> kubectl label namespace istio-ingress istio-injection=enabled
-- To expose additional ports besides HTTP/S (e.g. for external Kafka access)
+- To expose additional ports besides HTTP/S (e.g. for external Kafka access, SDNC-callhome)
create an override file (e.g. istio-ingress.yaml)
.. collapse:: istio-ingress.yaml
- name: kafka-2
port: 9002
targetPort: 9002
+ protocol: TCP
+ - name: sdnc-callhome
+ port: 4334
+ targetPort: 4334
protocol: TCP
\ No newline at end of file
- name: common
version: ~12.x-0
repository: 'file://../common'
- - name: certInitializer
- version: ~12.x-0
- repository: '@local'
- name: repositoryGenerator
version: ~12.x-0
repository: 'file://../repositoryGenerator'
},
"uiHost": "0.0.0.0",
"version": "0.9.1",
- {{ if .Values.global.aafEnabled }}
- "enableHttps" : true,
- {{ end }}
"performGitPull": "N"
}
apiVersion: apps/v1
kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
+ selector: {{- include "common.selectors" . | nindent 4 }}
replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers:
- command:
image: {{ include "repositoryGenerator.image.envsubst" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-update-config
-{{ include "common.certInitializer.initContainer" . | indent 6 }}
- command:
- /app/ready.py
args:
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["/bin/bash"]
- args: ["-c", "cd /opt/onap/ccsdk/dgbuilder/ && {{ if .Values.global.aafEnabled}} cp /opt/app/osaaf/local/node-*.pem certs && {{end}}./start.sh sdnc1.0 && wait"]
- ports:
- - containerPort: {{ .Values.service.internalPort }}
+ args: ["-c", "cd /opt/onap/ccsdk/dgbuilder/ && ./start.sh sdnc1.0 && wait"]
+ ports: {{- include "common.containerPorts" . | indent 10 }}
readinessProbe:
tcpSocket:
port: {{ .Values.service.internalPort }}
- name: SDNC_CONFIG_DIR
value: /opt/onap/sdnc/data/properties
volumeMounts:
-{{ include "common.certInitializer.volumeMount" . | indent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
{{- end }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
-{{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
hostPath:
path: /etc/localtime
# limitations under the License.
*/}}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+{{ include "common.service" . }}
\ No newline at end of file
service:
type: NodePort
name: dgbuilder
- portName: http
- externalPort: 3000
internalPort: 3100
- nodePort: 28
+ ports:
+ - name: http
+ port: 3100
+ nodePort: 28
ingress:
enabled: false
service:
- baseaddr: "dgbuilder"
name: "dgbuilder"
- port: 3000
+ port: 3100
config:
ssl: "redirect"
- # dependency / sub-chart configuration
-certInitializer:
- nameOverride: dgbuilder-cert-initializer
- truststoreMountpath: /opt/onap/ccsdk/dgbuilder/certs
- fqdn: "sdnc"
- app_ns: "org.osaaf.aaf"
- fqi: "sdnc@sdnc.onap.org"
- fqi_namespace: org.onap.sdnc
- public_fqdn: "dgbuilder.onap.org"
- aafDeployFqi: "deployer@people.osaaf.org"
- aafDeployPass: demo123456!
- cadi_latitude: "38.0"
- cadi_longitude: "-72.0"
- credsPath: /opt/app/osaaf/local
- aaf_add_config: >
- cd /opt/app/osaaf/local;
- /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} | grep cadi_keystore_password= | cut -d= -f 2 > {{ .Values.credsPath }}/.pass 2>&1 ;
- cp {{ .Values.fqi_namespace }}.crt node-cert.pem;
- cp {{ .Values.fqi_namespace }}.key node-key.pem;
- chmod go+r node-*.pem
-
#Resource Limit flavor -By Default using small
flavor: small
#segregation for different envionment (Small and Large)
- name: common
version: ~12.x-0
repository: '@local'
- - name: certInitializer
- version: ~12.x-0
- repository: '@local'
- name: certManagerCertificate
version: ~12.x-0
repository: '@local'
kind: Deployment
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
replicas: {{ .Values.replicaCount }}
selector: {{- include "common.selectors" . | nindent 4 }}
template:
name: properties
subPath: dmaap-consumer-RANSlice.properties
resources: {{ include "common.resources" . | nindent 10 }}
+ ports: {{ include "common.containerPorts" . | nindent 10 }}
{{- if .Values.nodeSelector }}
nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
{{- end }}
# limitations under the License.
*/}}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: ClusterIP
- clusterIP: None
+{{ include "common.service" . }}
\ No newline at end of file
enabled: false
service:
+ type: ClusterIP
name: sdnc-dmaap-listener
+ internalPort: 80
+ ports:
+ - name: http
+ port: 80
#Resource limit flavor -By default using small
flavor: small
kind: Deployment
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
replicas: {{ .Values.replicaCount }}
selector: {{- include "common.selectors" . | nindent 4 }}
template:
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
+ ports: {{ include "common.containerPorts" . | nindent 12 }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{ if .Values.liveness.enabled }}
# limitations under the License.
*/}}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.service.name }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
- selector:
- app.kubernetes.io/name: {{ include "common.name" . }}
- app.kubernetes.io/instance: {{ include "common.release" . }}
+{{ include "common.service" . }}
service:
type: ClusterIP
name: sdnc-ansible-server
- portName: http
internalPort: 8000
- externalPort: 8000
+ ports:
+ - name: http
+ port: 8000
ingress:
enabled: false
kind: Deployment
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
replicas: 1
selector: {{- include "common.selectors" . | nindent 4 }}
template:
- name: common
version: ~12.x-0
repository: '@local'
- - name: certInitializer
- version: ~12.x-0
- repository: '@local'
- name: repositoryGenerator
version: ~12.x-0
repository: '@local'
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
- initContainers: {{ include "common.certInitializer.initContainer" . | indent 6 }}
+ initContainers:
- name: {{ include "common.name" . }}-readiness
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
{{ if .Values.liveness.enabled }}
livenessProbe:
tcpSocket:
- port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }}
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end }}
readinessProbe:
tcpSocket:
- port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }}
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: WEBPROTOCOL
- value: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.webProtocol .Values.config.webPlainProtocol }}
+ value: {{ .Values.config.webProtocol }}
- name: WEBPORT
- value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.webPort .Values.config.webPlainPort | quote }}
+ value : {{ .Values.config.webPort | quote }}
- name: SDNRPROTOCOL
- value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrProtocol .Values.config.sdnrPlainProtocol }}
+ value : {{ .Values.config.sdnrProtocol }}
- name: SDNRHOST
- value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrHost .Values.config.sdnrPlainHost }}.{{ include "common.namespace" . }}
+ value : {{ .Values.config.sdnrHost }}.{{ include "common.namespace" . }}
- name: SDNRPORT
- value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrPort .Values.config.sdnrPlainPort | quote }}
- {{ if (include "common.needTLS" .) }}
- - name: SSL_CERT_DIR
- value: {{ .Values.config.sslCertDir }}
- - name: SSL_CERTIFICATE
- value: {{ .Values.config.sslCertiticate }}
- - name: SSL_CERTIFICATE_KEY
- value: {{ .Values.config.sslCertKey }}
- {{ end }}
+ value : {{ .Values.config.sdnrPort | quote }}
{{ if .Values.config.transportpce.enabled }}
- name: TRPCEURL
value: {{ .Values.config.transportpce.transportpceUrl }}
value: "{{ .Values.config.oauth.enabled | default "false" }}"
- name: ENABLE_ODLUX_RBAC
value: "{{ .Values.config.oauth.odluxRbac.enabled | default "false" }}"
- volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
+ volumeMounts:
- mountPath: /etc/localtime
name: localtime
readOnly: true
affinity: {{ toYaml .Values.affinity | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
+ volumes:
- name: localtime
hostPath:
path: /etc/localtime
--- /dev/null
+{{/*
+# Copyright © 2023 Deutsche Telekom
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.ingress" . }}
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-{{- include "common.service" . -}}
+{{ include "common.service" . }}
# Global configuration defaults.
#################################################################
global:
- aafEnabled: true
nodePortPrefix: 322
- k8scluster: svc.cluster.local
+
#################################################################
# Application configuration defaults.
#################################################################
config:
sdncChartName: sdnc
- webProtocol: HTTPS
- webPlainProtocol: HTTP
- webPort: 8443
- webPlainPort: 8080
- sdnrProtocol: https
- sdnrPlainProtocol: http
+ webProtocol: HTTP
+ webPort: 8080
+ sdnrProtocol: http
sdnrHost: "sdnc"
- sdnrPlainHost: "sdnc"
- sdnrPort: "8443"
- sdnrPlainPort : "8080"
- sslCertDir: "/opt/app/osaaf/local/certs"
- sslCertiticate: "cert.pem"
- sslCertKey: "key.pem"
+ sdnrPort: "8080"
oauth:
enabled: false
odluxRbac:
topologyserverUrl: http://toplogy-api-service.topology:3001
tileserverUrl: https://tile.openstreetmap.org
-
-#################################################################
-# aaf configuration defaults.
-#################################################################
-certInitializer:
- nameOverride: sdnc-web-cert-initializer
- fqdn: "sdnc"
- app_ns: "org.osaaf.aaf"
- fqi: "sdnc@sdnc.onap.org"
- fqi_namespace: "org.onap.sdnc"
- public_fqdn: "sdnc.onap.org"
- aafDeployFqi: "deployer@people.osaaf.org"
- aafDeployPass: demo123456!
- cadi_latitude: "38.0"
- cadi_longitude: "-72.0"
- credsPath: /opt/app/osaaf/local
- aaf_add_config: |
- cd /opt/app/osaaf/local
- mkdir -p certs
- keytool -exportcert -rfc -file certs/cacert.pem -keystore {{ .Values.fqi_namespace }}.trust.jks -alias ca_local_0 -storepass $cadi_truststore_password
- openssl pkcs12 -in {{ .Values.fqi_namespace }}.p12 -out certs/cert.pem -passin pass:$cadi_keystore_password_p12 -passout pass:$cadi_keystore_password_p12
- cp {{ .Values.fqi_namespace }}.key certs/key.pem
- chmod -R 755 certs
-
# default number of instances
replicaCount: 1
service:
name: sdnc-web
- suffix: service
type: NodePort
- sessionAffinity: ClientIP
# for liveness and readiness probe only
# internalPort:
- internalPort: 8443
- internalPlainPort: 8080
+ internalPort: 8080
ports:
- - name: http-sdnc-web
- port: "8443"
- plain_port: "8080"
- port_protocol: http
+ - name: http
+ port: "8080"
nodePort: "05"
-#ingress:
-# enabled: false
+ingress:
+ enabled: false
+ service:
+ - baseaddr: "sdnc-web-ui"
+ name: "sdnc-web"
+ port: 8080
#Resource limit flavor -By default using small
flavor: small
-{{- if (include "common.needTLS" .) }}
-org.onap.ccsdk.sli.northbound.uebclient.asdc-address=sdc-be.{{.Release.Namespace}}:8443
-{{- else }}
org.onap.ccsdk.sli.northbound.uebclient.asdc-address=sdc-be.{{.Release.Namespace}}:8080
org.onap.ccsdk.sli.northbound.uebclient.use-https=false
-{{- end }}
org.onap.ccsdk.sli.northbound.uebclient.consumer-group=sdc-OpenSource-Env1-sdnc-dockero
org.onap.ccsdk.sli.northbound.uebclient.consumer-id=sdc-COpenSource-Env11-sdnc-dockero
org.onap.ccsdk.sli.northbound.uebclient.environment-name=AUTO
kind: Deployment
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
replicas: {{ .Values.replicaCount }}
selector: {{- include "common.selectors" . | nindent 4 }}
template:
name: properties
subPath: ueb-listener.properties
resources: {{ include "common.resources" . | nindent 10 }}
+ ports: {{ include "common.containerPorts" . | nindent 10 }}
{{- if .Values.nodeSelector }}
nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
{{- end }}
# limitations under the License.
*/}}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: ClusterIP
- clusterIP: None
+{{ include "common.service" . }}
\ No newline at end of file
periodSeconds: 10
service:
+ type: ClusterIP
name: sdnc-ueb-listener
+ internalPort: 80
+ ports:
+ - name: http
+ port: 80
ingress:
enabled: false
#
# Configuration file for A&AI Client
#
-{{- if (include "common.needTLS" .) }}
-org.onap.ccsdk.sli.adaptors.aai.uri=https://aai.{{.Release.Namespace}}:8443
-{{- else }}
org.onap.ccsdk.sli.adaptors.aai.uri=http://aai.{{.Release.Namespace}}:80
-{{- end }}
connection.timeout=60000
read.timeout=60000
[general]
dmaapEnabled={{.Values.config.sdnr.mountpointRegistrarEnabled | default "false"}}
-{{ if .Values.global.aafEnabled }}
-baseUrl=https://localhost:{{.Values.service.internalPort4}}
-{{- else }}
baseUrl=http://localhost:{{.Values.service.internalPort}}
-{{- end }}
sdnrUser=${ODL_ADMIN_USERNAME}
sdnrPasswd=${ODL_ADMIN_PASSWORD}
# limitations under the License.
*/}}
-SDNC_AAF_ENABLED: "{{ .Values.global.aafEnabled }}"
+SDNC_AAF_ENABLED: "false"
SDNC_GEO_ENABLED: "{{ .Values.config.geoEnabled }}"
SDNC_IS_PRIMARY_CLUSTER: "{{ .Values.config.isPrimaryCluster }}"
SDNC_ODL_COUNT: "{{ .Values.replicaCount }}"
metadata: {{ include "common.templateMetadata" . | indent 6}}
spec:
initContainers:
- {{ include "common.certInitializer.initContainer" . | indent 6 }}
- {{ if .Values.global.aafEnabled }}
- - name: {{ include "common.name" . }}-chown
- image: {{ include "repositoryGenerator.image.busybox" . }}
- command: ["sh", "-c", "chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }}"]
- volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- {{ end }}
- name: {{ include "common.name" . }}-readiness
command:
- /app/ready.py
sleep 90; "{{ .Values.config.binDir }}/startODL.sh"
env:
- name: SDNC_AAF_ENABLED
- value: "{{ .Values.global.aafEnabled}}"
+ value: "false"
- name: SDNC_HOME
value: "{{.Values.config.sdncHome}}"
- name: ETC_DIR
- name: SDNRINIT
value: "true"
- name: SDNRDBURL
- {{ if .Values.global.aafEnabled -}}
- value: "https://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}"
- {{- else -}}
value: "http://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}"
- {{- end }}
- name: SDNRDBPARAMETER
value: "-k"
- volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
resources: {{ include "common.resources" . | nindent 10 }}
{{- if include "common.onServiceMesh" . }}
- name: sdnrdb-service-mesh-wait-for-job-container
configMap:
name: {{ include "common.fullname" . }}-properties
defaultMode: 0644
-{{ include "common.certInitializer.volumes" . | nindent 6 }}
restartPolicy: Never
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
}
]'
spec:
- type: NodePort
+ type: {{ if (include "common.ingressEnabled" .) }}ClusterIP{{ else }}NodePort{{ end }}
ports:
- name: "{{ .Values.service.portName }}-restconf"
- {{ if not .Values.global.aafEnabled }}
port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- {{- else -}}
- port: {{ .Values.service.externalPort4 }}
- targetPort: {{ .Values.service.internalPort4 }}
- {{ end }}
+ {{ if not (include "common.ingressEnabled" .) }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }}
+ {{ end }}
{{ if .Values.config.sdnr.enabled }}
sessionAffinity: ClientIP
{{ end }}
statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-0
spec:
ports:
- - name: {{ .Values.service.portName }}-0-port-{{ .Values.service.internalPort4 }}
- port: {{ .Values.service.clusterPort2 }}
- targetPort: {{ .Values.service.internalPort4 }}
- nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.geoNodePort4 }}
- name: {{ .Values.service.portName }}-0-port-{{ .Values.service.internalPort }}
port: {{ .Values.service.clusterPort3 }}
targetPort: {{ .Values.service.internalPort }}
+ {{ if not (include "common.ingressEnabled" .) }}
nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.geoNodePort1 }}
- type: NodePort
+ {{ end }}
+ type: {{ if (include "common.ingressEnabled" .) }}ClusterIP{{ else }}NodePort{{ end }}
selector:
statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-0
{{ end }}
statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-1
spec:
ports:
- - name: {{ .Values.service.portName }}-1-port-{{ .Values.service.internalPort4 }}
- port: {{ .Values.service.clusterPort2 }}
- targetPort: {{ .Values.service.internalPort4 }}
- nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.geoNodePort5 }}
- name: {{ .Values.service.portName }}-1-port-{{ .Values.service.internalPort }}
port: {{ .Values.service.clusterPort3 }}
targetPort: {{ .Values.service.internalPort }}
+ {{ if not (include "common.ingressEnabled" .) }}
nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.geoNodePort2 }}
- type: NodePort
+ {{ end }}
+ type: {{ if (include "common.ingressEnabled" .) }}ClusterIP{{ else }}NodePort{{ end }}
selector:
statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-1
{{ end }}
statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-2
spec:
ports:
- - name: {{ .Values.service.portName }}-2-port-{{ .Values.service.internalPort4 }}
- port: {{ .Values.service.clusterPort2 }}
- targetPort: {{ .Values.service.internalPort4 }}
- nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.geoNodePort6 }}
- name: {{ .Values.service.portName }}-2-port-{{ .Values.service.internalPort }}
port: {{ .Values.service.clusterPort3 }}
targetPort: {{ .Values.service.internalPort }}
+ {{ if not (include "common.ingressEnabled" .) }}
nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.geoNodePort3 }}
- type: NodePort
+ {{ end }}
+ type: {{ if (include "common.ingressEnabled" .) }}ClusterIP{{ else }}NodePort{{ end }}
selector:
statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-2
{{ end }}
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
spec:
- type: NodePort
+ type: {{ if (include "common.ingressEnabled" .) }}ClusterIP{{ else }}NodePort{{ end }}
ports:
- name: "{{ .Values.service.portName }}-callhome"
port: {{ .Values.service.callHomePort }}
targetPort: {{ .Values.service.callHomePort }}
+ {{ if not (include "common.ingressEnabled" .) }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.callHomeNodePort }}
+ {{ end }}
selector:
app.kubernetes.io/name: {{ include "common.name" . }}
app.kubernetes.io/instance: {{ include "common.release" . }}
-{{ end }}
+{{ end }}
\ No newline at end of file
kind: StatefulSet
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- serviceName: {{ include "common.servicename" . }}-cluster
- replicas: {{ .Values.replicaCount }}
selector: {{- include "common.selectors" . | nindent 4 }}
+ serviceName: {{ include "common.servicename" . }}-cluster
podManagementPolicy: Parallel
+ replicas: {{ .Values.replicaCount }}
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oauth-token-secret" "key" "password") | indent 10 }}
- name: KEYCLOAK_SECRET
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keycloak-secret" "key" "password") | indent 10 }}
-
- name: ENABLE_ODLUX_RBAC
value: "{{ .Values.config.sdnr.oauth.odluxRbac.enabled | default "true" }}"
{{ end }}
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
- {{ end -}}
-{{ include "common.certInitializer.initContainer" . | indent 6 }}
+ {{ end }}
- name: {{ include "common.name" . }}-chown
image: {{ include "repositoryGenerator.image.busybox" . }}
command:
mkdir {{ .Values.persistence.mdsalPath }}/snapshots
mkdir {{ .Values.persistence.mdsalPath }}/daexim
chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }}
-{{- if .Values.global.aafEnabled }}
- chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }}
-{{- end }}
volumeMounts:
-{{ include "common.certInitializer.volumeMount" . | indent 10 }}
- mountPath: {{ .Values.persistence.mdsalPath }}
name: {{ include "common.fullname" . }}-data
containers:
- name: GEO_ENABLED
value: "{{ .Values.config.geoEnabled}}"
- name: SDNC_AAF_ENABLED
- value: "{{ .Values.global.aafEnabled}}"
+ value: "false"
- name: SDNC_REPLICAS
value: "{{ .Values.replicaCount }}"
- name: MYSQL_HOST
- name: SDNRONLY
value: "{{ .Values.config.sdnr.sdnronly | default "false" }}"
- name: SDNRDBURL
- {{- $prefix := ternary "https" "http" .Values.global.aafEnabled}}
- value: "{{$prefix}}://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}"
+ value: "http://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}"
{{- if .Values.config.sdnr.sdnrdbTrustAllCerts }}
- name: SDNRDBTRUSTALLCERTS
value: "true"
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ves-collector-secret" "key" "password") | indent 12 }}
volumeMounts:
-{{ include "common.certInitializer.volumeMount" . | indent 10 }}
{{- if .Values.global.cmpv2Enabled }}
{{ include "common.certManager.volumeMounts" . | indent 10 }}
{{- end }}
- name: {{ include "common.fullname" . }}-data
emptyDir: {}
{{ else }}
-{{ include "common.certInitializer.volumes" . | nindent 8 }}
{{- if .Values.global.cmpv2Enabled }}
{{ include "common.certManager.volumes" . | nindent 8 }}
{{- end }}
nodePortPrefixExt: 304
persistence:
mountPath: /dockerdata-nfs
- aafEnabled: true
centralizedLoggingEnabled: true
mariadbGalera:
#This flag allows SO to instantiate its own mariadb-galera cluster
username: sample1
password: sample1
address: dcae-ves-collector.onap
- port: 8443
+ port: 8080
version: v7
reportingEntityName: ONAP SDN-R
eventLogMsgDetail: SHORT
-# dependency / sub-chart configuration
-certInitializer:
- nameOverride: sdnc-cert-initializer
- truststoreMountpath: /opt/onap/sdnc/data/stores
- fqdn: "sdnc"
- app_ns: "org.osaaf.aaf"
- fqi: "sdnc@sdnc.onap.org"
- fqi_namespace: org.onap.sdnc
- public_fqdn: "sdnc.onap.org"
- aafDeployFqi: "deployer@people.osaaf.org"
- aafDeployPass: demo123456!
- cadi_latitude: "38.0"
- cadi_longitude: "-72.0"
- credsPath: /opt/app/osaaf/local
- aaf_add_config: >
- echo "$cadi_keystore_password" > {{ .Values.credsPath }}/.pass 2>&1
-
# dependency / sub-chart configuration
network-name-gen:
enabled: true
dgbuilder:
enabled: true
nameOverride: sdnc-dgbuilder
- certInitializer:
- nameOverride: sdnc-dgbuilder-cert-initializer
config:
db:
dbName: *sdncDbName
mariadb-galera:
service:
name: sdnc-dgbuilder
- nodePort: "03"
+ ports:
+ - name: http
+ port: 3100
+ nodePort: 03
ingress:
enabled: false
port: 3000
- baseaddr: "sdnc-web-service-api"
name: "sdnc-web-service"
- port: 8443
- plain_port: 8080
+ port: 8080
config:
ssl: "redirect"
elasticsearch:
nameOverride: &elasticSearchName sdnrdb
name: sdnrdb-cluster
- certInitializer:
- fqdn: "sdnc"
- fqi_namespace: org.onap.sdnc
- fqi: "sdnc@sdnc.onap.org"
service:
name: *elasticSearchName
master:
internalPort: 8181
internalPort2: 8101
internalPort3: 8080
- internalPort4: 8443
#port
externalPort: 8282
externalPort3: 8280
- externalPort4: 8443
nodePort4: 67
clusterPort: 2550
geoNodePort5: 65
geoNodePort6: 66
- callHomePort: 4334
+ callHomePort: &chport 4334
callHomeNodePort: 66
## Persist data to a persitent volume
journalPath: /opt/opendaylight/segmented-journal
snapshotsPath: /opt/opendaylight/snapshots
-certpersistence:
- enabled: true
-
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
-
- volumeReclaimPolicy: Retain
- accessMode: ReadWriteOnce
- size: 50Mi
- mountPath: /dockerdata-nfs
- mountSubPath: sdnc/certs
- certPath: /opt/app/osaaf
- ##storageClass: "manual"
-
ingress:
enabled: false
service:
- - baseaddr: "sdnc-api"
- name: "sdnc"
- port: 8443
- plain_port: 8282
+ - baseaddr: "sdnc-api"
+ name: "sdnc"
+ port: 8282
+ - baseaddr: "sdnc-callhome"
+ name: "onap-sdnc-callhome"
+ port: *chport
+ protocol: tcp
+ exposedPort: *chport
+ exposedProtocol: TCP
config:
ssl: "redirect"