubernetes/so/components/so-request-db-adapter/templates/service.yaml b/kubernetes/so/components/so-request-db-adapter/templates/service.yaml
index 6eb6f27..5b8dee0 100755 (executable)
--- a/kubernetes/so/components/so-request-db-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-request-db-adapter/templates/service.yaml
@@ -29,11 +29,11 @@ spec:
     {{if eq .Values.service.type "NodePort" -}}
     - port: {{ .Values.service.internalPort }}
       nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- else -}}
     - port: {{ .Values.service.externalPort }}
       targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- end}}
   selector:
     app: {{ include "common.name" . }}

diff --git a/kubernetes/so/components/so-request-db-adapter/values.yaml b/kubernetes/so/components/so-request-db-adapter/values.yaml
index e932a0b..6bcd388 100755 (executable)
--- a/kubernetes/so/components/so-request-db-adapter/values.yaml
+++ b/kubernetes/so/components/so-request-db-adapter/values.yaml
@@ -83,7 +83,7 @@ service:
     type: ClusterIP
     internalPort: *containerPort
     externalPort: *containerPort
-    portName: so-reqdb-port
+    portName: http
 updateStrategy:
     type: RollingUpdate
     maxUnavailable: 1

diff --git a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml
index b20e33a..ffa66e9 100755 (executable)
--- a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml
@@ -63,19 +63,28 @@ mso:
       endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
       auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.requestDb.auth )}}
   aai:
+    {{ if (include "common.needTLS" .) }}
     endpoint: https://aai.{{ include "common.namespace" . }}:8443
+    {{ else }}
+    endpoint: http://aai.{{ include "common.namespace" . }}:8080
+    {{ end }}
   asdc-connections:
     asdc-controller1:
       user: mso
       consumerGroup: SO-OpenSource-Env11
       consumerId: SO-COpenSource-Env11
       environmentName: AUTO
+      {{ if (include "common.needTLS" .) }}
       asdcAddress: sdc-be.{{ include "common.namespace" . }}:8443
+      {{ else }}
+      asdcAddress: sdc-be.{{ include "common.namespace" . }}:8080
+      {{ end }}
       password: {{ index .Values "mso" "asdc-connections" "asdc-controller1" "password" }}
       pollingInterval: 60
       pollingTimeout: 60
       relevantArtifactTypes: HEAT,HEAT_ENV,HEAT_VOL
       useHttpsWithDmaap: false
+      useHttpsWithSdc: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
       activateServerTLSAuth: false
       keyStorePassword:
       keyStorePath:

diff --git a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml
index f370fbd..55493f7 100755 (executable)
--- a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml
+++ b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml
@@ -87,7 +87,7 @@ spec:
 {{ include "so.helpers.livenessProbe" .| indent 8 }}
         ports:
         - containerPort: {{ index .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
           protocol: TCP
       # Filebeat sidecar container
       {{ include "common.log.sidecar" . | nindent 6 }}

diff --git a/kubernetes/so/components/so-sdc-controller/templates/service.yaml b/kubernetes/so/components/so-sdc-controller/templates/service.yaml
index 6eb6f27..5b8dee0 100755 (executable)
--- a/kubernetes/so/components/so-sdc-controller/templates/service.yaml
+++ b/kubernetes/so/components/so-sdc-controller/templates/service.yaml
@@ -29,11 +29,11 @@ spec:
     {{if eq .Values.service.type "NodePort" -}}
     - port: {{ .Values.service.internalPort }}
       nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- else -}}
     - port: {{ .Values.service.externalPort }}
       targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- end}}
   selector:
     app: {{ include "common.name" . }}

diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml
index 58e93f5..c0e3f50 100755 (executable)
--- a/kubernetes/so/components/so-sdc-controller/values.yaml
+++ b/kubernetes/so/components/so-sdc-controller/values.yaml
@@ -91,7 +91,7 @@ service:
     type: ClusterIP
     internalPort: *containerPort
     externalPort: *containerPort
-    portName: so-sdc-port
+    portName: http
 updateStrategy:
     type: RollingUpdate
     maxUnavailable: 1

diff --git a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml
index 01e0ab7..b95e0b5 100755 (executable)
--- a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml
@@ -91,7 +91,7 @@ spec:
 {{ include "so.helpers.livenessProbe" .| indent 8 }}
         ports:
         - containerPort: {{ index .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
           protocol: TCP
       # Filebeat sidecar container
       {{ include "common.log.sidecar" . | nindent 6 }}

diff --git a/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml b/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml
index 6eb6f27..5b8dee0 100755 (executable)
--- a/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml
@@ -29,11 +29,11 @@ spec:
     {{if eq .Values.service.type "NodePort" -}}
     - port: {{ .Values.service.internalPort }}
       nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- else -}}
     - port: {{ .Values.service.externalPort }}
       targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- end}}
   selector:
     app: {{ include "common.name" . }}

diff --git a/kubernetes/so/components/so-sdnc-adapter/values.yaml b/kubernetes/so/components/so-sdnc-adapter/values.yaml
index cb9d02a..54fa88c 100755 (executable)
--- a/kubernetes/so/components/so-sdnc-adapter/values.yaml
+++ b/kubernetes/so/components/so-sdnc-adapter/values.yaml
@@ -110,7 +110,7 @@ service:
     type: ClusterIP
     internalPort: *containerPort
     externalPort: *containerPort
-    portName: so-sdnc-port
+    portName: http
 updateStrategy:
     type: RollingUpdate
     maxUnavailable: 1

diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml
index f46219c..8471540 100755 (executable)
--- a/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml
@@ -18,10 +18,18 @@ server:
   port: {{ include "common.getPort" (dict "global" . "name" "http") }}
 
 vevnfmadapter:
+  {{ if (include "common.needTLS" .) }}
   endpoint: https://msb-iag:30283/api/{{ include "common.servicename" . }}/v1
+  {{ else }}
+  endpoint: http://msb-iag:30283/api/{{ include "common.servicename" . }}/v1
+  {{ end }}
 
 aai:
+  {{ if (include "common.needTLS" .) }}
   endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://aai.{{ include "common.namespace" . }}:8080
+  {{ end }}
 
 dmaap:
   endpoint: http://message-router.{{ include "common.namespace" . }}:3904

diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml
index efb3fab..6933607 100755 (executable)
--- a/kubernetes/so/resources/config/overrides/override.yaml
+++ b/kubernetes/so/resources/config/overrides/override.yaml
@@ -1,5 +1,9 @@
 aai:
+  {{ if (include "common.needTLS" .) }}
   endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://aai.{{ include "common.namespace" . }}:8080
+  {{ end }}
   auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}}
 server:
     port: {{ index .Values.containerPort }}
@@ -45,13 +49,21 @@ mso:
     activate:
       instanceid: test
       userid: cs0008
-    endpoint: http://sdc-be.{{ include "common.namespace" . }}:8443
+    {{ if (include "common.needTLS" .) }}
+    endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443
+    {{ else }}
+    endpoint: http://sdc-be.{{ include "common.namespace" . }}:8080
+    {{ end }}
   tenant:
     isolation:
       retry:
         count: 3
   aai:
+    {{ if (include "common.needTLS" .) }}
     endpoint: https://aai.{{ include "common.namespace" . }}:8443
+    {{ else }}
+    endpoint: http://aai.{{ include "common.namespace" . }}:8080
+    {{ end }}
     auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}}
 
   extApi:

diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml
index 47701d8..99a5eff 100755 (executable)
--- a/kubernetes/so/templates/deployment.yaml
+++ b/kubernetes/so/templates/deployment.yaml
@@ -87,7 +87,7 @@ spec:
 {{ include "so.helpers.livenessProbe" .| indent 8 }}
         ports:
         - containerPort: {{ index .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
           protocol: TCP
       # Filebeat sidecar container
       {{ include "common.log.sidecar" . | nindent 6 }}

diff --git a/kubernetes/so/templates/service.yaml b/kubernetes/so/templates/service.yaml
index 2849ede..5a83d56 100755 (executable)
--- a/kubernetes/so/templates/service.yaml
+++ b/kubernetes/so/templates/service.yaml
@@ -392,11 +392,11 @@ spec:
     {{if eq .Values.service.type "NodePort" -}}
     - port: {{ .Values.service.internalPort }}
       nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- else -}}
     - port: {{ .Values.service.externalPort }}
       targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
     {{- end}}
   selector:
     app: {{ include "common.name" . }}

diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml
index 1f454f6..553de8c 100755 (executable)
--- a/kubernetes/so/values.yaml
+++ b/kubernetes/so/values.yaml
@@ -213,7 +213,7 @@ service:
   nodePort: 77
   internalPort: *containerPort
   externalPort: *containerPort
-  portName: so-apih-port
+  portName: http
 updateStrategy:
   type: RollingUpdate
   maxUnavailable: 1