cadi_latitude: "0.0"
credsPath: /opt/app/osaaf/local
aaf_add_config: |
- echo "*** retrieving password for keystore and trustore"
- export $(/opt/app/aaf_config/bin/agent.sh local showpass \
- {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0)
- if [ -z "$cadi_keystore_password_p12" ]
- then
- echo " /!\ certificates retrieval failed"
- exit 1
- else
- echo "*** transform AAF certs into pem files"
- mkdir -p {{ .Values.credsPath }}/certs
- keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
- -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
- -alias ca_local_0 \
- -storepass $cadi_truststore_password
- openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
- -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
- -passin pass:$cadi_keystore_password_p12 \
- -passout pass:$cadi_keystore_password_p12
- echo "*** generating needed file"
- cat {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
- {{ .Values.credsPath }}/certs/cert.pem \
- {{ .Values.credsPath }}/certs/cacert.pem \
- > {{ .Values.credsPath }}/certs/fullchain.pem;
- cat {{ .Values.credsPath }}/certs/fullchain.pem
- echo "*** change ownership of certificates to targeted user"
- chown -R 33 {{ .Values.credsPath }}
- fi
+ echo "*** transform AAF certs into pem files"
+ mkdir -p {{ .Values.credsPath }}/certs
+ keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
+ -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
+ -alias ca_local_0 \
+ -storepass $cadi_truststore_password
+ openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
+ -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
+ -passin pass:$cadi_keystore_password_p12 \
+ -passout pass:$cadi_keystore_password_p12
+ echo "*** generating needed file"
+ cat {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
+ {{ .Values.credsPath }}/certs/cert.pem \
+ {{ .Values.credsPath }}/certs/cacert.pem \
+ > {{ .Values.credsPath }}/certs/fullchain.pem;
+ cat {{ .Values.credsPath }}/certs/fullchain.pem
+ echo "*** change ownership of certificates to targeted user"
+ chown -R 33 {{ .Values.credsPath }}
#################################################################
command:
- /app/ready.py
args:
- - --timeout
- - "{{ .Values.readinessTimeout }}"
- --container-name
- music-cassandra
env:
restartPolicy: Never
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
-
timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
successThreshold: {{ .Values.readiness.successThreshold }}
failureThreshold: {{ .Values.readiness.failureThreshold }}
+ startupProbe:
+ exec:
+ command:
+ - /bin/bash
+ - -c
+ - nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }'
+ initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
+ periodSeconds: {{ .Values.startup.periodSeconds }}
+ timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
+ successThreshold: {{ .Values.startup.successThreshold }}
+ failureThreshold: {{ .Values.startup.failureThreshold }}
lifecycle:
preStop:
exec:
nodePortPrefix: 302
persistence: {}
-replicaCount: 3
+replicaCount: 1
# Cassandra Image - This image is modified from the original on
# Docker Hub where the Security has been turned on.
# probe configuration parameters
liveness:
- initialDelaySeconds: 120
- periodSeconds: 20
+ initialDelaySeconds: 1
+ periodSeconds: 10
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
# in debugger so K8s doesn't restart unresponsive container
enabled: true
-readinessTimeout: 240
-
readiness:
- initialDelaySeconds: 10
- periodSeconds: 20
+ initialDelaySeconds: 1
+ periodSeconds: 10
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
+startup:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 10
+ successThreshold: 1
+ failureThreshold: 90
+
podManagementPolicy: OrderedReady
updateStrategy:
type: OnDelete
{{- end }}
{{- end -}}
{{/*
+For internal use only!
+
+dcaegen2-services-common._externalVolumes:
+This template generates a list of volumes associated with the pod,
+based on information provided in .Values.externalVolumes. This
+template works in conjunction with dcaegen2-services-common._externalVolumeMounts
+to give the microservice access to data in volumes created else.
+This initial implementation supports ConfigMaps only, as this is the only
+external volume mounting required by current microservices.
+
+.Values.externalValues is a list of objects. Each object has 3 required fields and 1 optional field:
+ - name: the name of the resource (in the current implementation, it must be a ConfigMap)
+ that is to be set up as a volume. The value is a case sensitive string. Because the
+ names of resources are sometimes set at deployment time (for instance, to prefix the Helm
+ release to the name), the string can be a Helm template fragment that will be expanded at
+ deployment time.
+ - type: the type of the resource (in the current implementation, only "ConfigMap" is supported).
+ The value is a case-INsensitive string.
+ - mountPoint: the path to the mount point for the volume in the container file system. The
+ value is a case-sensitive string.
+ - readOnly: (Optional) Boolean flag. Set to true to mount the volume as read-only.
+ Defaults to false.
+
+Here is an example fragment from a values.yaml file for a microservice:
+
+externalVolumes:
+ - name: my-example-configmap
+ type: configmap
+ mountPath: /opt/app/config
+ - name: '{{ include "common.release" . }}-another-example'
+ type: configmap
+ mountPath: /opt/app/otherconfig
+*/}}
+{{- define "dcaegen2-services-common._externalVolumes" -}}
+ {{- $global := . -}}
+ {{- if .Values.externalVolumes }}
+ {{- range $vol := .Values.externalVolumes }}
+ {{- if eq (lower $vol.type) "configmap" }}
+ {{- $vname := (tpl $vol.name $global) }}
+- configMap:
+ defaultMode: 420
+ name: {{ $vname }}
+ name: {{ $vname }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+{{- end }}
+{{/*
+For internal use only!
+
+dcaegen2-services-common._externalVolumeMounts:
+This template generates a list of volume mounts for the microservice container,
+based on information provided in .Values.externalVolumes. This
+template works in conjunction with dcaegen2-services-common._externalVolumes
+to give the microservice access to data in volumes created else.
+This initial implementation supports ConfigMaps only, as this is the only
+external volume mounting required by current microservices.
+
+See the documentation for dcaegen2-services-common._externalVolumes for
+details on how external volumes are specified in the values.yaml file for
+the microservice.
+*/}}
+{{- define "dcaegen2-services-common._externalVolumeMounts" -}}
+ {{- $global := . -}}
+ {{- if .Values.externalVolumes }}
+ {{- range $vol := .Values.externalVolumes }}
+ {{- if eq (lower $vol.type) "configmap" }}
+ {{- $vname := (tpl $vol.name $global) -}}
+ {{- $readOnly := $vol.readOnly | default false }}
+- mountPath: {{ $vol.mountPath }}
+ name: {{ $vname }}
+ readOnly: {{ $readOnly }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+{{- end }}
+{{/*
dcaegen2-services-common.microserviceDeployment:
This template produces a Kubernetes Deployment for a DCAE microservice.
- name: policy-shared
mountPath: /etc/policies
{{- end }}
+ {{- include "dcaegen2-services-common._externalVolumeMounts" . | nindent 8 }}
{{- if $logDir }}
- image: {{ include "repositoryGenerator.image.logging" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: policy-shared
emptyDir: {}
{{- end }}
+ {{- include "dcaegen2-services-common._externalVolumes" . | nindent 6 }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
{{ end -}}
-Djavax.net.ssl.keyStore="{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }}"
-Djavax.net.ssl.trustStore="{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }}"
{{- else }}
- args: ["/start-apache-tomcat.sh -i "" -n "" -b {{ .Values.global.env.tomcatDir }}"]
+ args: ["/start-apache-tomcat.sh -i \"\" -n \"\" -b {{ .Values.global.env.tomcatDir }}"]
{{- end }}
ports:
- containerPort: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
{{ end }}
readinessProbe:
exec:
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
+ successThreshold: {{ .Values.readiness.successThreshold }}
+ failureThreshold: {{ .Values.readiness.failureThreshold }}
+ resources: {{ include "common.resources" . | nindent 12 }}
+ startupProbe:
+ exec:
+ command:
+ - "/var/lib/jetty/ready-probe.sh"
+ initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
+ periodSeconds: {{ .Values.startup.periodSeconds }}
+ timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
+ successThreshold: {{ .Values.startup.successThreshold }}
+ failureThreshold: {{ .Values.startup.failureThreshold }}
resources: {{ include "common.resources" . | nindent 12 }}
env:
- name: ENVNAME
# probe configuration parameters
liveness:
- initialDelaySeconds: 120
+ initialDelaySeconds: 1
periodSeconds: 10
timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 3
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
port: api
enabled: true
readiness:
- initialDelaySeconds: 60
+ initialDelaySeconds: 1
periodSeconds: 10
timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 3
+
+startup:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 60
service:
type: NodePort
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
{{ end }}
readinessProbe:
tcpSocket:
port: {{ .Values.service.internalPort2 }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
+ successThreshold: {{ .Values.readiness.successThreshold }}
+ failureThreshold: {{ .Values.readiness.failureThreshold }}
+ startupProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort2 }}
+ initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
+ periodSeconds: {{ .Values.startup.periodSeconds }}
+ timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
+ successThreshold: {{ .Values.startup.successThreshold }}
+ failureThreshold: {{ .Values.startup.failureThreshold }}
resources: {{ include "common.resources" . | nindent 12 }}
env:
- name: ENVNAME
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
- periodSeconds: 60
+ initialDelaySeconds: 1
+ periodSeconds: 10
timeoutSeconds: 15
+ successThreshold: 1
+ failureThreshold: 3
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
+ initialDelaySeconds: 1
+ periodSeconds: 10
+ timeoutSeconds: 15
+ successThreshold: 1
+ failureThreshold: 3
+
+startup:
initialDelaySeconds: 10
- periodSeconds: 60
+ periodSeconds: 10
timeoutSeconds: 15
+ successThreshold: 1
+ failureThreshold: 60
service:
#Example service definition with external, internal and node ports.
port: {{ .Values.liveness.port }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
+ startupProbe:
+ httpGet:
+ path: {{ .Values.startup.path }}
+ port: {{ .Values.startup.port }}
+ initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
+ periodSeconds: {{ .Values.startup.periodSeconds }}
+ successThreshold: {{ .Values.startup.successThreshold }}
+ failureThreshold: {{ .Values.startup.failureThreshold }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
port: *svc_port
liveness:
- initialDelaySeconds: 30
- periodSeconds: 30
+ initialDelaySeconds: 1
+ periodSeconds: 10
path: /actuator/health
+ successThreshold: 1
+ failureThreshold: 3
port: *port
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
+startup:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ path: /actuator/health
+ successThreshold: 1
+ failureThreshold: 12
+ port: *port
+
flavor: small
resources:
small:
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
{{ end }}
readinessProbe:
exec:
- "/var/lib/jetty/ready-probe.sh"
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
+ successThreshold: {{ .Values.readiness.successThreshold }}
+ failureThreshold: {{ .Values.readiness.failureThreshold }}
+ startupProbe:
+ exec:
+ command:
+ - "/var/lib/jetty/ready-probe.sh"
+ initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
+ periodSeconds: {{ .Values.startup.periodSeconds }}
+ timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
+ successThreshold: {{ .Values.startup.successThreshold }}
+ failureThreshold: {{ .Values.startup.failureThreshold }}
resources: {{ include "common.resources" . | nindent 12 }}
env:
- name: ENVNAME
# probe configuration parameters
liveness:
- initialDelaySeconds: 120
- periodSeconds: 60
+ initialDelaySeconds: 1
+ periodSeconds: 10
timeoutSeconds: 15
+ successThreshold: 1
+ failureThreshold: 3
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 120
- periodSeconds: 60
+ initialDelaySeconds: 1
+ periodSeconds: 10
timeoutSeconds: 15
+ successThreshold: 1
+ failureThreshold: 3
+
+startup:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 15
+ successThreshold: 1
+ failureThreshold: 60
service:
type: ClusterIP
port: {{ template "wfd-be.internalPort" . }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
{{ end }}
readinessProbe:
tcpSocket:
port: {{ template "wfd-be.internalPort" . }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ successThreshold: {{ .Values.readiness.successThreshold }}
+ failureThreshold: {{ .Values.readiness.failureThreshold }}
+ startupProbe:
+ tcpSocket:
+ port: {{ template "wfd-be.internalPort" . }}
+ initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
+ periodSeconds: {{ .Values.startup.periodSeconds }}
+ successThreshold: {{ .Values.startup.successThreshold }}
+ failureThreshold: {{ .Values.startup.failureThreshold }}
env:
- name: JAVA_OPTIONS
value: {{ .Values.config.javaOptions }}
initialDelaySeconds: 60
periodSeconds: 10
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 1
+ periodSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 1
+ periodSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
+
+startup:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ failureThreshold: 60
+
service:
type: NodePort
portName: sdc-wfd-be
port: {{ template "wfd-fe.internalPort" . }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
{{ end }}
readinessProbe:
tcpSocket:
port: {{ template "wfd-fe.internalPort" . }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ successThreshold: {{ .Values.readiness.successThreshold }}
+ failureThreshold: {{ .Values.readiness.failureThreshold }}
+ startupProbe:
+ tcpSocket:
+ port: {{ template "wfd-fe.internalPort" . }}
+ initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
+ periodSeconds: {{ .Values.startup.periodSeconds }}
+ successThreshold: {{ .Values.startup.successThreshold }}
+ failureThreshold: {{ .Values.startup.failureThreshold }}
env:
- name: ENVNAME
value: {{ .Values.env.name }}
# probe configuration parameters
liveness:
- initialDelaySeconds: 60
+ initialDelaySeconds: 1
periodSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 60
+ initialDelaySeconds: 1
periodSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
+
+startup:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ failureThreshold: 60
service:
type: NodePort
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdnc-dmaap-listener-image:2.1.5
+image: onap/sdnc-dmaap-listener-image:2.1.6
pullPolicy: Always
# flag to enable debugging - application support required
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdnc-ansible-server-image:2.1.5
+image: onap/sdnc-ansible-server-image:2.1.6
pullPolicy: Always
# flag to enable debugging - application support required
# Application configuration defaults.
#################################################################
# application image
-image: "onap/sdnc-web-image:2.1.5"
+image: "onap/sdnc-web-image:2.1.6"
pullPolicy: Always
config:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdnc-ueb-listener-image:2.1.5
+image: onap/sdnc-ueb-listener-image:2.1.6
pullPolicy: Always
# flag to enable debugging - application support required
# application images
pullPolicy: Always
-image: onap/sdnc-image:2.1.5
+image: onap/sdnc-image:2.1.6
# flag to enable debugging - application support required
debugEnabled: false
Code Review / oom.git / commitdiff