+++ /dev/null
-#============LICENSE_START========================================================
-#=================================================================================
-# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright © 2018 Amdocs, Bell Canada
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-sdc_address: '{{ .Values.config.address.sdc }}.{{include "common.namespace" . }}:8443'
-sdc_uri: 'https://{{ .Values.config.address.sdc }}.{{include "common.namespace" . }}:8443'
-sdc_user: "dcae"
-sdc_password: !!str Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-sdc_environment_name: "AUTO"
-sdc_msg_bus_address: '{{ .Values.config.address.message_router }}.{{include "common.namespace" . }}'
-postgres_user_inventory: "postgres"
-postgres_password_inventory: "onap123"
-{{ if .Values.componentImages.service_change_handler }}
-service_change_handler_image: '{{ include "common.repository" . }}/{{ .Values.componentImages.service_change_handler }}'
-{{ end }}
-{{ if .Values.componentImages.inventory }}
-inventory_image: '{{ include "common.repository" . }}/{{ .Values.componentImages.inventory }}'
-{{ end }}
+++ /dev/null
-#============LICENSE_START========================================================
-#=================================================================================
-# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright © 2018 Amdocs, Bell Canada
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-{{ if .Values.componentImages.policy_handler }}
-policy_handler_image: {{ include "common.repository" . }}/{{ .Values.componentImages.policy_handler }}
-{{ end }}
-application_config:
- policy_handler :
- # parallelize the getConfig queries to policy-engine on each policy-update notification
- thread_pool_size : 4
-
- # parallelize requests to policy-engine and keep them alive
- pool_connections : 20
-
- # retry to getConfig from policy-engine on policy-update notification
- policy_retry_count : 5
- policy_retry_sleep : 5
-
- # mode of operation for the policy-handler
- # either active or passive
- # in passive mode the policy-hanlder will not listen to
- # and will not bring the policy-updates from policy-engine
- mode_of_operation : "active"
-
- # config of automatic catch_up for resiliency
- catch_up :
- # interval in seconds on how often to call automatic catch_up
- # example: 1200 is 20*60 seconds that is 20 minutes
- interval : 1200
-
- # config of periodic reconfigure-rediscover for adaptability
- reconfigure:
- # interval in seconds on how often to call automatic reconfigure
- # example: 600 is 10*60 seconds that is 10 minutes
- interval : 600
-
- # policy-engine config
- # These are the url of and the auth for the external system, namely the policy-engine (PDP).
- # We obtain that info manually from PDP folks at the moment.
- # In long run we should figure out a way of bringing that info into consul record
- # related to policy-engine itself.
- # - k8s specific routing to policy-engine by hostname "pdp"
- # - relying on dns to resolve hostname "pdp" to ip address
- # - expecing to find "pdp" as the hostname in server cert from policy-engine
- policy_engine :
- url : "https://{{ .Values.config.address.policy_pdp }}.{{include "common.namespace" . }}:8081"
- path_notifications : "/pdp/notifications"
- path_api : "/pdp/api/"
- headers :
- Accept : "application/json"
- "Content-Type" : "application/json"
- ClientAuth : "cHl0aG9uOnRlc3Q="
- Authorization : "Basic dGVzdHBkcDphbHBoYTEyMw=="
- Environment : "TEST"
- target_entity : "policy_engine"
- # optional tls_ca_mode specifies where to find the cacert.pem for tls
- # can be one of these:
- # "cert_directory" - use the cacert.pem stored locally in cert_directory.
- # this is the default if cacert.pem file is found
- #
- # "os_ca_bundle" - use the public ca_bundle provided by linux system.
- # this is the default if cacert.pem file not found
- #
- # "do_not_verify" - special hack to turn off the verification by cacert and hostname
- tls_ca_mode : "cert_directory"
- # optional tls_wss_ca_mode specifies the same for the tls based web-socket
- tls_wss_ca_mode : "cert_directory"
- # optional timeout_in_secs specifies the timeout for the http requests
- timeout_in_secs: 60
- # optional ws_ping_interval_in_secs specifies the ping interval for the web-socket connection
- ws_ping_interval_in_secs: 30
- # deploy_handler config
- # changed from string "deployment_handler" in 2.3.1 to structure in 2.4.0
- deploy_handler :
- # name of deployment-handler service used by policy-handler for logging
- target_entity : "deployment_handler"
- # url of the deployment-handler service for policy-handler to direct the policy-updates to
- # - expecting dns to resolve the hostname deployment-handler to ip address
- url : "https://deployment-handler:8443"
- # limit the size of a single data segment for policy-update messages
- # from policy-handler to deployment-handler in megabytes
- max_msg_length_mb : 5
- query :
- # optionally specify the tenant name for the cloudify under deployment-handler
- # if not specified the "default_tenant" is used by the deployment-handler
- cfy_tenant_name : "default_tenant"
- # optional tls_ca_mode specifies where to find the cacert.pem or skip tls verification
- # can be one of these:
- # "cert_directory" - use the cacert.pem stored locally in cert_directory.
- # this is the default if cacert.pem file is found
- #
- # "os_ca_bundle" - use the public ca_bundle provided by linux system.
- # this is the default if cacert.pem file not found
- #
- # "do_not_verify" - special hack to turn off the verification by cacert and hostname
- tls_ca_mode : "cert_directory"
- # optional timeout_in_secs specifies the timeout for the http requests
- timeout_in_secs: 60
#============LICENSE_START========================================================\r
# ================================================================================\r
-# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.\r
+# Copyright (c) 2017-2019 AT&T Intellectual Property. All rights reserved.\r
# Modifications Copyright © 2018 Amdocs, Bell Canada\r
# ================================================================================\r
# Licensed under the Apache License, Version 2.0 (the "License");\r
- kube2msb\r
- --container-name\r
- dcae-config-binding-service\r
+ - --container-name\r
+ - dcae-db\r
- "-t"\r
- "15"\r
env:\r
#============LICENSE_START========================================================
#=================================================================================
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.7
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.9
# DCAE component images to be deployed via Cloudify Manager
# Use to override default setting in blueprints
componentImages:
datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.1.1
- deployment_handler: onap/org.onap.dcaegen2.platform.deployment-handler:3.1.0
holmes_rules: onap/holmes/rule-management:1.2.3
holmes_engine: onap/holmes/engine-management:1.2.2
- policy_handler: onap/org.onap.dcaegen2.platform.policy-handler:4.6.0
tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.0
ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.3.1
snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0
- prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.2.0-SNAPSHOT
+ prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.2.1-SNAPSHOT
hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.1.0-SNAPSHOT
# Resource Limit flavor -By Default using small
#============LICENSE_START========================================================
# ================================================================================
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.cm-container:1.5.0
+image: onap/org.onap.dcaegen2.deployments.cm-container:1.5.1
pullPolicy: Always
# probe configuration parameters
enabled: false
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 60
periodSeconds: 10
service:
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
#============LICENSE_START========================================================
#=================================================================================
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
# ============LICENSE_END=========================================================
-#TODO would like to make this conditional, as with the other input templates
-# but having template expansion issues trying to do that
-{{ if .Values.componentImages.config_binding_service }}
-cbs_image: {{ include "common.repository" . }}/{{ .Values.componentImages.config_binding_service }}
-{{ end }}
+apiVersion: v1
+description: ONAP DCAE Deployment Handler
+name: dcae-deployment-handler
+version: 4.0.0
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~4.0.0
+ repository: '@local'
--- /dev/null
+{
+ "cloudify": {
+ "protocol": "http"
+ },
+ "inventory": {
+ "protocol": "http"
+ }
+}
\ No newline at end of file
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+ #If enable will do load balancing among availabe Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
+
+logging:
+ level: debug
+
+ # enable file rotation with default configuration
+ to_files: true
+
+ # do not log to syslog
+ to_syslog: false
+
+ files:
+ path: /usr/share/filebeat/logs
+ name: mybeat.log
+ keepfiles: 7
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{include "common.fullname" . }}-filebeat-configmap
+ namespace: {{include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }}
\ No newline at end of file
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - dcae-cloudify-manager
+ - --container-name
+ - consul-server
+ - --container-name
+ - dcae-inventory-api
+ - "-t"
+ - "45"
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ - name: init-tls
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources: {}
+ volumeMounts:
+ - mountPath: /opt/tls/shared
+ name: tls-info
+ - name: init-consul
+ image: {{ .Values.global.consulLoaderRepository }}/{{ .Values.global.consulLoaderImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ args:
+ - --service
+ - "cloudify_manager|dcae-cloudify-manager.{{ include "common.namespace" . }}|80"
+ - --service
+ - "inventory|inventory.{{ include "common.namespace" . }}|8080"
+ - --key
+ - deployment_handler|/dhconfig/config.json
+ resources: {}
+ volumeMounts:
+ - mountPath: /dhconfig
+ name: dh-config
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ httpGet:
+ path: {{ .Values.readiness.path }}
+ port: {{ .Values.service.internalPort }}
+ scheme: {{ .Values.readiness.scheme }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - mountPath: /opt/app/dh/log
+ name: component-log
+ - mountPath: /opt/app/dh/etc/cert/
+ name: tls-info
+ env:
+ - name: CONSUL_HOST
+ value: consul-server.{{ include "common.namespace" . }}
+ - name: CLOUDIFY_USER
+ value: admin
+ - name: CLOUDIFY_PASSWORD
+ value: admin
+ - name: CONFIG_BINDING_SERVICE
+ value: config-binding-service
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ - name: {{ include "common.name" . }}-filebeat
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}
+ imagePullPolicy: IfNotPresent
+ resources: {}
+ volumeMounts:
+ - mountPath: /var/log/onap/deployment-handler
+ name: component-log
+ - mountPath: /usr/share/filebeat/data
+ name: filebeat-data
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ name: filebeat-conf
+ subPath: filebeat.yml
+ volumes:
+ - emptyDir: {}
+ name: component-log
+ - emptyDir: {}
+ name: filebeat-data
+ - configMap:
+ defaultMode: 420
+ name: {{ include "common.fullname" . }}-filebeat-configmap
+ name: filebeat-conf
+ - emptyDir: {}
+ name: tls-info
+ - configMap:
+ defaultMode: 422
+ name: {{ include "common.fullname" . }}-configmap
+ name: dh-config
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.name }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.name }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ tlsRepository: nexus3.onap.org:10001
+ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.0
+ consulLoaderRepository: nexus3.onap.org:10001
+ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
+ repositoryCred:
+ user: docker
+ password: docker
+
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+ # Addresses of other ONAP entities
+ address:
+ consul:
+ host: consul-server
+ port: 8500
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/org.onap.dcaegen2.platform.deployment-handler:3.2.0
+pullPolicy: Always
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ # liveness not desirable for Cloudify Manager container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 30
+ periodSeconds: 30
+ path: /
+ scheme: HTTPS
+
+service:
+ type: ClusterIP
+ name: deployment-handler
+ externalPort: 8443
+ internalPort: 8443
+
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+# Kubernetes namespace for components deployed via Cloudify manager
+# If empty, use the common namespace
+# dcae_ns: "dcae"
periodSeconds: 10
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.3
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.4
# Resource Limit flavor -By Default using small
flavor: small
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
#============LICENSE_START========================================================
#=================================================================================
-# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
# ============LICENSE_END=========================================================
-#
-# ECOMP is a trademark and service mark of AT&T Intellectual Property.
-{{ if .Values.componentImages.deployment_handler }}
-deployment_handler_image: {{ include "common.repository" . }}/{{ .Values.componentImages.deployment_handler }}
-{{ end }}
-application_config:
- cloudify:
- protocol: "http"
- inventory:
- protocol: "http"
+
+apiVersion: v1
+description: ONAP DCAE Policy Handler
+name: dcae-policy-handler
+version: 4.0.0
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~4.0.0
+ repository: '@local'
--- /dev/null
+{
+ "policy_handler": {
+ "thread_pool_size": 4,
+ "pool_connections": 20,
+ "policy_retry_count": 5,
+ "policy_retry_sleep": 5,
+ "catch_up": {
+ "interval": 1200
+ },
+ "reconfigure": {
+ "interval": 600
+ },
+ "policy_engine": {
+ "url": "https://{{ .Values.config.address.policy_pdp }}.{{include "common.namespace" . }}:8081",
+ "path_notifications": "/pdp/notifications",
+ "path_api": "/pdp/api/",
+ "headers": {
+ "Accept": "application/json",
+ "Content-Type": "application/json",
+ "ClientAuth": "cHl0aG9uOnRlc3Q=",
+ "Authorization": "Basic dGVzdHBkcDphbHBoYTEyMw==",
+ "Environment": "TEST"
+ },
+ "target_entity": "policy_engine",
+ "tls_ca_mode": "cert_directory",
+ "tls_wss_ca_mode": "cert_directory",
+ "timeout_in_secs": 60,
+ "ws_ping_interval_in_secs": 180
+ },
+ "deploy_handler": {
+ "target_entity": "deployment_handler",
+ "url": "https://deployment-handler:8443",
+ "max_msg_length_mb": 5,
+ "query": {
+ "cfy_tenant_name": "default_tenant"
+ },
+ "tls_ca_mode": "cert_directory",
+ "timeout_in_secs": 60
+ }
+ }
+}
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+ #If enable will do load balancing among availabe Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
+
+logging:
+ level: debug
+
+ # enable file rotation with default configuration
+ to_files: true
+
+ # do not log to syslog
+ to_syslog: false
+
+ files:
+ path: /usr/share/filebeat/logs
+ name: mybeat.log
+ keepfiles: 7
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{include "common.fullname" . }}-filebeat-configmap
+ namespace: {{include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }}
\ No newline at end of file
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - dcae-deployment-handler
+ - --container-name
+ - consul-server
+ - --container-name
+ - pdp
+ - "-t"
+ - "45"
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ - name: init-tls
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources: {}
+ volumeMounts:
+ - mountPath: /opt/tls/shared
+ name: tls-info
+ - name: init-consul
+ image: {{ .Values.global.consulLoaderRepository }}/{{ .Values.global.consulLoaderImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ args:
+ - --key
+ - policy_handler|/phconfig/config.json
+ resources: {}
+ volumeMounts:
+ - mountPath: /phconfig
+ name: ph-config
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ httpGet:
+ path: {{ .Values.readiness.path }}
+ port: {{ .Values.service.internalPort }}
+ scheme: {{ .Values.readiness.scheme }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - mountPath: /opt/app/policy_handler/logs
+ name: component-log
+ - mountPath: /opt/app/policy_handler/etc/tls/certs/
+ name: tls-info
+ env:
+ - name: CONSUL_HOST
+ value: consul-server.{{ include "common.namespace" . }}
+ - name: CLOUDIFY_USER
+ value: admin
+ - name: CLOUDIFY_PASSWORD
+ value: admin
+ - name: CONFIG_BINDING_SERVICE
+ value: config-binding-service
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ - name: {{ include "common.name" . }}-filebeat
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}
+ imagePullPolicy: IfNotPresent
+ resources: {}
+ volumeMounts:
+ - mountPath: /var/log/onap/deployment-handler
+ name: component-log
+ - mountPath: /usr/share/filebeat/data
+ name: filebeat-data
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ name: filebeat-conf
+ subPath: filebeat.yml
+ volumes:
+ - emptyDir: {}
+ name: component-log
+ - emptyDir: {}
+ name: filebeat-data
+ - configMap:
+ defaultMode: 420
+ name: {{ include "common.fullname" . }}-filebeat-configmap
+ name: filebeat-conf
+ - emptyDir: {}
+ name: tls-info
+ - configMap:
+ defaultMode: 422
+ name: {{ include "common.fullname" . }}-configmap
+ name: ph-config
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.name }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.name }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ tlsRepository: nexus3.onap.org:10001
+ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.0
+ consulLoaderRepository: nexus3.onap.org:10001
+ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
+ repositoryCred:
+ user: docker
+ password: docker
+
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+ # Addresses of other ONAP entities
+ address:
+ consul:
+ host: consul-server
+ port: 8500
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/org.onap.dcaegen2.platform.policy-handler:4.6.0
+pullPolicy: Always
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ # liveness not desirable for Cloudify Manager container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 60
+ periodSeconds: 300
+ path: /healthcheck
+ scheme: HTTP
+
+service:
+ type: ClusterIP
+ name: policy-handler
+ externalPort: 25577
+ internalPort: 25577
+
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+# Kubernetes namespace for components deployed via Cloudify manager
+# If empty, use the common namespace
+# dcae_ns: "dcae"
Code Review / oom.git / commitdiff