.classpath
.factorypath
.project
+.pydevproject
.settings/
# IntelliJ
project: 'oom'
project_creation_date: '2017-06-15'
lifecycle_state: 'Incubation'
+project_category: ''
project_lead: &onap_releng_ptl
name: 'Mike Elliott'
email: 'mike.elliott@amdocs.com'
type: 'jira'
url: 'https://jira.onap.org/projects/OOM'
key: 'OOM'
+mailing_list:
+ type: 'groups.io'
+ url: 'lists.onap.org'
+ tag: '<[sub-project_name]>'
+realtime_discussion: ''
meetings:
- type: 'zoom'
- agenda: 'https://wiki.onap.org/pages/viewpage.action?pageId=8228913'
- url: 'https://wiki.onap.org/pages/viewpage.action?pageId=8228913'
- server: 'n/a'
- channel: 'n/a'
- repeats: 'weekly'
- time: '14:00 UTC'
+ agenda: 'https://wiki.onap.org/pages/viewpage.action?pageId=8228913'
+ url: 'https://wiki.onap.org/pages/viewpage.action?pageId=8228913'
+ server: 'n/a'
+ channel: 'n/a'
+ repeats: 'weekly'
+ time: '14:00 UTC'
+repositories:
+ - 'oom'
+ - 'oom-offline-installer'
+ - 'oom-registrator'
committers:
- <<: *onap_releng_ptl
- name: 'Alexis de Talhouët'
- email: 'adetalhouet89@gmail.com'
- company: 'Bell Canada'
- id: 'adetalhouet'
- timezone: 'Canada/Montreal'
+ email: 'adetalhouet89@gmail.com'
+ company: 'Bell Canada'
+ id: 'adetalhouet'
+ timezone: 'Canada/Montreal'
- name: 'Borislav Glozman'
- email: 'Borislav.Glozman@amdocs.com'
- company: 'Amdocs'
- id: 'BorislavG'
- timezone: 'Israel/Raanana'
+ email: 'Borislav.Glozman@amdocs.com'
+ company: 'Amdocs'
+ id: 'BorislavG'
+ timezone: 'Israel/Raanana'
- name: 'James MacNider'
- email: 'James.MacNider@amdocs.com'
- company: 'Amdocs'
- id: 'jmac'
- timezone: 'Canada/Ontario'
+ email: 'James.MacNider@amdocs.com'
+ company: 'Amdocs'
+ id: 'jmac'
+ timezone: 'Canada/Ontario'
- name: 'Hong Guan'
- email: 'hg4105@att.com'
- company: 'ATT'
- id: 'hg4105'
- timezone: ''
+ email: 'hg4105@att.com'
+ company: 'ATT'
+ id: 'hg4105'
+ timezone: 'Not/Defined'
- name: 'Jun (Nicolas) Hu'
- email: 'jh245g@att.com'
- company: 'ATT'
- id: 'jh245g'
- timezone: 'America/New York'
+ email: 'jh245g@att.com'
+ company: 'ATT'
+ id: 'jh245g'
+ timezone: 'America/New_York'
- name: 'Xue Gao'
- email: 'xg353y@intl.att.com'
- company: 'ATT'
- id: 'xuegao'
- timezone: 'Belgium/Namur'
+ email: 'xg353y@intl.att.com'
+ company: 'ATT'
+ id: 'xuegao'
+ timezone: 'Belgium/Namur'
tsc:
approval: 'https://lists.onap.org/pipermail/onap-tsc'
> helm install local/onap -name development -f dev.yaml
Note that there are one or more example deployment files in the
-`onap/resources/environments/` directory. It is best practice to create a unique
-deployment file for each environment used to ensure consistent behaviour.
+`onap/resources/environments/` directory. It is best practice to create a
+unique deployment file for each environment used to ensure consistent
+behaviour.
To aid in the long term supportability of ONAP, a set of common charts have
been created (and will be expanded in subsequent releases of ONAP) that can be
The common section of charts consists of a set of templates that assist with
parameter substitution (`_name.tpl` and `_namespace.tpl`) and a set of charts
-for components used throughout ONAP. Initially `mysql` is in the common area but
-this will expand to include other databases like `mariadb-galera`, `postgres`,
-and `cassandra`. Other candidates for common components include `redis` and
-`kafka`. When the common components are used by other charts they are
-instantiated each time. In subsequent ONAP releases some of the common
+for components used throughout ONAP. Initially `mysql` is in the common area
+but this will expand to include other databases like `mariadb-galera`,
+`postgres`, and `cassandra`. Other candidates for common components include
+`redis` and`kafka`. When the common components are used by other charts they
+are instantiated each time. In subsequent ONAP releases some of the common
components could be a setup as services that are used by multiple ONAP
components thus minimizing the deployment and operational costs.
of each ONAP component team to update these configuration files when changes
are made to the project containers that impact configuration.
-The following section describes how the hierarchical ONAP configuration system is
-key to management of such a large system.
+The following section describes how the hierarchical ONAP configuration system
+is key to management of such a large system.
Configuration Management
========================
Name Spaces
-----------
-Within the namespaces are Kubernetes services that provide external connectivity to pods that host Docker containers.
+Within the namespaces are Kubernetes services that provide external
+connectivity to pods that host Docker containers.
ONAP Components to Kubernetes Object Relationships
--------------------------------------------------
------------------------------
- DNS
-- Ports - Flattening the containers also expose port conflicts between the containers which need to be resolved.
+- Ports - Flattening the containers also expose port conflicts between the
+ containers which need to be resolved.
Node Ports
~~~~~~~~~~
.. MISC
.. ====
.. Note that although OOM uses Kubernetes facilities to minimize the effort
-.. required of the ONAP component owners to implement a successful rolling upgrade
-.. strategy there are other considerations that must be taken into consideration.
+.. required of the ONAP component owners to implement a successful rolling
+.. upgrade strategy there are other considerations that must be taken into
+.. consideration.
.. For example, external APIs - both internal and external to ONAP - should be
-.. designed to gracefully accept transactions from a peer at a different software
-.. version to avoid deadlock situations. Embedded version codes in messages may
-.. facilitate such capabilities.
+.. designed to gracefully accept transactions from a peer at a different
+.. software version to avoid deadlock situations. Embedded version codes in
+.. messages may facilitate such capabilities.
..
-.. Within each of the projects a new configuration repository contains all of the
-.. project specific configuration artifacts. As changes are made within the
-.. project, it's the responsibility of the project team to make appropriate
+.. Within each of the projects a new configuration repository contains all of
+.. the project specific configuration artifacts. As changes are made within
+.. the project, it's the responsibility of the project team to make appropriate
.. changes to the configuration data.
> cd oom/kubernetes
**Step 2.** Install Helm Plugins required to deploy the ONAP Casablanca release::
- sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm
+
+ > sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm
**Step 3.** Customize the onap/values.yaml file to suit your deployment. You
may want to selectively enable or disable ONAP components by changing the
> kubectl get pods --all-namespaces -o=wide
Undeploying onap can be done using the following command::
+
> helm undeploy dev --purge
Apply customization script for the Rancher VM
---------------------------------------------
-Click :download:`openstack-rancher.sh <openstack-rancher.sh>` to download the script.
+Click :download:`openstack-rancher.sh <openstack-rancher.sh>` to download the
+script.
.. literalinclude:: openstack-rancher.sh
:language: bash
will be installed.
As of the Casablanca release a minimum 224GB will be needed to run a
-full ONAP deployment (all components). It is recommended that more hosts are used
-with fewer resources instead of only a few large hosts. For example 14 x 16GB hosts.
+full ONAP deployment (all components). It is recommended that more hosts are
+used with fewer resources instead of only a few large hosts. For example 14 x
+16GB hosts.
If a small subset of ONAP components are being deployed for testing purposes,
then a single 16GB or 32GB host should suffice.
set up an NFS share on Master and Slave nodes, the user can run the scripts
below.
-Click :download:`master_nfs_node.sh <master_nfs_node.sh>` to download the script.
+Click :download:`master_nfs_node.sh <master_nfs_node.sh>` to download the
+script.
.. literalinclude:: master_nfs_node.sh
:language: bash
.. image:: Click_create.jpeg
-6. Select the new named environment (ie. SB4) from the dropdown list (top left).
+6. Select the new named environment (ie. SB4) from the dropdown list (top
+ left).
Rancher is now waiting for a Kubernetes Host to be added.
Add Kubernetes Host
-------------------
-1. If this is the first (or only) host being added - click on the "Add a host" link
+1. If this is the first (or only) host being added - click on the "Add a host"
+ link
.. image:: K8s-Assign_Floating_IP_for_external_access.jpeg
.. image:: otherwise_select_INFRASTRUCTURE_Hosts_and_click_on_Add_Host.jpg
-2. Enter the management IP for the k8s VM (e.g. 10.0.0.4) that was just created.
+2. Enter the management IP for the k8s VM (e.g. 10.0.0.4) that was just
+ created.
3. Click on “Copy to Clipboard” button
- :ref:`quick-start-label` - deploy ONAP on an existing cloud
- :ref:`user-guide-label` - a guide for operators of an ONAP instance
-
-
Pre-requisites
--------------
-Your environment must have both the Kubernetes `kubectl` and Helm setup as a one time activity.
+Your environment must have both the Kubernetes `kubectl` and Helm setup as a
+one time activity.
Install Kubectl
~~~~~~~~~~~~~~~
-Enter the following to install kubectl (on Ubuntu, there are slight differences on other O/Ss), the Kubernetes command line interface used to manage a Kubernetes cluster::
+Enter the following to install kubectl (on Ubuntu, there are slight differences
+on other O/Ss), the Kubernetes command line interface used to manage a
+Kubernetes cluster::
> curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.8.10/bin/linux/amd64/kubectl
> chmod +x ./kubectl
> sudo mv ./kubectl /usr/local/bin/kubectl
> mkdir ~/.kube
-Paste kubectl config from Rancher (see the :ref:`cloud-setup-guide-label` for alternative Kubernetes environment setups) into the `~/.kube/config` file.
+Paste kubectl config from Rancher (see the :ref:`cloud-setup-guide-label` for
+alternative Kubernetes environment setups) into the `~/.kube/config` file.
Verify that the Kubernetes config is correct::
Install Helm
~~~~~~~~~~~~
-Helm is used by OOM for package and configuration management. To install Helm, enter the following::
+Helm is used by OOM for package and configuration management. To install Helm,
+enter the following::
> wget http://storage.googleapis.com/kubernetes-helm/helm-v2.9.1-linux-amd64.tar.gz
> tar -zxvf helm-v2.9.1-linux-amd64.tar.gz
Install the Helm Repo
---------------------
-Once kubectl and Helm are setup, one needs to setup a local Helm server to server up the ONAP charts::
+Once kubectl and Helm are setup, one needs to setup a local Helm server to
+server up the ONAP charts::
> helm install osn/onap
> helm init
> helm serve &
-Note the port number that is listed and use it in the Helm repo add as follows::
+Note the port number that is listed and use it in the Helm repo add as
+follows::
> helm repo add local http://127.0.0.1:8879
> cp -R helm/plugins/ ~/.helm
-Once the repo is setup, installation of ONAP can be done with a single command::
+Once the repo is setup, installation of ONAP can be done with a single
+command::
> helm deploy development local/onap --namespace onap
user's own environment (a laptop etc.) the portal application's port 8989 is
exposed through a `Kubernetes LoadBalancer`_ object.
-Typically, to be able to access the Kubernetes nodes publicly a public address is
-assigned. In Openstack this is a floating IP address.
+Typically, to be able to access the Kubernetes nodes publicly a public address
+is assigned. In Openstack this is a floating IP address.
When the `portal-app` chart is deployed a Kubernetes service is created that
instantiates a load balancer. The LB chooses the private interface of one of
of the page
.. note::
- Besides the ONAP Portal the Components can deliver additional user interfaces,
+ Besides the ONAP Portal the Components can deliver additional user interfaces,
please check the Component specific documentation.
-.. note::
+.. note::
| Alternatives Considered:
- a set of liveness probes which feed into the Kubernetes manager which
are described in the Heal section.
-Within ONAP, Consul is the monitoring system of choice and deployed by OOM in two parts:
+Within ONAP, Consul is the monitoring system of choice and deployed by OOM in
+two parts:
- a three-way, centralized Consul server cluster is deployed as a highly
available monitor of all of the ONAP components, and
> helm undeploy casablanca --dry-run
-will display the outcome of deleting the 'casablanca' release from the deployment.
+will display the outcome of deleting the 'casablanca' release from the
+deployment.
To completely delete a release and remove it from the internal store enter::
> helm undeploy casablanca --purge
will remove `so` as the configuration indicates it's no longer part of the
deployment. This might be useful if a one wanted to replace just `so` by
-installing a custom version.
+installing a custom version.
-.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. This work is licensed under a Creative Commons Attribution 4.0 International
+.. License.
.. http://creativecommons.org/licenses/by/4.0
-.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights reserved.
+.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights
+.. reserved.
.. Links
.. _release-notes-label:
Summary
=======
-The focus of this release was on incremental improvements in the following areas:
-* Pluggable persistent storage with support for GlusterFS as the first storage class provisioner
-* CPU and Memory limits in Helm Charts to improve Pod placement based on resource availablity in Kubernetes Cluster
+The focus of this release was on incremental improvements in the following
+areas:
+
+* Pluggable persistent storage with support for GlusterFS as the first storage
+ class provisioner
+
+* CPU and Memory limits in Helm Charts to improve Pod placement based on
+ resource availablity in Kubernetes Cluster
+
* Support of Node Selectors for Pod placement
+
* Common "shared" Helm Charts referencing common images
+
- mariadb-galera
- postgres
- cassandra
- mysql
- mongo
+
* Integration of ARK Backup and Restore solution
-* Introduction of Helm deploy and undeploy plugins to better manage ONAP deployments
+
+* Introduction of Helm deploy and undeploy plugins to better manage ONAP
+ deployments
**Security Notes**
-OOM code has been formally scanned during build time using NexusIQ and no Critical vulnerability was found.
+OOM code has been formally scanned during build time using NexusIQ and no
+Critical vulnerability was found.
Quick Links:
- - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
- - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
+ - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
+
+ - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
**Known Issues**
-Problem: kubectl connections to pods (kubectl exec|logs) will fail after a while due to a known bug in Kubernetes (1.11.2)
-Workaround: Restart of the kubelet daemons on the k8s hosts
-Fix: Will be delivered in the next release via a new Kubernetes version (1.12)
-- `K8S Bug Report <https://github.com/kubernetes/kubernetes/issues/67659>`_
-- `OOM-1532 <https://jira.onap.org/browse/OOM-1532>`_
-- `OOM-1516 <https://jira.onap.org/browse/OOM-1516>`_
-- `OOM-1520 <https://jira.onap.org/browse/OOM-1520>`_
+ * **Problem**: kubectl connections to pods (kubectl exec|logs) will
+ fail after a while due to a known bug in Kubernetes (1.11.2)
+
+ **Workaround**: Restart of the kubelet daemons on the k8s hosts
+
+ **Fix**: Will be delivered in the next release via a new
+ Kubernetes version (1.12)
+
+ - `K8S Bug Report <https://github.com/kubernetes/kubernetes/issues/67659>`_
+ - `OOM-1532 <https://jira.onap.org/browse/OOM-1532>`_
+ - `OOM-1516 <https://jira.onap.org/browse/OOM-1516>`_
+ - `OOM-1520 <https://jira.onap.org/browse/OOM-1520>`_
Version 2.0.0 Beijing Release
**Security Notes**
-OOM code has been formally scanned during build time using NexusIQ and no Critical vulnerability was found.
+OOM code has been formally scanned during build time using NexusIQ and no
+Critical vulnerability was found.
Quick Links:
- - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
+ - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
- - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
+ - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
Version: 1.1.0
--------------
**New Features**
-The Amsterdam release is the first release of the ONAP Operations Manager (OOM).
+The Amsterdam release is the first release of the ONAP Operations Manager
+(OOM).
The main goal of the Amsterdam release was to:
- - Support Flexible Platform Deployment via Kubernetes of fully containerized ONAP components - on any type of environment.
+ - Support Flexible Platform Deployment via Kubernetes of fully
+ containerized ONAP components - on any type of environment.
- Support State Management of ONAP platform components.
- - Support full production ONAP deployment and any variation of component level deployment for development.
+ - Support full production ONAP deployment and any variation of component
+ level deployment for development.
- Platform Operations Orchestration / Control Loop Actions.
- Platform centralized logging with ELK stack.
**Bug Fixes**
- The full list of implemented user stories and epics is available on `JIRA <https://jira.onap.org/secure/RapidBoard.jspa?rapidView=41&view=planning.nodetail&epics=visible>`_
- This is the first release of OOM, the defects fixed in this release were raised during the course of the release.
- Anything not closed is captured below under Known Issues. If you want to review the defects fixed in the Amsterdam release, refer to Jira link above.
+ The full list of implemented user stories and epics is available on
+ `JIRA <https://jira.onap.org/secure/RapidBoard.jspa?rapidView=41&view=planning.nodetail&epics=visible>`_
+ This is the first release of OOM, the defects fixed in this release were
+ raised during the course of the release.
+ Anything not closed is captured below under Known Issues. If you want to
+ review the defects fixed in the Amsterdam release, refer to Jira link
+ above.
**Known Issues**
- `OOM-6 <https://jira.onap.org/browse/OOM-6>`_ Automated platform deployment on Docker/Kubernetes
VFC, AAF, MSB minor issues.
- Workaround: Manual configuration changes - however the reference vFirewall use case does not currently require these components.
+ Workaround: Manual configuration changes - however the reference
+ vFirewall use case does not currently require these components.
- `OOM-10 <https://jira.onap.org/browse/OOM-10>`_ Platform configuration management.
OOM ONAP Configuration Management - Handling of Secrets.
- Workaround: Automated workaround to be able to pull from protected docker repositories.
+ Workaround: Automated workaround to be able to pull from protected
+ docker repositories.
**Security Issues**
============LICENSE_START==========================================
===================================================================
- Copyright © 2017 Amdocs
- Copyright © 2017 Bell Canada
+ Copyright © 2017-2019 Amdocs
+ Copyright © 2017-2019 Bell Canada
All rights reserved.
===================================================================
Licensed under the Apache License, Version 2.0 (the "License");
apiVersion: v1
description: ONAP Application Authorization Framework
name: aaf
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP AAF Certificate Manager
name: aaf-cm
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP AAF cassandra
name: aaf-cs
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP AAF File Server
name: aaf-fs
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP AAF GUI
name: aaf-gui
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP AAF Hello
name: aaf-hello
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP AAF Locate
name: aaf-locate
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP AAF OAuth
name: aaf-oauth
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP AAF Service
name: aaf-service
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Secret Management Service
name: aaf-sms
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Secret Management Service Quorum Client
name: aaf-sms-quorumclient
-version: 3.0.0
+version: 4.0.0
description: Chart to launch Vault as SMS backend
name: aaf-sms-vault
appVersion: 0.9.5
-version: 3.0.0
+version: 4.0.0
periodSeconds: 30
service:
- type: NodePort
+ type: ClusterIP
name: aaf-sms
portName: aaf-sms
internalPort: 10443
- nodePort: 43
+ externalPort: 10443
persistence:
enabled: true
apiVersion: v1
description: ONAP Hardware Security Components
name: aaf-sshsm
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Trusted Platform Module Resource Manager
name: aaf-sshsm-abrmd
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Trusted Platform Module Distribution Center
name: aaf-sshsm-distcenter
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Trusted Platform Module Test CA Service
name: aaf-sshsm-testca
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
apiVersion: v1
description: ONAP Active and Available Inventory
name: aai
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Babel microservice
name: aai-babel
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
+++ /dev/null
-AAI.instance-group-types=org.openecomp.groups.NetworkCollection,org.openecomp.groups.VfcInstanceGroup
--- /dev/null
+{
+ "instanceGroupTypes": [
+ "org.openecomp.groups.NetworkCollection",
+ "org.openecomp.groups.VfcInstanceGroup",
+ "org.openecomp.groups.ResourceInstanceGroup"
+ ],
+ "widgetTypes": [
+ {
+ "type": "SERVICE",
+ "name": "service-instance",
+ "deleteFlag": true,
+ "modelVersionId": "46b92144-923a-4d20-b85a-3cbd847668a9",
+ "modelInvariantId": "82194af1-3c2c-485a-8f44-420e22a9eaa4"
+ },
+ {
+ "type": "VF",
+ "name": "generic-vnf",
+ "deleteFlag": true,
+ "modelVersionId": "93a6166f-b3d5-4f06-b4ba-aed48d009ad9",
+ "modelInvariantId": "acc6edd8-a8d4-4b93-afaa-0994068be14c"
+ },
+ {
+ "type": "VFC",
+ "name": "vnfc",
+ "deleteFlag": true,
+ "modelVersionId": "5761e0a7-c6df-4d8a-9ebd-b8f445054dec",
+ "modelInvariantId": "96129eb9-f0de-4e05-8af2-73146473f766"
+ },
+ {
+ "type": "VSERVER",
+ "name": "vserver",
+ "deleteFlag": true,
+ "modelVersionId": "8ecb2c5d-7176-4317-a255-26274edfdd53",
+ "modelInvariantId": "ff69d4e0-a8e8-4108-bdb0-dd63217e63c7"
+ },
+ {
+ "type": "VOLUME",
+ "name": "volume",
+ "deleteFlag": true,
+ "modelVersionId": "0fbe2e8f-4d91-4415-a772-88387049b38d",
+ "modelInvariantId": "ddd739b4-2b25-46c4-affc-41a32af5cc42"
+ },
+ {
+ "type": "FLAVOR",
+ "name": "flavor",
+ "deleteFlag": false,
+ "modelVersionId": "36200fb5-f251-4f5d-a520-7c5ad5c2cd4b",
+ "modelInvariantId": "bace8d1c-a261-4041-9e37-823117415d0f"
+ },
+ {
+ "type": "TENANT",
+ "name": "tenant",
+ "deleteFlag": false,
+ "modelVersionId": "abcc54bc-bb74-49dc-9043-7f7171707545",
+ "modelInvariantId": "97c26c99-6870-44c1-8a07-1d900d3f4ce6"
+ },
+ {
+ "type": "VOLUME_GROUP",
+ "name": "volume-group",
+ "deleteFlag": true,
+ "modelVersionId": "99d44c90-1f61-4418-b9a6-56586bf38c79",
+ "modelInvariantId": "fcec1b02-b2d0-4834-aef8-d71be04717dd"
+ },
+ {
+ "type": "LINT",
+ "name": "l-interface",
+ "deleteFlag": true,
+ "modelVersionId": "a32613fd-18b9-459e-aab8-fffb3912966a",
+ "modelInvariantId": "cea0a982-8d55-4093-921e-418fbccf7060"
+ },
+ {
+ "type": "L3_NET",
+ "name": "l3-network",
+ "deleteFlag": true,
+ "modelVersionId": "9111f20f-e680-4001-b83f-19a2fc23bfc1",
+ "modelInvariantId": "3d560d81-57d0-438b-a2a1-5334dba0651a"
+ },
+ {
+ "type": "VFMODULE",
+ "name": "vf-module",
+ "deleteFlag": true,
+ "modelVersionId": "c00563ae-812b-4e62-8330-7c4d0f47088a",
+ "modelInvariantId": "ef86f9c5-2165-44f3-8fc3-96018b609ea5"
+ },
+ {
+ "type": "IMAGE",
+ "name": "image",
+ "deleteFlag": false,
+ "modelVersionId": "f6a038c2-820c-42ba-8c2b-375e24e8f932",
+ "modelInvariantId": "3f4c7204-739b-4bbb-87a7-8a6856439c90"
+ },
+ {
+ "type": "OAM_NETWORK",
+ "name": "oam-network",
+ "deleteFlag": true,
+ "modelVersionId": "f4fb34f3-fd6e-4a8f-a3fb-4ab61a343b79",
+ "modelInvariantId": "2851cf01-9c40-4064-87d4-6184a6fcff35"
+ },
+ {
+ "type": "ALLOTTED_RESOURCE",
+ "name": "allotted-resource",
+ "deleteFlag": true,
+ "modelVersionId": "7ad0915f-25c0-4a70-b9bc-185a75f87564",
+ "modelInvariantId": "f6d6a23d-a1a9-48ff-8419-b6530da2d381"
+ },
+ {
+ "type": "TUNNEL_XCONNECT",
+ "name": "tunnel-xconnect",
+ "deleteFlag": true,
+ "modelVersionId": "e7cb4ca8-e1a5-4487-a716-4ae0bcd8aef5",
+ "modelInvariantId": "50b9e2fa-005c-4bbe-b651-3251dece4cd8"
+ },
+ {
+ "type": "CONFIGURATION",
+ "name": "configuration",
+ "deleteFlag": true,
+ "modelVersionId": "5a175add-57e4-4a5d-8b02-c36f1d69c52b",
+ "modelInvariantId": "166c050d-f69d-4305-943e-0bc58c3a26cf"
+ },
+ {
+ "type": "CR",
+ "name": "cr",
+ "deleteFlag": true,
+ "modelVersionId": "3f908abc-3a15-40d0-b674-2a639e52884d",
+ "modelInvariantId": "8bac3599-9a1c-4b7f-80e5-c1838f744c23"
+ },
+ {
+ "type": "INSTANCE_GROUP",
+ "name": "instance-group",
+ "deleteFlag": true,
+ "modelVersionId": "8e6ee9dc-9017-444a-83b3-219edb018128",
+ "modelInvariantId": "3bf1e610-45f7-4ad6-b833-ca4c5ee6a3fd"
+ }
+ ],
+ "widgetMappings": [
+ {
+ "prefix": "org.openecomp.resource.vfc",
+ "type": "widget",
+ "widget": "VSERVER",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.resource.cp",
+ "type": "widget",
+ "widget": "LINT",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.cp",
+ "type": "widget",
+ "widget": "LINT",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.resource.vl",
+ "widget": "L3_NET",
+ "deleteFlag": false
+ },
+ {
+ "prefix": "org.openecomp.resource.vf",
+ "widget": "VF",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.groups.vfmodule",
+ "widget": "VFMODULE",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.groups.VfModule",
+ "widget": "VFMODULE",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.resource.vfc.nodes.heat.cinder",
+ "type": "widget",
+ "widget": "VOLUME",
+ "deleteFlag": true
+ }
+ ]
+}
</root>
<!-- LOG "com.baeldung*" at TRACE level -->
- <logger name="org.onap.aaf.fproxy" level="trace" additivity="false">
- <appender-ref ref="RollingFile" />
- <appender-ref ref="Console" />
- </logger>
+ <logger name="org.onap.aaf.fproxy" level="info" />
</configuration>
\ No newline at end of file
</appender>
<!-- LOG everything at INFO level -->
- <root level="debug">
+ <root level="info">
<appender-ref ref="RollingFile" />
<appender-ref ref="Console" />
</root>
<!-- LOG "com.baeldung*" at TRACE level -->
- <logger name="org.onap.aaf.rproxy" level="trace" additivity="false">
- <appender-ref ref="RollingFile" />
- <appender-ref ref="Console" />
- </logger>
+ <logger name="org.onap.aaf.rproxy" level="info" />
</configuration>
namespace: {{ include "common.namespace" . }}
data:
{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }}
{{ end }}
\ No newline at end of file
- mountPath: /opt/app/babel/config/artifact-generator.properties
name: {{ include "common.fullname" . }}-config
subPath: artifact-generator.properties
- - mountPath: /opt/app/babel/config/filter-types.properties
+ - mountPath: /opt/app/babel/config/tosca-mappings.json
name: {{ include "common.fullname" . }}-config
- subPath: filter-types.properties
+ subPath: tosca-mappings.json
- mountPath: /opt/app/babel/config/babel-auth.properties
name: {{ include "common.fullname" . }}-config
subPath: babel-auth.properties
name: {{ include "common.fullname" . }}-config
subPath: logback.xml
resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
# side car containers
- name: filebeat-onap
- name: {{ include "common.fullname" . }}-rproxy-log-config
mountPath: /opt/app/rproxy/config/logback-spring.xml
subPath: logback-spring.xml
+ - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
+ subPath: uri-authorization.json
- name: {{ include "common.fullname" . }}-rproxy-auth-config
mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
subPath: tomcat_keystore
- name: {{ include "common.fullname" . }}-rproxy-auth-config
mountPath: /opt/app/rproxy/config/auth/client-cert.p12
subPath: client-cert.p12
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
- mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
- subPath: uri-authorization.json
- name: {{ include "common.fullname" . }}-rproxy-auth-config
mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
subPath: aaf_truststore.jks
items:
- key: artifact-generator.properties
path: artifact-generator.properties
- - key: filter-types.properties
- path: filter-types.properties
+ - key: tosca-mappings.json
+ path: tosca-mappings.json
- key: babel-auth.properties
path: babel-auth.properties
- key: logback.xml
- name: {{ include "common.fullname" . }}-rproxy-log-config
configMap:
name: {{ include "common.fullname" . }}-rproxy-log-config
+ - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
- name: {{ include "common.fullname" . }}-rproxy-auth-config
secret:
secretName: {{ include "common.fullname" . }}-rproxy-auth-config
metadata:
name: {{ include "common.fullname" . }}-babel-secrets
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }}
metadata:
name: {{ include "common.fullname" . }}-fproxy-auth-config
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }}
metadata:
name: {{ include "common.fullname" . }}-rproxy-auth-config
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
metadata:
name: {{ include "common.fullname" . }}-rproxy-security-config
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }}
# Global configuration defaults.
#################################################################
global:
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
loggingImage: beats/filebeat:5.5.0
#################################################################
#################################################################
# application image
-image: onap/babel:1.3.2
+image: onap/babel:1.4-STAGING-latest
flavor: small
apiVersion: v1
description: ONAP AAI Cassandra
name: aai-cassandra
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP AAI Champ microservice
name: aai-champ
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
</root>
<!-- LOG "com.baeldung*" at TRACE level -->
- <logger name="org.onap.aaf.fproxy" level="trace" additivity="false">
- <appender-ref ref="RollingFile" />
- <appender-ref ref="Console" />
- </logger>
-
+ <logger name="org.onap.aaf.fproxy" level="info" />
+
</configuration>
\ No newline at end of file
"permissions": [
"test\\.auth\\.access\\|services\\|GET,PUT",
"\\|services\\|GET"
- ]
+ ]
},
{
"uri": "\/services\/inventory\/.*",
"permissions": [
- "org\\.access\\|\\*\\|\\*"
- ]
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
},
{
- "uri": "\/services\/champ-service\/.*",
- "permissions": [
- "org\\.access\\|\\*\\|\\*"
- ]
- }
+ "uri": "\/services\/champ-service\/.*",
+ "permissions": [
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
+ }
]
#hostname=test.aic.cip.att.com
cadi_loglevel=DEBUG
-cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+# OAuth2
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
+
+# Locate URL (which AAF Env)
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+
+# AAF URL
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12
+cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV
+cadi_alias=aai@aai.onap.org
cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
-# Configure AAF
-aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}}
aaf_env=DEV
aaf_id=demo@people.osaaf.org
</appender>
<!-- LOG everything at INFO level -->
- <root level="debug">
+ <root level="info">
<appender-ref ref="RollingFile" />
<appender-ref ref="Console" />
</root>
<!-- LOG "com.baeldung*" at TRACE level -->
- <logger name="org.onap.aaf.rproxy" level="trace" additivity="false">
- <appender-ref ref="RollingFile" />
- <appender-ref ref="Console" />
- </logger>
+ <logger name="org.onap.aaf.rproxy" level="info" />
</configuration>
\ No newline at end of file
+++ /dev/null
-bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM
-1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29
-xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK
-BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm
-6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99
-QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm
-zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6
-x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf
-8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz
-FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz
-UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r
-banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv
-6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG
-yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB
-xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB
-lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq
-ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE
-fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v
-1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5
-liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc
-0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u
-PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm
-8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv
-dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ
--85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn
-c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J
-uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao
\ No newline at end of file
namespace: {{ include "common.namespace" . }}
data:
{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }}
{{ end }}
\ No newline at end of file
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
- {{ if .Values.global.installSidecarSecurity }}
- hostAliases:
- - ip: {{ .Values.global.aaf.serverIp }}
- hostnames:
- - {{ .Values.global.aaf.serverHostname }}
- {{ end }}
initContainers:
- command:
- /root/ready.py
- mountPath: /var/log/onap
name: {{ include "common.fullname" . }}-logs
resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
# side car containers
- name: filebeat-onap
- name: {{ include "common.fullname" . }}-rproxy-log-config
mountPath: /opt/app/rproxy/config/logback-spring.xml
subPath: logback-spring.xml
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
+ subPath: uri-authorization.json
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
subPath: tomcat_keystore
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
mountPath: /opt/app/rproxy/config/auth/client-cert.p12
subPath: client-cert.p12
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
- mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
- subPath: uri-authorization.json
- #- name: {{ include "common.fullname" . }}-rproxy-auth-config
- # mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
- # subPath: aaf_truststore.jks
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12
+ subPath: org.onap.aai.p12
- name: {{ include "common.fullname" . }}-rproxy-security-config
mountPath: /opt/app/rproxy/config/security/keyfile
subPath: keyfile
- name: CONFIG_HOME
value: "/opt/app/fproxy/config"
- name: KEY_STORE_PASSWORD
- value: {{ .Values.config.keyStorePassword }}
+ value: {{ .Values.config.keyStorePassword }}
+ - name: TRUST_STORE_PASSWORD
+ value: {{ .Values.config.trustStorePassword }}
- name: spring_profiles_active
value: {{ .Values.global.fproxy.activeSpringProfiles }}
volumeMounts:
- name: {{ include "common.fullname" . }}-fproxy-log-config
mountPath: /opt/app/fproxy/config/logback-spring.xml
subPath: logback-spring.xml
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
subPath: tomcat_keystore
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+ mountPath: /opt/app/fproxy/config/auth/fproxy_truststore
+ subPath: fproxy_truststore
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
mountPath: /opt/app/fproxy/config/auth/client-cert.p12
subPath: client-cert.p12
ports:
- name: {{ include "common.fullname" . }}-rproxy-log-config
configMap:
name: {{ include "common.fullname" . }}-rproxy-log-config
+ - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
- name: {{ include "common.fullname" . }}-rproxy-auth-config
secret:
secretName: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ secret:
+ secretName: aai-rproxy-auth-certs
- name: {{ include "common.fullname" . }}-rproxy-security-config
secret:
- secretName: {{ include "common.fullname" . }}-rproxy-security-config
+ secretName: aai-rproxy-security-config
- name: {{ include "common.fullname" . }}-fproxy-config
configMap:
name: {{ include "common.fullname" . }}-fproxy-config
- name: {{ include "common.fullname" . }}-fproxy-log-config
configMap:
name: {{ include "common.fullname" . }}-fproxy-log-config
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
secret:
- secretName: {{ include "common.fullname" . }}-fproxy-auth-config
+ secretName: aai-fproxy-auth-certs
{{ end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
metadata:
name: {{ include "common.fullname" . }}-champ
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/config/appconfig/auth/*").AsSecrets . | indent 2 }}
---
apiVersion: v1
kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-fproxy-auth-config
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
metadata:
name: {{ include "common.fullname" . }}-rproxy-auth-config
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-rproxy-security-config
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }}
{{ end }}
\ No newline at end of file
# Global configuration defaults.
#################################################################
global:
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
loggingImage: beats/filebeat:5.5.0
#################################################################
#################################################################
# application image
-image: onap/champ:1.3.0
+image: onap/champ:1.4-STAGING-latest
flavor: small
config:
keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
# default number of instances
replicaCount: 1
apiVersion: v1
description: ONAP AAI Data-Router
name: aai-data-router
-version: 3.0.0
+version: 4.0.0
release: {{ .Release.Name }}
name: {{ include "common.name" . }}
spec:
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
initContainers:
- command:
- /bin/sh
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
# side car containers
- name: filebeat-onap
name: {{ include "common.fullname" . }}-logs
- mountPath: /usr/share/filebeat/data
name: aai-filebeat
+ resources:
+{{ include "common.resources" . }}
volumes:
- name: localtime
hostPath:
metadata:
name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }}
apiVersion: v1
description: ONAP AAI elasticsearch
name: aai-elasticsearch
-version: 3.0.0
+version: 4.0.0
--- /dev/null
+#!/bin/sh
+
+/usr/share/elasticsearch/plugins/search-guard-6/tools/sgadmin.sh \
+ -cd /usr/share/elasticsearch/config/sg \
+ -ks /usr/share/elasticsearch/config/sg/auth/{{ .Values.config.adminKeyStore }} \
+ -ts /usr/share/elasticsearch/config/sg/auth/{{ .Values.config.trustStore }} \
+ -kspass {{ .Values.config.adminKeyStorePassword }} \
+ -tspass {{ .Values.config.trustStorePassword}} \
+ -nhnv \
+ -icl \
+ -p {{ .Values.service.internalPort2 }}
\ No newline at end of file
--- /dev/null
+#!/bin/sh
+
+# Wait for ES to start then initialize SearchGuard
+/usr/local/bin/docker-entrypoint.sh eswrapper &
+/usr/share/elasticsearch/bin/wait_until_started.sh
+/usr/share/elasticsearch/bin/init_sg.sh
+
+wait
\ No newline at end of file
--- /dev/null
+#!/bin/sh
+RET=1
+
+while [[ RET -ne 0 ]]; do
+ echo "Waiting for Elasticsearch to become ready before running sgadmin..."
+ curl -XGET -k "https://localhost:{{ .Values.service.internalPort }}/" >/dev/null 2>&1
+ RET=$?
+ sleep 5
+done
\ No newline at end of file
# Set a custom port for the node to node communication (9300 by default):
-transport.tcp.port: {{ .Values.config.tcpPort }}
+transport.tcp.port: {{ .Values.service.internalPort2 }}
# Enable compression for all communication between nodes (disabled by default):
transport.tcp.compress: false
### SEARCH GUARD SSL #
### Configuration #
###############################################################################################
-## Uncomment all lines below prefixed with #X# (globally remove #X#) for searchguard
-##
-###############################################################################################
-### Transport layer SSL #
-### #
-###############################################################################################
-### Enable or disable node-to-node ssl encryption (default: true)
-#X#searchguard.ssl.transport.enable_openssl_if_available: true
-#X#searchguard.ssl.transport.enabled: true
-### JKS or PKCS12 (default: JKS)
-#X#searchguard.ssl.transport.keystore_type: JKS
-### Relative path to the keystore file (mandatory, this stores the server certificates), must be placed under the config/ dir
-#X#searchguard.ssl.transport.keystore_filepath: /some/path
-### Alias name (default: first alias which could be found)
-###searchguard.ssl.transport.keystore_alias: localhost
-### Keystore password (default: changeit)
-#X#searchguard.ssl.transport.keystore_password: changeit
-##
-### JKS or PKCS12 (default: JKS)
-#X#searchguard.ssl.transport.truststore_type: JKS
-### Relative path to the truststore file (mandatory, this stores the client/root certificates), must be placed under the config/ dir
-#X#searchguard.ssl.transport.truststore_filepath: truststore.jks
-### Alias name (default: first alias which could be found)
-###searchguard.ssl.transport.truststore_alias: my_alias
-### Truststore password (default: changeit)
-#X#searchguard.ssl.transport.truststore_password: changeit
-### Enforce hostname verification (default: true)
-###searchguard.ssl.transport.enforce_hostname_verification: true
-### If hostname verification specify if hostname should be resolved (default: true)
-###searchguard.ssl.transport.resolve_hostname: true
-### Use native Open SSL instead of JDK SSL if available (default: true)
-###searchguard.ssl.transport.enable_openssl_if_available: false
-##
-###############################################################################################
-### HTTP/REST layer SSL #
-### #
-###############################################################################################
-### Enable or disable rest layer security - https, (default: false)
-#X#searchguard.ssl.http.enable_openssl_if_available: true
-#X#searchguard.ssl.http.enabled: true
-### JKS or PKCS12 (default: JKS)
-#X#searchguard.ssl.http.keystore_type: JKS
-### Relative path to the keystore file (this stores the server certificates), must be placed under the config/ dir
-#X#searchguard.ssl.http.keystore_filepath: /keystore/path
-### Alias name (default: first alias which could be found)
-###searchguard.ssl.http.keystore_alias: my_alias
-### Keystore password (default: changeit)
-#X#searchguard.ssl.http.keystore_password: changeit
-### Do the clients (typically the browser or the proxy) have to authenticate themself to the http server, default is OPTIONAL
-### To enforce authentication use REQUIRE, to completely disable client certificates use NONE
-###searchguard.ssl.http.clientauth_mode: REQUIRE
-### JKS or PKCS12 (default: JKS)
-#X#searchguard.ssl.http.truststore_type: JKS
-### Relative path to the truststore file (this stores the client certificates), must be placed under the config/ dir
-#X#searchguard.ssl.http.truststore_filepath: truststore.jks
-### Alias name (default: first alias which could be found)
-###searchguard.ssl.http.truststore_alias: my_alias
-### Truststore password (default: changeit)
-#X#searchguard.ssl.http.truststore_password: changeit
-### Use native Open SSL instead of JDK SSL if available (default: true)
-###searchguard.ssl.http.enable_openssl_if_available: false
-
-#####################################################
-##### Security manager - Searchguard Configuration
-#####################################################
-#X#security.manager.enabled: false
-#X#searchguard.authcz.admin_dn:
-
-#####################################################
-##### X-Pack Configuration
-#####################################################
+######## Start Search Guard Demo Configuration ########
+
+searchguard.enterprise_modules_enabled: false
+
+searchguard.ssl.transport.keystore_filepath: sg/auth/{{ .Values.config.nodeKeyStore }}
+searchguard.ssl.transport.keystore_password: {{ .Values.config.nodeKeyStorePassword }}
+searchguard.ssl.transport.truststore_filepath: sg/auth/{{ .Values.config.trustStore }}
+searchguard.ssl.transport.truststore_password: {{ .Values.config.trustStorePassword }}
+searchguard.ssl.transport.enforce_hostname_verification: false
+
+searchguard.ssl.http.enabled: true
+searchguard.ssl.http.keystore_filepath: sg/auth/{{ .Values.config.nodeKeyStore }}
+searchguard.ssl.http.keystore_password: {{ .Values.config.nodeKeyStorePassword }}
+searchguard.ssl.http.truststore_filepath: sg/auth/{{ .Values.config.trustStore }}
+searchguard.ssl.http.truststore_password: {{ .Values.config.trustStorePassword }}
+
+searchguard.nodes_dn:
+ - CN=esaai
+
+searchguard.authcz.admin_dn:
+ - CN=sgadmin
+
+# x-pack security conflicts with searchguard
xpack.security.enabled: false
xpack.ml.enabled: false
xpack.monitoring.enabled: false
--- /dev/null
+UNLIMITED:
+ readonly: true
+ permissions:
+ - "*"
+
+###### INDEX LEVEL ######
+
+INDICES_ALL:
+ readonly: true
+ permissions:
+ - "indices:*"
+
+# for backward compatibility
+ALL:
+ readonly: true
+ permissions:
+ - INDICES_ALL
+
+MANAGE:
+ readonly: true
+ permissions:
+ - "indices:monitor/*"
+ - "indices:admin/*"
+
+CREATE_INDEX:
+ readonly: true
+ permissions:
+ - "indices:admin/create"
+ - "indices:admin/mapping/put"
+
+MANAGE_ALIASES:
+ readonly: true
+ permissions:
+ - "indices:admin/aliases*"
+
+# for backward compatibility
+MONITOR:
+ readonly: true
+ permissions:
+ - INDICES_MONITOR
+
+INDICES_MONITOR:
+ readonly: true
+ permissions:
+ - "indices:monitor/*"
+
+DATA_ACCESS:
+ readonly: true
+ permissions:
+ - "indices:data/*"
+ - CRUD
+
+WRITE:
+ readonly: true
+ permissions:
+ - "indices:data/write*"
+ - "indices:admin/mapping/put"
+
+READ:
+ readonly: true
+ permissions:
+ - "indices:data/read*"
+ - "indices:admin/mappings/fields/get*"
+
+DELETE:
+ readonly: true
+ permissions:
+ - "indices:data/write/delete*"
+
+CRUD:
+ readonly: true
+ permissions:
+ - READ
+ - WRITE
+
+SEARCH:
+ readonly: true
+ permissions:
+ - "indices:data/read/search*"
+ - "indices:data/read/msearch*"
+ - SUGGEST
+
+SUGGEST:
+ readonly: true
+ permissions:
+ - "indices:data/read/suggest*"
+
+INDEX:
+ readonly: true
+ permissions:
+ - "indices:data/write/index*"
+ - "indices:data/write/update*"
+ - "indices:admin/mapping/put"
+ - "indices:data/write/bulk*"
+
+GET:
+ readonly: true
+ permissions:
+ - "indices:data/read/get*"
+ - "indices:data/read/mget*"
+
+###### CLUSTER LEVEL ######
+
+CLUSTER_ALL:
+ readonly: true
+ permissions:
+ - "cluster:*"
+
+CLUSTER_MONITOR:
+ readonly: true
+ permissions:
+ - "cluster:monitor/*"
+
+CLUSTER_COMPOSITE_OPS_RO:
+ readonly: true
+ permissions:
+ - "indices:data/read/mget"
+ - "indices:data/read/msearch"
+ - "indices:data/read/mtv"
+ - "indices:data/read/coordinate-msearch*"
+ - "indices:admin/aliases/exists*"
+ - "indices:admin/aliases/get*"
+ - "indices:data/read/scroll"
+
+CLUSTER_COMPOSITE_OPS:
+ readonly: true
+ permissions:
+ - "indices:data/write/bulk"
+ - "indices:admin/aliases*"
+ - "indices:data/write/reindex"
+ - CLUSTER_COMPOSITE_OPS_RO
+
+MANAGE_SNAPSHOTS:
+ readonly: true
+ permissions:
+ - "cluster:admin/snapshot/*"
+ - "cluster:admin/repository/*"
\ No newline at end of file
--- /dev/null
+# This is the main Search Guard configuration file where authentication
+# and authorization is defined.
+#
+# You need to configure at least one authentication domain in the authc of this file.
+# An authentication domain is responsible for extracting the user credentials from
+# the request and for validating them against an authentication backend like Active Directory for example.
+#
+# If more than one authentication domain is configured the first one which succeeds wins.
+# If all authentication domains fail then the request is unauthenticated.
+# In this case an exception is thrown and/or the HTTP status is set to 401.
+#
+# After authentication authorization (authz) will be applied. There can be zero or more authorizers which collect
+# the roles from a given backend for the authenticated user.
+#
+# Both, authc and auth can be enabled/disabled separately for REST and TRANSPORT layer. Default is true for both.
+# http_enabled: true
+# transport_enabled: true
+#
+# 5.x Migration: "enabled: true/false" will also be respected currently but only to provide backward compatibility.
+#
+# For HTTP it is possible to allow anonymous authentication. If that is the case then the HTTP authenticators try to
+# find user credentials in the HTTP request. If credentials are found then the user gets regularly authenticated.
+# If none can be found the user will be authenticated as an "anonymous" user. This user has always the username "sg_anonymous"
+# and one role named "sg_anonymous_backendrole".
+# If you enable anonymous authentication all HTTP authenticators will not challenge.
+#
+#
+# Note: If you define more than one HTTP authenticators make sure to put non-challenging authenticators like "proxy" or "clientcert"
+# first and the challenging one last.
+# Because it's not possible to challenge a client with two different authentication methods (for example
+# Kerberos and Basic) only one can have the challenge flag set to true. You can cope with this situation
+# by using pre-authentication, e.g. sending a HTTP Basic authentication header in the request.
+#
+# Default value of the challenge flag is true.
+#
+#
+# HTTP
+# basic (challenging)
+# proxy (not challenging, needs xff)
+# kerberos (challenging)
+# clientcert (not challenging, needs https)
+# jwt (not challenging)
+# host (not challenging) #DEPRECATED, will be removed in a future version.
+# host based authentication is configurable in sg_roles_mapping
+
+# Authc
+# internal
+# noop
+# ldap
+
+# Authz
+# ldap
+# noop
+
+searchguard:
+ dynamic:
+ # Set filtered_alias_mode to 'disallow' to forbid more than 2 filtered aliases per index
+ # Set filtered_alias_mode to 'warn' to allow more than 2 filtered aliases per index but warns about it (default)
+ # Set filtered_alias_mode to 'nowarn' to allow more than 2 filtered aliases per index silently
+ #filtered_alias_mode: warn
+ #kibana:
+ # Kibana multitenancy
+ # see https://github.com/floragunncom/search-guard-docs/blob/master/multitenancy.md
+ # To make this work you need to install https://github.com/floragunncom/search-guard-module-kibana-multitenancy/wiki
+ #multitenancy_enabled: true
+ #server_username: kibanaserver
+ #index: '.kibana'
+ #do_not_fail_on_forbidden: false
+ http:
+ anonymous_auth_enabled: false
+ xff:
+ enabled: false
+ internalProxies: '192\.168\.0\.10|192\.168\.0\.11' # regex pattern
+ #internalProxies: '.*' # trust all internal proxies, regex pattern
+ remoteIpHeader: 'x-forwarded-for'
+ proxiesHeader: 'x-forwarded-by'
+ #trustedProxies: '.*' # trust all external proxies, regex pattern
+ ###### see https://docs.oracle.com/javase/7/docs/api/java/util/regex/Pattern.html for regex help
+ ###### more information about XFF https://en.wikipedia.org/wiki/X-Forwarded-For
+ ###### and here https://tools.ietf.org/html/rfc7239
+ ###### and https://tomcat.apache.org/tomcat-8.0-doc/config/valve.html#Remote_IP_Valve
+ authc:
+ kerberos_auth_domain:
+ http_enabled: false
+ transport_enabled: false
+ order: 6
+ http_authenticator:
+ type: kerberos
+ challenge: true
+ config:
+ # If true a lot of kerberos/security related debugging output will be logged to standard out
+ krb_debug: false
+ # If true then the realm will be stripped from the user name
+ strip_realm_from_principal: true
+ authentication_backend:
+ type: noop
+ basic_internal_auth_domain:
+ http_enabled: true
+ transport_enabled: true
+ order: 2
+ http_authenticator:
+ type: basic
+ challenge: true
+ authentication_backend:
+ type: intern
+ proxy_auth_domain:
+ http_enabled: false
+ transport_enabled: false
+ order: 3
+ http_authenticator:
+ type: proxy
+ challenge: false
+ config:
+ user_header: "x-proxy-user"
+ roles_header: "x-proxy-roles"
+ authentication_backend:
+ type: noop
+ jwt_auth_domain:
+ http_enabled: false
+ transport_enabled: false
+ order: 0
+ http_authenticator:
+ type: jwt
+ challenge: false
+ config:
+ signing_key: "base64 encoded HMAC key or public RSA/ECDSA pem key"
+ jwt_header: "Authorization"
+ jwt_url_parameter: null
+ roles_key: null
+ subject_key: null
+ authentication_backend:
+ type: noop
+ clientcert_auth_domain:
+ http_enabled: true
+ transport_enabled: true
+ order: 1
+ http_authenticator:
+ type: clientcert
+ config:
+ username_attribute: cn #optional, if omitted DN becomes username
+ challenge: false
+ authentication_backend:
+ type: noop
+ ldap:
+ http_enabled: false
+ transport_enabled: false
+ order: 5
+ http_authenticator:
+ type: basic
+ challenge: false
+ authentication_backend:
+ # LDAP authentication backend (authenticate users against a LDAP or Active Directory)
+ type: ldap
+ config:
+ # enable ldaps
+ enable_ssl: false
+ # enable start tls, enable_ssl should be false
+ enable_start_tls: false
+ # send client certificate
+ enable_ssl_client_auth: false
+ # verify ldap hostname
+ verify_hostnames: true
+ hosts:
+ - localhost:8389
+ bind_dn: null
+ password: null
+ userbase: 'ou=people,dc=example,dc=com'
+ # Filter to search for users (currently in the whole subtree beneath userbase)
+ # {0} is substituted with the username
+ usersearch: '(sAMAccountName={0})'
+ # Use this attribute from the user as username (if not set then DN is used)
+ username_attribute: null
+ authz:
+ roles_from_myldap:
+ http_enabled: false
+ transport_enabled: false
+ authorization_backend:
+ # LDAP authorization backend (gather roles from a LDAP or Active Directory, you have to configure the above LDAP authentication backend settings too)
+ type: ldap
+ config:
+ # enable ldaps
+ enable_ssl: false
+ # enable start tls, enable_ssl should be false
+ enable_start_tls: false
+ # send client certificate
+ enable_ssl_client_auth: false
+ # verify ldap hostname
+ verify_hostnames: true
+ hosts:
+ - localhost:8389
+ bind_dn: null
+ password: null
+ rolebase: 'ou=groups,dc=example,dc=com'
+ # Filter to search for roles (currently in the whole subtree beneath rolebase)
+ # {0} is substituted with the DN of the user
+ # {1} is substituted with the username
+ # {2} is substituted with an attribute value from user's directory entry, of the authenticated user. Use userroleattribute to specify the name of the attribute
+ rolesearch: '(member={0})'
+ # Specify the name of the attribute which value should be substituted with {2} above
+ userroleattribute: null
+ # Roles as an attribute of the user entry
+ userrolename: disabled
+ #userrolename: memberOf
+ # The attribute in a role entry containing the name of that role, Default is "name".
+ # Can also be "dn" to use the full DN as rolename.
+ rolename: cn
+ # Resolve nested roles transitive (roles which are members of other roles and so on ...)
+ resolve_nested_roles: true
+ userbase: 'ou=people,dc=example,dc=com'
+ # Filter to search for users (currently in the whole subtree beneath userbase)
+ # {0} is substituted with the username
+ usersearch: '(uid={0})'
+ # Skip users matching a user name, a wildcard or a regex pattern
+ #skip_users:
+ # - 'cn=Michael Jackson,ou*people,o=TEST'
+ # - '/\S*/'
+ roles_from_another_ldap:
+ enabled: false
+ authorization_backend:
+ type: ldap
+ #config goes here ...
--- /dev/null
+# This is the internal user database
+# The hash value is a bcrypt hash and can be generated with plugin/tools/hash.sh
+
+#password is: admin
+admin:
+ readonly: true
+ hash: $2a$12$VcCDgh2NDk07JGN0rjGbM.Ad41qVR/YFJcgHp0UGns5JDymv..TOG
+ roles:
+ - admin
+ attributes:
+ #no dots allowed in attribute names
+ attribute1: value1
+ attribute2: value2
+ attribute3: value3
+
+#password is: logstash
+logstash:
+ hash: $2a$12$u1ShR4l4uBS3Uv59Pa2y5.1uQuZBrZtmNfqB3iM/.jL0XoV9sghS2
+ roles:
+ - logstash
+
+#password is: kibanaserver
+kibanaserver:
+ readonly: true
+ hash: $2a$12$4AcgAt3xwOWadA5s5blL6ev39OXDNhmOesEoo33eZtrq2N0YrU3H.
+
+#password is: kibanaro
+kibanaro:
+ hash: $2a$12$JJSXNfTowz7Uu5ttXfeYpeYE0arACvcwlPBStB1F.MI7f0U9Z4DGC
+ roles:
+ - kibanauser
+ - readall
+
+#password is: readall
+readall:
+ hash: $2a$12$ae4ycwzwvLtZxwZ82RmiEunBbIPiAmGZduBAjKN0TXdwQFtCwARz2
+ #password is: readall
+ roles:
+ - readall
+
+#password is: snapshotrestore
+snapshotrestore:
+ hash: $2y$12$DpwmetHKwgYnorbgdvORCenv4NAK8cPUg8AI6pxLCuWf/ALc0.v7W
+ roles:
+ - snapshotrestore
\ No newline at end of file
--- /dev/null
+# Allows everything, but no changes to searchguard configuration index
+sg_all_access:
+ readonly: true
+ cluster:
+ - UNLIMITED
+ indices:
+ '*':
+ '*':
+ - UNLIMITED
+ tenants:
+ admin_tenant: RW
+
+# Read all, but no write permissions
+sg_readall:
+ readonly: true
+ cluster:
+ - CLUSTER_COMPOSITE_OPS_RO
+ indices:
+ '*':
+ '*':
+ - READ
+
+# Read all and monitor, but no write permissions
+sg_readall_and_monitor:
+ cluster:
+ - CLUSTER_MONITOR
+ - CLUSTER_COMPOSITE_OPS_RO
+ indices:
+ '*':
+ '*':
+ - READ
+
+# For users which use kibana, access to indices must be granted separately
+sg_kibana_user:
+ readonly: true
+ cluster:
+ - INDICES_MONITOR
+ - CLUSTER_COMPOSITE_OPS
+ indices:
+ '?kibana':
+ '*':
+ - MANAGE
+ - INDEX
+ - READ
+ - DELETE
+ '?kibana-6':
+ '*':
+ - MANAGE
+ - INDEX
+ - READ
+ - DELETE
+ '?kibana_*':
+ '*':
+ - MANAGE
+ - INDEX
+ - READ
+ - DELETE
+ '?tasks':
+ '*':
+ - INDICES_ALL
+ '?management-beats':
+ '*':
+ - INDICES_ALL
+ '*':
+ '*':
+ - indices:data/read/field_caps*
+ - indices:data/read/xpack/rollup*
+ - indices:admin/mappings/get*
+ - indices:admin/get
+
+# For the kibana server
+sg_kibana_server:
+ readonly: true
+ cluster:
+ - CLUSTER_MONITOR
+ - CLUSTER_COMPOSITE_OPS
+ - cluster:admin/xpack/monitoring*
+ - indices:admin/template*
+ - indices:data/read/scroll*
+ indices:
+ '?kibana':
+ '*':
+ - INDICES_ALL
+ '?kibana-6':
+ '*':
+ - INDICES_ALL
+ '?kibana_*':
+ '*':
+ - INDICES_ALL
+ '?reporting*':
+ '*':
+ - INDICES_ALL
+ '?monitoring*':
+ '*':
+ - INDICES_ALL
+ '?tasks':
+ '*':
+ - INDICES_ALL
+ '?management-beats*':
+ '*':
+ - INDICES_ALL
+ '*':
+ '*':
+ - "indices:admin/aliases*"
+
+# For logstash and beats
+sg_logstash:
+ cluster:
+ - CLUSTER_MONITOR
+ - CLUSTER_COMPOSITE_OPS
+ - indices:admin/template/get
+ - indices:admin/template/put
+ indices:
+ 'logstash-*':
+ '*':
+ - CRUD
+ - CREATE_INDEX
+ '*beat*':
+ '*':
+ - CRUD
+ - CREATE_INDEX
+
+# Allows adding and modifying repositories and creating and restoring snapshots
+sg_manage_snapshots:
+ cluster:
+ - MANAGE_SNAPSHOTS
+ indices:
+ '*':
+ '*':
+ - "indices:data/write/index"
+ - "indices:admin/create"
+
+# Allows each user to access own named index
+sg_own_index:
+ cluster:
+ - CLUSTER_COMPOSITE_OPS
+ indices:
+ '${user_name}':
+ '*':
+ - INDICES_ALL
+
+### X-Pack COMPATIBILITY
+sg_xp_monitoring:
+ readonly: true
+ cluster:
+ - cluster:monitor/xpack/info
+ - cluster:monitor/main
+ - cluster:admin/xpack/monitoring/bulk
+ indices:
+ '?monitor*':
+ '*':
+ - INDICES_ALL
+
+sg_xp_alerting:
+ readonly: true
+ cluster:
+ - indices:data/read/scroll
+ - cluster:admin/xpack/watcher*
+ - cluster:monitor/xpack/watcher*
+ indices:
+ '?watches*':
+ '*':
+ - INDICES_ALL
+ '?watcher-history-*':
+ '*':
+ - INDICES_ALL
+ '?triggered_watches':
+ '*':
+ - INDICES_ALL
+ '*':
+ '*':
+ - READ
+ - indices:admin/aliases/get
+
+sg_xp_machine_learning:
+ readonly: true
+ cluster:
+ - cluster:admin/persistent*
+ - cluster:internal/xpack/ml*
+ - indices:data/read/scroll*
+ - cluster:admin/xpack/ml*
+ - cluster:monitor/xpack/ml*
+ indices:
+ '*':
+ '*':
+ - READ
+ - indices:admin/get*
+ '?ml-*':
+ '*':
+ - "*"
+
+### LEGACY ROLES, FOR COMPATIBILITY ONLY
+### WILL BE REMOVED IN SG7, DO NOT USE ANYMORE
+
+sg_readonly_and_monitor:
+ cluster:
+ - CLUSTER_MONITOR
+ - CLUSTER_COMPOSITE_OPS_RO
+ indices:
+ '*':
+ '*':
+ - READ
+
+# Make xpack monitoring work
+sg_monitor:
+ cluster:
+ - cluster:admin/xpack/monitoring/*
+ - cluster:admin/ingest/pipeline/put
+ - cluster:admin/ingest/pipeline/get
+ - indices:admin/template/get
+ - indices:admin/template/put
+ - CLUSTER_MONITOR
+ - CLUSTER_COMPOSITE_OPS
+ indices:
+ '?monitor*':
+ '*':
+ - INDICES_ALL
+ '?marvel*':
+ '*':
+ - INDICES_ALL
+ '?kibana*':
+ '*':
+ - READ
+ '*':
+ '*':
+ - indices:data/read/field_caps
+
+# Make xpack alerting work
+sg_alerting:
+ cluster:
+ - indices:data/read/scroll
+ - cluster:admin/xpack/watcher/watch/put
+ - cluster:admin/xpack/watcher*
+ - CLUSTER_MONITOR
+ - CLUSTER_COMPOSITE_OPS
+ indices:
+ '?kibana*':
+ '*':
+ - READ
+ '?watches*':
+ '*':
+ - INDICES_ALL
+ '?watcher-history-*':
+ '*':
+ - INDICES_ALL
+ '?triggered_watches':
+ '*':
+ - INDICES_ALL
+ '*':
+ '*':
+ - READ
+
+
+sg_role_test:
+ cluster:
+ - indices:admin/template/get
+ - indices:admin/template/put
+ - CLUSTER_COMPOSITE_OPS
+ indices:
+ '*':
+ '*':
+ - UNLIMITED
--- /dev/null
+# In this file users, backendroles and hosts can be mapped to Search Guard roles.
+# Permissions for Search Guard roles are configured in sg_roles.yml
+
+sg_all_access:
+ readonly: true
+ backendroles:
+ - admin
+
+sg_logstash:
+ backendroles:
+ - logstash
+
+sg_kibana_server:
+ readonly: true
+ users:
+ - kibanaserver
+
+sg_kibana_user:
+ backendroles:
+ - kibanauser
+
+sg_readall:
+ readonly: true
+ backendroles:
+ - readall
+
+sg_manage_snapshots:
+ readonly: true
+ backendroles:
+ - snapshotrestore
+
+sg_own_index:
+ users:
+ - '*'
+
+sg_role_test:
+ users:
+ - test
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
-#{{ if not .Values.disableAaiElasticsearch }}
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-es-config
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
-#{{ end }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-sg-scripts
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/bin/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-sg-config
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/sg/*").AsConfig . | indent 2 }}
release: {{ .Release.Name }}
name: {{ include "common.name" . }}
spec:
+ hostname: {{ include "common.name" . }}
initContainers:
- command:
- /bin/sh
securityContext:
privileged: true
image: {{ .Values.global.dockerhubRepository | default .Values.dockerhubRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
name: init-sysctl
volumeMounts:
- name: elasticsearch-data
mountPath: /logroot/
- hostname: {{ include "common.name" . }}
containers:
- name: {{ include "common.name" . }}
- image: {{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
ports:
- containerPort: {{ .Values.service.internalPort }}
+ - containerPort: {{ .Values.service.internalPort2 }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
- name: elasticsearch-config
subPath: log4j2.properties
mountPath: /usr/share/elasticsearch/config/log4j2.properties
+ - name: searchguard-scripts
+ subPath: run.sh
+ mountPath: /usr/share/elasticsearch/bin/run.sh
+ - name: searchguard-scripts
+ subPath: wait_until_started.sh
+ mountPath: /usr/share/elasticsearch/bin/wait_until_started.sh
+ - name: searchguard-scripts
+ subPath: init_sg.sh
+ mountPath: /usr/share/elasticsearch/bin/init_sg.sh
+ - name: searchguard-config
+ mountPath: /usr/share/elasticsearch/config/sg
+ - name: searchguard-auth-config
+ mountPath: /usr/share/elasticsearch/config/sg/auth
- name: elasticsearch-data
mountPath: /usr/share/elasticsearch/data
resources:
path: /etc/localtime
- name: elasticsearch-config
configMap:
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-es-config
+ - name: searchguard-scripts
+ configMap:
+ name: {{ include "common.fullname" . }}-sg-scripts
+ defaultMode: 0754
+ - name: searchguard-config
+ configMap:
+ name: {{ include "common.fullname" . }}-sg-config
+ - name: searchguard-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-sg-auth
- name: elasticsearch-data
hostPath:
path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+ restartPolicy: {{ .Values.restartPolicy }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
apiVersion: v1
-kind: ConfigMap
+kind: Secret
metadata:
- name: {{ include "common.fullname" . }}-settings
+ name: {{ include "common.fullname" . }}-sg-auth
namespace: {{ include "common.namespace" . }}
+type: Opaque
data:
-{{ tpl (.Files.Glob "resources/config/em/*").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/sg/auth/*").AsSecrets . | indent 2 }}
\ No newline at end of file
spec:
type: {{ .Values.service.type }}
ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end}}
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.internalPort2 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- else -}}
+ - port: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.internalPort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- end}}
selector:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
nodePortPrefix: 302
# application image
-loggingRepository: docker.elastic.co
-image: elasticsearch/elasticsearch:6.1.2
+image: onap/elasticsearch-sg:1.4-STAGING-latest
pullPolicy: Always
+restartPolicy: Always
flavor: small
# application configuration
config:
tcpPort: 8443
-
+ nodeKeyStore: esaai-keystore.jks
+ nodeKeyStorePassword: b87b46d3da7d3d4aadfe
+ adminKeyStore: sgadmin-keystore.p12
+ adminKeyStorePassword: 341274302a70ad691e12
+ trustStore: truststore.jks
+ trustStorePassword: b200926e9da205487f63
# default number of instances
replicaCount: 1
name: aai-elasticsearch
portName: aai-elasticsearch
internalPort: 9200
+ portName2: aai-elasticsearch-tcp
+ internalPort2: 8443
ingress:
enabled: false
apiVersion: v1
description: Gizmo service
name: aai-gizmo
-version: 3.0.0
+version: 4.0.0
<appender-ref ref="Console" />
</root>
- <!-- LOG "com.baeldung*" at TRACE level -->
- <logger name="org.onap.aaf.fproxy" level="trace" additivity="false">
- <appender-ref ref="RollingFile" />
- <appender-ref ref="Console" />
- </logger>
+ <!-- LOG "org.onap.aaf.fproxy*" at INFO level -->
+ <logger name="org.onap.aaf.fproxy" level="info" />
</configuration>
\ No newline at end of file
"permissions": [
"test\\.auth\\.access\\|services\\|GET,PUT",
"\\|services\\|GET"
- ]
+ ]
},
{
"uri": "\/services\/inventory\/.*",
"permissions": [
- "org\\.access\\|\\*\\|\\*"
- ]
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
},
{
"uri": "\/services\/gizmo\/.*",
"permissions": [
- "org\\.access\\|\\*\\|\\*"
- ]
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
}
]
#hostname=test.aic.cip.att.com
cadi_loglevel=DEBUG
-cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+# OAuth2
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
+
+# Locate URL (which AAF Env)
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+
+# AAF URL
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12
+cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV
+cadi_alias=aai@aai.onap.org
cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
-# Configure AAF
-aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}}
aaf_env=DEV
aaf_id=demo@people.osaaf.org
aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz
# This is a colon separated list of client cert issuers
-cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
+cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
\ No newline at end of file
</appender>
<!-- LOG everything at INFO level -->
- <root level="debug">
+ <root level="info">
<appender-ref ref="RollingFile" />
<appender-ref ref="Console" />
</root>
- <!-- LOG "com.baeldung*" at TRACE level -->
- <logger name="org.onap.aaf.rproxy" level="trace" additivity="false">
- <appender-ref ref="RollingFile" />
- <appender-ref ref="Console" />
- </logger>
+ <!-- LOG "org.onap.aaf.rproxy*" at INFO level -->
+ <logger name="org.onap.aaf.rproxy" level="info" />
</configuration>
+++ /dev/null
-bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM
-1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29
-xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK
-BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm
-6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99
-QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm
-zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6
-x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf
-8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz
-FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz
-UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r
-banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv
-6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG
-yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB
-xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB
-lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq
-ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE
-fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v
-1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5
-liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc
-0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u
-PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm
-8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv
-dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ
--85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn
-c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J
-uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao
\ No newline at end of file
namespace: {{ include "common.namespace" . }}
data:
{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }}
{{ end }}
release: {{ .Release.Name }}
spec:
{{ if .Values.global.installSidecarSecurity }}
- hostAliases:
- - ip: {{ .Values.global.aaf.serverIp }}
- hostnames:
- - {{ .Values.global.aaf.serverHostname }}
-
initContainers:
- name: {{ .Values.global.tproxyConfig.name }}
image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}"
tcpSocket:
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end }}
readinessProbe:
tcpSocket:
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: CONFIG_HOME
name: {{ include "common.fullname" . }}-logback-config
subPath: logback.xml
resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
- name: filebeat-onap
image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
- name: {{ include "common.fullname" . }}-rproxy-log-config
mountPath: /opt/app/rproxy/config/logback-spring.xml
subPath: logback-spring.xml
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
+ subPath: uri-authorization.json
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
subPath: tomcat_keystore
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
mountPath: /opt/app/rproxy/config/auth/client-cert.p12
subPath: client-cert.p12
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
- mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
- subPath: uri-authorization.json
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
- mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
- subPath: aaf_truststore.jks
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12
+ subPath: org.onap.aai.p12
- name: {{ include "common.fullname" . }}-rproxy-security-config
mountPath: /opt/app/rproxy/config/security/keyfile
subPath: keyfile
value: "/opt/app/fproxy/config"
- name: KEY_STORE_PASSWORD
value: {{ .Values.config.keyStorePassword }}
+ - name: TRUST_STORE_PASSWORD
+ value: {{ .Values.config.trustStorePassword }}
- name: spring_profiles_active
value: {{ .Values.global.fproxy.activeSpringProfiles }}
volumeMounts:
- name: {{ include "common.fullname" . }}-fproxy-log-config
mountPath: /opt/app/fproxy/config/logback-spring.xml
subPath: logback-spring.xml
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
subPath: tomcat_keystore
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+ mountPath: /opt/app/fproxy/config/auth/fproxy_truststore
+ subPath: fproxy_truststore
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
mountPath: /opt/app/fproxy/config/auth/client-cert.p12
subPath: client-cert.p12
ports:
- name: {{ include "common.fullname" . }}-rproxy-log-config
configMap:
name: {{ include "common.fullname" . }}-rproxy-log-config
+ - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
- name: {{ include "common.fullname" . }}-rproxy-auth-config
secret:
secretName: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ secret:
+ secretName: aai-rproxy-auth-certs
- name: {{ include "common.fullname" . }}-rproxy-security-config
secret:
- secretName: {{ include "common.fullname" . }}-rproxy-security-config
+ secretName: aai-rproxy-security-config
- name: {{ include "common.fullname" . }}-fproxy-config
configMap:
name: {{ include "common.fullname" . }}-fproxy-config
- name: {{ include "common.fullname" . }}-fproxy-log-config
configMap:
name: {{ include "common.fullname" . }}-fproxy-log-config
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
secret:
- secretName: {{ include "common.fullname" . }}-fproxy-auth-config
+ secretName: aai-fproxy-auth-certs
{{ end }}
imagePullSecrets:
---
apiVersion: v1
kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-fproxy-auth-config
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
metadata:
name: {{ include "common.fullname" . }}-rproxy-auth-config
namespace: {{ include "common.namespace" . }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-rproxy-security-config
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }}
{{ end }}
config:
keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 60
+ timeoutSeconds: 10
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 60
+ timeoutSeconds: 10
periodSeconds: 10
service:
apiVersion: v1
description: ONAP AAI GraphAdmin
name: aai-graphadmin
-version: 3.0.0
+version: 4.0.0
server.port=8449
server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
-server.ssl.key-store=${server.local.startpath}etc/auth/{{ .Values.global.config.keystore.filename }}
+server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
-server.ssl.trust-store=${server.local.startpath}etc/auth/{{ .Values.global.config.truststore.filename }}
+server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
server.ssl.client-auth=want
server.ssl.key-store-type=JKS
# Specifies the version that the application should default to
schema.version.api.default={{ .Values.global.config.schema.version.api.default }}
+schema.translator.list={{ .Values.global.config.schema.translator.list }}
+schema.service.base.url=https://aai-schema-service.{{ include "common.namespace" . }}:8452/aai/schema-service/v1/
+schema.service.nodes.endpoint=nodes?version=
+schema.service.edges.endpoint=edgerules?version=
+schema.service.versions.endpoint=versions
+schema.service.client={{ .Values.global.config.schema.service.client }}
+
+schema.service.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
+schema.service.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
+schema.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
+schema.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
============LICENSE_START=======================================================
org.onap.aai
================================================================================
- Copyright 2018 AT&T Intellectual Property. All rights reserved.
+ Copyright 2019 AT&T Intellectual Property. All rights reserved.
================================================================================
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
-->
<configuration scan="true" scanPeriod="60 seconds" debug="false">
- <statusListener class="ch.qos.logback.core.status.NopStatusListener" />
+ <statusListener class="ch.qos.logback.core.status.NopStatusListener" />
- <property resource="application.properties" />
+ <property resource="application.properties" />
- <property name="namespace" value="graph-admin"/>
+ <property name="namespace" value="graph-admin"/>
- <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
-
- <property name="logDirectory" value="${AJSC_HOME}/logs" />
- <property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
- <property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
- <property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
- <!-- <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> -->
- <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+
+ <property name="logDirectory" value="${AJSC_HOME}/logs" />
+ <property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <!-- <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> -->
+ <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
<property name="eelfTransLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{partnerName}:%m%n"/>
-
+
<conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" />
<conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" />
<conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" />
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <pattern>
- %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}
- </pattern>
- </encoder>
- </appender>
-
- <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/rest/sane.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder>
- <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
- </pattern>
- </encoder>
- </appender>
-
- <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="SANE" />
- </appender>
-
- <appender name="METRIC"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <file>${logDirectory}/rest/metrics.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfMetricLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="METRIC" />
- </appender>
-
- <appender name="DEBUG"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <file>${logDirectory}/rest/debug.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="DEBUG" />
- </appender>
-
- <appender name="ERROR"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <file>${logDirectory}/rest/error.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${"eelfErrorLogPattern"}</pattern>
- </encoder>
- </appender>
-
- <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="ERROR" />
- </appender>
-
- <appender name="AUDIT"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/rest/audit.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfAuditLogPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="AUDIT" />
- </appender>
-
- <appender name="translog"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <file>${logDirectory}/rest/translog.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfTransLogPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="translog" />
- </appender>
-
- <appender name="dmaapAAIEventConsumer"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${"eelfErrorLogPattern"}</pattern>
- </encoder>
- </appender>
-
- <appender name="dmaapAAIEventConsumerDebug"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="dmaapAAIEventConsumerMetric"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfMetricLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="external"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <file>${logDirectory}/external/external.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
-
- <!-- DataGrooming logs started -->
- <appender name="dataGrooming" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <File>${logDirectory}/dataGrooming/error.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dataGrooming/error.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfErrorLogPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="dataGroomingdebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/dataGrooming/debug.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dataGrooming/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="dataGroomingmetric" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/dataGrooming/metrics.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dataGrooming/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfMetricLogPattern}</pattern>
- </encoder>
- </appender>
-
- <!-- DataGrooming logs ended -->
-
- <!-- DataSnapshot logs started -->
- <appender name="dataSnapshot" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <File>${logDirectory}/dataSnapshot/error.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dataSnapshot/error.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfErrorLogPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="dataSnapshotdebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/dataSnapshot/debug.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dataSnapshot/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="dataSnapshotmetric" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/dataSnapshot/metrics.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dataSnapshot/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfMetricLogPattern}</pattern>
- </encoder>
- </appender>
-
- <!-- DataSnapshot logs ended -->
-
- <!-- CreateDBSchema logs started -->
- <appender name="createDBSchema" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <File>${logDirectory}/createDBSchema/error.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/createDBSchema/error.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${"eelfErrorLogPattern"}</pattern>
- </encoder>
- </appender>
-
- <appender name="createDBSchemadebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/createDBSchema/debug.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/createDBSchema/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="createDBSchemametric" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/createDBSchema/metrics.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/createDBSchema/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfMetricLogPattern}</pattern>
- </encoder>
- </appender>
- <!-- CreateDBSchema logs ended -->
-
- <!-- DataCleanupTasks logs started -->
- <appender name="dataCleanuperror" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <File>${logDirectory}/misc/error.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/misc/error.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${"eelfErrorLogPattern"}</pattern>
- </encoder>
- </appender>
-
- <appender name="dataCleanupdebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/misc/debug.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/misc/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="dataCleanupmetric" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/misc/metrics.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/misc/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfMetricLogPattern}</pattern>
- </encoder>
- </appender>
- <!-- DataCleanupTasks logs ended -->
-
- <!-- pullInvData logs started -->
- <appender name="pullInvData" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <File>${logDirectory}/pullInvData/error.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/pullInvData/error.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${"eelfErrorLogPattern"}</pattern>
- </encoder>
- </appender>
-
- <appender name="pullInvDatadebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/pullInvData/debug.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/pullInvData/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="pullInvDatametric" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/pullInvData/metrics.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/pullInvData/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfMetricLogPattern}</pattern>
- </encoder>
- </appender>
- <!-- pullInvData logs ended -->
- <!-- DataGrooming logs started -->
- <appender name="dataExportError" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <File>${logDirectory}/dataExport/error.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dataExport/error.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfErrorLogPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="dataExportDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/dataExport/debug.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dataExport/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="dataExportMetric" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/dataExport/metrics.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dataExport/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfMetricLogPattern}</pattern>
- </encoder>
- </appender>
-
- <logger name="org.onap.aai" level="DEBUG" additivity="false">
- <appender-ref ref="asyncDEBUG" />
- <appender-ref ref="asyncERROR" />
- <appender-ref ref="asyncMETRIC" />
- <appender-ref ref="asyncSANE" />
- </logger>
-
- <!-- Spring related loggers -->
- <logger name="org.springframework" level="WARN" />
- <logger name="org.springframework.beans" level="WARN" />
- <logger name="org.springframework.web" level="WARN" />
- <logger name="com.blog.spring.jms" level="WARN" />
- <logger name="com.jayway.jsonpath" level="WARN" />
-
- <!-- AJSC Services (bootstrap services) -->
- <logger name="ajsc" level="WARN" />
- <logger name="ajsc.RouteMgmtService" level="WARN" />
- <logger name="ajsc.ComputeService" level="WARN" />
- <logger name="ajsc.VandelayService" level="WARN" />
- <logger name="ajsc.FilePersistenceService" level="WARN" />
- <logger name="ajsc.UserDefinedJarService" level="WARN" />
- <logger name="ajsc.UserDefinedBeansDefService" level="WARN" />
- <logger name="ajsc.LoggingConfigurationService" level="WARN" />
-
- <!-- AJSC related loggers (DME2 Registration, csi logging, restlet, servlet
- logging) -->
- <logger name="org.codehaus.groovy" level="WARN" />
- <logger name="com.att.scamper" level="WARN" />
- <logger name="ajsc.utils" level="WARN" />
- <logger name="ajsc.utils.DME2Helper" level="WARN" />
- <logger name="ajsc.filters" level="WARN" />
- <logger name="ajsc.beans.interceptors" level="WARN" />
- <logger name="ajsc.restlet" level="WARN" />
- <logger name="ajsc.servlet" level="WARN" />
- <logger name="com.att.ajsc" level="WARN" />
- <logger name="com.att.ajsc.csi.logging" level="WARN" />
- <logger name="com.att.ajsc.filemonitor" level="WARN" />
- <logger name="com.netflix.loadbalancer" level="WARN" />
-
- <logger name="org.apache.zookeeper" level="WARN" />
-
- <!-- Other Loggers that may help troubleshoot -->
- <logger name="net.sf" level="WARN" />
- <logger name="org.apache.commons.httpclient" level="WARN" />
- <logger name="org.apache.commons" level="WARN" />
- <logger name="org.apache.coyote" level="WARN" />
- <logger name="org.apache.jasper" level="WARN" />
-
- <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
- May aid in troubleshooting) -->
- <logger name="org.apache.camel" level="WARN" />
- <logger name="org.apache.cxf" level="WARN" />
- <logger name="org.apache.camel.processor.interceptor" level="WARN" />
- <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
- <logger name="org.apache.cxf.service" level="WARN" />
- <logger name="org.restlet" level="WARN" />
- <logger name="org.apache.camel.component.restlet" level="WARN" />
-
- <logger name="org.hibernate.validator" level="WARN" />
- <logger name="org.hibernate" level="WARN" />
- <logger name="org.hibernate.ejb" level="OFF" />
-
- <!-- logback internals logging -->
- <logger name="ch.qos.logback.classic" level="WARN" />
- <logger name="ch.qos.logback.core" level="WARN" />
-
- <logger name="org.eclipse.jetty" level="WARN" />
-
- <!-- logback jms appenders & loggers definition starts here -->
- <appender name="auditLogs"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter" />
- <file>${logDirectory}/perf-audit/Audit-${lrmRVer}-${lrmRO}-${Pid}.log
- </file>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/perf-audit/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>eelfAuditLogPattern</pattern>
- </encoder>
- </appender>
- <appender name="perfLogs"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter" />
- <file>${logDirectory}/perf-audit/Perform-${lrmRVer}-${lrmRO}-${Pid}.log
- </file>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/perf-audit/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
- </encoder>
- </appender>
- <logger name="AuditRecord" level="INFO" additivity="false">
- <appender-ref ref="auditLogs" />
- </logger>
- <logger name="AuditRecord_DirectCall" level="INFO" additivity="false">
- <appender-ref ref="auditLogs" />
- </logger>
- <logger name="PerfTrackerRecord" level="INFO" additivity="false">
- <appender-ref ref="perfLogs" />
- </logger>
- <!-- logback jms appenders & loggers definition ends here -->
-
- <logger name="org.onap.aai.interceptors.post" level="DEBUG"
- additivity="false">
- <appender-ref ref="asynctranslog" />
- </logger>
-
- <logger name="org.onap.aai.interceptors.pre.SetLoggingContext" level="DEBUG">
- <appender-ref ref="asyncAUDIT"/>
- </logger>
-
- <logger name="org.onap.aai.interceptors.post.ResetLoggingContext" level="DEBUG">
- <appender-ref ref="asyncAUDIT"/>
- </logger>
-
- <logger name="org.onap.aai.dmaap" level="DEBUG" additivity="false">
- <appender-ref ref="dmaapAAIEventConsumer" />
- <appender-ref ref="dmaapAAIEventConsumerDebug" />
- <appender-ref ref="dmaapAAIEventConsumerMetric" />
- </logger>
-
- <logger name="org.onap.aai.datasnapshot" level="DEBUG" additivity="false">
- <appender-ref ref="dataSnapshot"/>
- <appender-ref ref="dataSnapshotdebug"/>
- <appender-ref ref="dataSnapshotmetric"/>
- <appender-ref ref="STDOUT"/>
- </logger>
-
- <logger name="org.onap.aai.datagrooming" level="DEBUG" additivity="false">
- <appender-ref ref="dataGrooming"/>
- <appender-ref ref="dataGroomingdebug"/>
- <appender-ref ref="dataGroomingmetric"/>
- <appender-ref ref="STDOUT"/>
- </logger>
-
- <logger name="org.onap.aai.schema" level="DEBUG" additivity="false">
- <appender-ref ref="createDBSchema"/>
- <appender-ref ref="createDBSchemadebug"/>
- <appender-ref ref="createDBSchemametric"/>
- </logger>
-
- <logger name="org.onap.aai.dbgen" level="DEBUG" additivity="false">
- <appender-ref ref="createDBSchema"/>
- <appender-ref ref="createDBSchemadebug"/>
- <appender-ref ref="createDBSchemametric"/>
- </logger>
-
- <logger name="org.onap.aai.dbgen.PullInvData" level="DEBUG" additivity="false">
- <appender-ref ref="pullInvData"/>
- <appender-ref ref="pullInvDatadebug"/>
- <appender-ref ref="pullInvDatametric"/>
- </logger>
-
- <logger name="org.onap.aai.datacleanup" level="INFO" additivity="false">
- <appender-ref ref="dataCleanuperror" />
- <appender-ref ref="dataCleanupdebug" />
- <appender-ref ref="dataCleanupmetric" />
- <appender-ref ref="STDOUT"/>
- </logger>
- <logger name="org.onap.aai.dataexport" level="DEBUG" additivity="false">
- <appender-ref ref="dataExportError"/>
- <appender-ref ref="dataExportDebug"/>
- <appender-ref ref="dataExportMetric"/>
- <appender-ref ref="STDOUT"/>
- </logger>
- <logger name="org.apache" level="WARN" />
- <logger name="org.zookeeper" level="WARN" />
- <logger name="com.netflix" level="WARN" />
- <logger name="org.janusgraph" level="WARN" />
- <logger name="com.att.aft.dme2" level="WARN" />
-
- <!-- ============================================================================ -->
- <!-- General EELF logger -->
- <!-- ============================================================================ -->
- <logger name="com.att.eelf" level="WARN" additivity="false">
- <appender-ref ref="asyncDEBUG" />
- <appender-ref ref="asyncERROR" />
- <appender-ref ref="asyncMETRIC" />
- </logger>
-
- <root level="DEBUG">
- <appender-ref ref="external" />
- {{ if .Values.global.config.logback.console.enabled }}
- <appender-ref ref="STDOUT" />
- {{ end }}
- </root>
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>
+ %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}
+ </pattern>
+ </encoder>
+ </appender>
+
+ <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/sane.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
+ </pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="SANE" />
+ </appender>
+
+ <appender name="METRIC"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/metrics.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="METRIC" />
+ </appender>
+
+ <appender name="DEBUG"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/debug.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="DEBUG" />
+ </appender>
+
+ <appender name="ERROR"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/rest/error.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${"eelfErrorLogPattern"}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="ERROR" />
+ </appender>
+
+ <appender name="AUDIT"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/audit.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfAuditLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="AUDIT" />
+ </appender>
+
+ <appender name="translog"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/translog.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfTransLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="translog" />
+ </appender>
+
+ <appender name="dmaapAAIEventConsumer"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${"eelfErrorLogPattern"}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dmaapAAIEventConsumerDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="dmaapAAIEventConsumerMetric"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="external"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/external/external.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- DataGrooming logs started -->
+ <appender name="dataGrooming" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/dataGrooming/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataGrooming/error.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfErrorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dataGroomingdebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dataGrooming/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataGrooming/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dataGroomingmetric" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dataGrooming/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataGrooming/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- DataGrooming logs ended -->
+
+ <!-- DataSnapshot logs started -->
+ <appender name="dataSnapshot" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/dataSnapshot/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataSnapshot/error.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfErrorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dataSnapshotdebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dataSnapshot/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataSnapshot/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dataSnapshotmetric" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dataSnapshot/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataSnapshot/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- DataSnapshot logs ended -->
+
+ <!-- CreateDBSchema logs started -->
+ <appender name="createDBSchema" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/createDBSchema/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/createDBSchema/error.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${"eelfErrorLogPattern"}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="createDBSchemadebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/createDBSchema/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/createDBSchema/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="createDBSchemametric" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/createDBSchema/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/createDBSchema/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <!-- CreateDBSchema logs ended -->
+
+ <!-- DataCleanupTasks logs started -->
+ <appender name="dataCleanuperror" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/misc/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/misc/error.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${"eelfErrorLogPattern"}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dataCleanupdebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/misc/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/misc/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dataCleanupmetric" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/misc/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/misc/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <!-- DataCleanupTasks logs ended -->
+
+ <!-- pullInvData logs started -->
+ <appender name="pullInvData" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/pullInvData/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/pullInvData/error.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${"eelfErrorLogPattern"}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="pullInvDatadebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/pullInvData/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/pullInvData/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="pullInvDatametric" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/pullInvData/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/pullInvData/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <!-- pullInvData logs ended -->
+ <!-- DataGrooming logs started -->
+ <appender name="dataExportError" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/dataExport/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataExport/error.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfErrorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dataExportDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dataExport/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataExport/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dataExportMetric" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dataExport/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataExport/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <logger name="org.onap.aai" level="DEBUG" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncERROR" />
+ <appender-ref ref="asyncMETRIC" />
+ <appender-ref ref="asyncSANE" />
+ <appender-ref ref="STDOUT"/>
+ </logger>
+
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" />
+ <logger name="org.springframework.beans" level="WARN" />
+ <logger name="org.springframework.web" level="WARN" />
+ <logger name="com.blog.spring.jms" level="WARN" />
+ <logger name="com.jayway.jsonpath" level="WARN" />
+
+
+ <!-- logback internals logging -->
+ <logger name="ch.qos.logback.classic" level="WARN" />
+ <logger name="ch.qos.logback.core" level="WARN" />
+
+ <logger name="org.eclipse.jetty" level="WARN" />
+
+ <logger name="org.onap.aai.interceptors.post" level="DEBUG"
+ additivity="false">
+ <appender-ref ref="asynctranslog" />
+ </logger>
+
+ <logger name="org.onap.aai.interceptors.pre.SetLoggingContext" level="DEBUG">
+ <appender-ref ref="asyncAUDIT"/>
+ </logger>
+
+ <logger name="org.onap.aai.interceptors.post.ResetLoggingContext" level="DEBUG">
+ <appender-ref ref="asyncAUDIT"/>
+ </logger>
+
+ <logger name="org.onap.aai.dmaap" level="DEBUG" additivity="false">
+ <appender-ref ref="dmaapAAIEventConsumer" />
+ <appender-ref ref="dmaapAAIEventConsumerDebug" />
+ <appender-ref ref="dmaapAAIEventConsumerMetric" />
+ </logger>
+
+ <logger name="org.onap.aai.datasnapshot" level="DEBUG" additivity="false">
+ <appender-ref ref="dataSnapshot"/>
+ <appender-ref ref="dataSnapshotdebug"/>
+ <appender-ref ref="dataSnapshotmetric"/>
+ <appender-ref ref="STDOUT"/>
+ </logger>
+
+ <logger name="org.onap.aai.datagrooming" level="DEBUG" additivity="false">
+ <appender-ref ref="dataGrooming"/>
+ <appender-ref ref="dataGroomingdebug"/>
+ <appender-ref ref="dataGroomingmetric"/>
+ <appender-ref ref="STDOUT"/>
+ </logger>
+
+ <logger name="org.onap.aai.schema" level="DEBUG" additivity="false">
+ <appender-ref ref="createDBSchema"/>
+ <appender-ref ref="createDBSchemadebug"/>
+ <appender-ref ref="createDBSchemametric"/>
+ <appender-ref ref="STDOUT" />
+ </logger>
+
+ <logger name="org.onap.aai.dbgen" level="DEBUG" additivity="false">
+ <appender-ref ref="createDBSchema"/>
+ <appender-ref ref="createDBSchemadebug"/>
+ <appender-ref ref="createDBSchemametric"/>
+ <appender-ref ref="STDOUT" />
+ </logger>
+
+ <logger name="org.onap.aai.dbgen.PullInvData" level="DEBUG" additivity="false">
+ <appender-ref ref="pullInvData"/>
+ <appender-ref ref="pullInvDatadebug"/>
+ <appender-ref ref="pullInvDatametric"/>
+ </logger>
+
+ <logger name="org.onap.aai.datacleanup" level="INFO" additivity="false">
+ <appender-ref ref="dataCleanuperror" />
+ <appender-ref ref="dataCleanupdebug" />
+ <appender-ref ref="dataCleanupmetric" />
+ <appender-ref ref="STDOUT"/>
+ </logger>
+ <logger name="org.onap.aai.dataexport" level="DEBUG" additivity="false">
+ <appender-ref ref="dataExportError"/>
+ <appender-ref ref="dataExportDebug"/>
+ <appender-ref ref="dataExportMetric"/>
+ <appender-ref ref="STDOUT"/>
+ </logger>
+ <logger name="org.apache" level="WARN" />
+ <logger name="org.zookeeper" level="WARN" />
+ <logger name="com.netflix" level="WARN" />
+ <logger name="org.janusgraph" level="WARN" />
+ <logger name="com.att.aft.dme2" level="WARN" />
+
+ <!-- ============================================================================ -->
+ <!-- General EELF logger -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="WARN" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncERROR" />
+ <appender-ref ref="asyncMETRIC" />
+ </logger>
+
+ <root level="DEBUG">
+ <appender-ref ref="external" />
+ {{ if .Values.global.config.logback.console.enabled }}
+ <appender-ref ref="STDOUT" />
+ {{ end }}
+ </root>
</configuration>
args:
- --container-name
- aai-cassandra
+ - --container-name
+ - aai-schema-service
{{ end }}
env:
- name: NAMESPACE
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: LOCAL_USER_ID
- value: {{ .Values.config.userId | quote }}
+ value: {{ .Values.global.config.userId | quote }}
- name: LOCAL_GROUP_ID
- value: {{ .Values.config.groupId | quote }}
+ value: {{ .Values.global.config.groupId | quote }}
volumeMounts:
- mountPath: /etc/localtime
name: localtime
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
name: {{ include "common.fullname" . }}-realm-configmap
- name: {{ include "common.fullname" . }}-auth-truststore-sec
secret:
- secretName: aai-auth-truststore-secret
+ secretName: aai-common-truststore
items:
{{ range $job := .Values.global.config.auth.files }}
- key: {{ . }}
app: {{ include "common.name" . }}-job
release: {{ .Release.Name }}
name: {{ include "common.name" . }}
- annotations:
- checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
spec:
initContainers:
- command:
args:
- --container-name
- aai-cassandra
+ - --container-name
+ - aai-schema-service
env:
- name: NAMESPACE
valueFrom:
- mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties
name: {{ include "common.fullname" . }}-aaiconfig-conf
subPath: aaiconfig.properties
- - mountPath: /opt/aai/logroot/AAI-RES
+ - mountPath: /opt/aai/logroot/AAI-GA
name: {{ include "common.fullname" . }}-logs
- mountPath: /opt/app/aai-graphadmin/resources/logback.xml
name: {{ include "common.fullname" . }}-log-conf
subPath: {{ . }}
{{ end }}
resources:
-{{ include "common.resources" . | indent 10 }}
+{{ include "common.resources" . }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
configMap:
name: aai-filebeat
- name: {{ include "common.fullname" . }}-logs
- emptyDir: {}
+ hostPath:
+ path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}-create-db-schema
- name: {{ include "common.fullname" . }}-filebeat
emptyDir: {}
- name: {{ include "common.fullname" . }}-log-conf
name: {{ include "common.fullname" . }}-realm-configmap
- name: {{ include "common.fullname" . }}-auth-truststore-sec
secret:
- secretName: aai-auth-truststore-secret
+ secretName: aai-common-truststore
items:
{{ range $job := .Values.global.config.auth.files }}
- key: {{ . }}
global: # global defaults
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
# application image
repository: nexus3.onap.org:10001
-image: onap/aai-graphadmin:1.0.1
+image: onap/aai-graphadmin:1.1-STAGING-latest
pullPolicy: Always
restartPolicy: Always
flavor: small
ingress:
enabled: false
+persistence:
+ mountPath: /dockerdata-nfs
+ mountSubPath: aai/aai-graphadmin
+
resources:
small:
limits:
apiVersion: v1
description: ONAP AAI modelloader
name: aai-modelloader
-version: 3.0.0
+version: 4.0.0
release: {{ .Release.Name }}
name: {{ include "common.name" . }}
spec:
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
# side car containers
- name: filebeat-onap
name: {{ include "common.fullname" . }}-logs
- mountPath: /usr/share/filebeat/data
name: aai-filebeat
+ resources:
+{{ include "common.resources" . }}
volumes:
- name: localtime
hostPath:
metadata:
name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }}
apiVersion: v1
description: ONAP AAI resources
name: aai-resources
-version: 3.0.0
+version: 4.0.0
-2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf
-jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm
-4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe
-moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf
-GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT
-74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh
-iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb
-p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt
-3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW
-hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7
-RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX
-xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk
-8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q
-ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i
-5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe
-GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE
-_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k
-zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf
-S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU
-LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw
-hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W
-nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP
-bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN
-JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk
-Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y
-J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP
-mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF
\ No newline at end of file
+yf1wUdfxbhVQQq5UF8hzWB_01VVrRIkC8BaLT7NMTrmv30RsMj3lvlaX3_CnVC1emYgmiUfWnT7k
+brk0m-URJAKM8Pm6PrnOyKlx3U7NS8HVcFdKpVm_bx0CFsA3eY2NGe-D0gd35V1MohCbABZ8G2a6
+AgE7QmToHCwclXW_goK5P7lmJX1HaMVAIydMreP1m9sSR4UboRlvkH6VsMM1H1Y9ZhhXF--RkWAM
+EcIspNTQE4ef3ZvYtSzuWssGZP8Hjo4XJlXz1uCSkyczw0IR19n-lspF9S0cIMro6QqvJsyjyjRo
+UdYgxdwmQ_st4P43TZ8YEBQyE8r7VUoh_EqUx9ldilxGA0kBOQcTdtd805Kf98grXiQXeT-8UD1L
+02aLzbz8Md7f8foGS1oGLfoImdjYCzOOZs3qHmKSb6YoHY8VcBCxIEfCznYl8wLYLRsSZ0tV4SAM
+qCM_KHOM0HOZrNfSSAW5ZVZb67U9NI9SLFRV8gkmqxMspfjSLJCyHhq0D6RMECSpeAeVgoh6SWDw
+mBSXunY5ZWVzdUyEezjCcl3NqTahrlfMSV5xkfUmSNFe_WW9rIXF0vD6MHAEW62yA1OA8WoMUqp2
+VKkUzWGVGAdMvbU52D6hqmGXER44kxAHVgEwPdhQhqgk4BpjR2v9ozQ6E_xNGkSRnriNB-H6BSN0
+vZa0pNJfvmBCjwGeoyRbCJrN1grLoDHQ3_6g-IwsD3NugKp6SHxUgfiPAUMGz-J2ZdbAlU0SNQgM
+8gn6_cOaXvhqHBwh9SfT4jXyuCJru0zw3pyOjuw6fLMezvJDPvFfIgWllzc2IQ7_bufMZgCr2yAe
+O-nBzsXK8aqItzCti53sZLSM1YC6OuRaiIt2i0yTVa7koFYSFhyELqEco5cFKMs0c6SrgIxnRrBT
+x0RPXIyLdiRr76uP2wxL8KDfJ1vbCKi1xkZRchvQfm3ssgpzXVz8lnZ-HxacEhhAfGdDV56ZgRhu
+5UVQd2RdP9JVpnXRJPhVwlQeQlrIXWHp01efBPRMTZQd2lpaNqn5v5chzpi9bbM3P3-BLxnN2NID
+dv1E9Ox7MH-m3IQT9yFUi-UrDxAId4dnpgeCvyxhfnc1HJ9B71x9wmryC9PJWiKs3K-T_eC9pR4o
+eN5PUZZ7arwdMUmzqKPNAtyMqaJCWfD3GZ1KsC8OV5Ze0DRQZPeT3IHg2BUC1NGj2SdjcwaGP_zl
+uytFZWN7kQjnI4brorkO_jzjf7SEPCO7Vy2Z2vikIv7O8bSWZWDGYCcxUoYigFYcjZFirRYr3Yvl
+YZU-F_qh6ZvrVxStSpz6iYDAzPW9v4ZyLSHyWe5H2AN89uRdnvag1769KpjsmGVYbn5jabgCJFs8
+EL7rxymrXri5cKsGH8XC1E0a-kP6vvhdHJhx5eFsFmKJaWh3RCJ8_I5CSzSRsK8JvE1Z6nGFn_SI
+dpeNjf66lbm4y68loUh5Q4BDce3YaCT1gHmluBzXnv1vFzuvJ2jcVyq-nUDjdTqvM9okW8Prmt7l
+ttQ3MVZI4rd-tXJfV4lxaI6wF4LIwiMJmY2tiCHoJ5nbLfHvMG7G5K1NAbizPltQxURPiMPZeCDZ
+15SXI9vdCR-FyQikzp1hUUMMqz231-6BDDTKMOXpicQRQ0CHpEfxY4Rq3mu0QmRi-EIs6JAzfuLi
+ba7fbfHnkhl3GWkj0CVZD8uDbzJceSTHICqVt-3qECUSG3ZfsuebWAEWED_xQoXyAL7kK8fMOPwl
+m6qEk4z7boiJSrcQ2ZIdyPs2bZNvlv4wYg0F3BhFf2HeCYwR3BKXQGlDXGOAD5GuRpHHBch9JfVa
+iUbvCEF23mee633C_K4zCaaVR9UqXMefzqFxSsobMp3heo3eIcQzLhe2SL2xpI9TbsvN2N4c9UMk
+_TnQBHiYBgPxtB_j8bnVu7C__lTTpPKYLpUPxgWEIzljZzbkF37QQ1XtAc2EzcOi2FT4qsjlNgPw
+PbL6ZihWEYZrZUilTSLzzjcQDLzoaF6BL2LOOS-Uju-B7COhcSMc0JLYOob6RDBE9T6HUMuZ
# Properties Generated by AT&T Certificate Manager
# @copyright 2016, AT&T
############################################################
-cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
cadi_keyfile=/opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile
cadi_keystore=/opt/app/aai-resources/resources/aaf/org.onap.aai.p12
-cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV
-#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)>
+cadi_keystore_password=enc:nF3D1h00vVoLZkCnFtTCJAiH6maEiA3933rI3ctap9Ggjlm2SMg_dxk6ui9iiDwr
+#cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL
cadi_alias=aai@aai.onap.org
cadi_truststore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks
-cadi_truststore_password=enc:s77wlnZFoQ08NhnU3OSeWO6uKgRwC6sAK-wTvVubNz2
+cadi_truststore_password=enc:8BxmWFFRI9wcf2jVixnfdK2GPI4veaXofZ65fcYThHv
cadi_loglevel=INFO
cadi_bath_convert=/opt/app/aai-resources/resources/aaf/bath_config.csv
aai.transaction.logging=true
aai.transaction.logging.get=false
-aai.transaction.logging.post=false
+aai.transaction.logging.post=true
aai.realtime.clients={{ .Values.global.config.realtime.clients }}
server.port=8447
server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
-server.ssl.key-store=${server.local.startpath}etc/auth/{{ .Values.global.config.keystore.filename }}
+server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
-server.ssl.trust-store=${server.local.startpath}etc/auth/{{ .Values.global.config.truststore.filename }}
+server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
server.ssl.client-auth=want
server.ssl.key-store-type=JKS
# Specifies the version that the application should default to
schema.version.api.default={{ .Values.global.config.schema.version.api.default }}
+schema.translator.list={{ .Values.global.config.schema.translator.list }}
+schema.service.base.url=https://aai-schema-service.{{ include "common.namespace" . }}:8452/aai/schema-service/v1/
+schema.service.nodes.endpoint=nodes?version=
+schema.service.edges.endpoint=edgerules?version=
+schema.service.versions.endpoint=versions
+schema.service.client={{ .Values.global.config.schema.service.client }}
+
+schema.service.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
+schema.service.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
+schema.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
+schema.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
<!--
- ============LICENSE_START=======================================================
- org.onap.aai
- ================================================================================
- Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- Modifications Copyright © 2018 Amdocs, Bell Canada
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
- http://www.apache.org/licenses/LICENSE-2.0
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
- ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ ============LICENSE_START=======================================================
+ org.onap.aai
+ ================================================================================
+ Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ Modifications Copyright © 2018 Amdocs, Bell Canada
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+ ECOMP is a trademark and service mark of AT&T Intellectual Property.
-->
<configuration scan="true" scanPeriod="60 seconds" debug="false">
- <statusListener class="ch.qos.logback.core.status.NopStatusListener" />
- <property resource="application.properties" />
- <property name="namespace" value="aai-resources"/>
- <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
- <jmxConfigurator />
- <property name="logDirectory" value="${AJSC_HOME}/logs" />
- <property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
- <property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
- <property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
- <!-- <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> -->
- <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
- <property name="eelfTransLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{partnerName}:%m%n"/>
- <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" />
- <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" />
- <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" />
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <pattern>
- %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}
- </pattern>
- </encoder>
- </appender>
- <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/rest/sane.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder>
- <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
- </pattern>
- </encoder>
- </appender>
- <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="SANE" />
- </appender>
- <appender name="METRIC"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <file>${logDirectory}/rest/metrics.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfMetricLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="METRIC" />
- </appender>
- <appender name="DEBUG"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <file>${logDirectory}/rest/debug.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="DEBUG" />
- </appender>
- <appender name="ERROR"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <file>${logDirectory}/rest/error.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfErrorLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="ERROR" />
- </appender>
- <appender name="AUDIT"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/rest/audit.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfAuditLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="AUDIT" />
- </appender>
- <appender name="translog"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <file>${logDirectory}/rest/translog.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfTransLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="translog" />
- </appender>
- <appender name="dmaapAAIEventConsumer"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="dmaapAAIEventConsumerDebug"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="dmaapAAIEventConsumerMetric"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfMetricLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="external"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <file>${logDirectory}/external/external.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
- <logger name="org.onap.aai" level="DEBUG" additivity="false">
- <appender-ref ref="asyncDEBUG" />
- <appender-ref ref="asyncERROR" />
- <appender-ref ref="asyncMETRIC" />
- <appender-ref ref="asyncSANE" />
- </logger>
- <!-- Spring related loggers -->
- <logger name="org.springframework" level="WARN" />
- <logger name="org.springframework.beans" level="WARN" />
- <logger name="org.springframework.web" level="WARN" />
- <logger name="com.blog.spring.jms" level="WARN" />
- <logger name="com.jayway.jsonpath" level="WARN" />
- <!-- AJSC Services (bootstrap services) -->
- <logger name="ajsc" level="WARN" />
- <logger name="ajsc.RouteMgmtService" level="WARN" />
- <logger name="ajsc.ComputeService" level="WARN" />
- <logger name="ajsc.VandelayService" level="WARN" />
- <logger name="ajsc.FilePersistenceService" level="WARN" />
- <logger name="ajsc.UserDefinedJarService" level="WARN" />
- <logger name="ajsc.UserDefinedBeansDefService" level="WARN" />
- <logger name="ajsc.LoggingConfigurationService" level="WARN" />
- <!-- AJSC related loggers (DME2 Registration, csi logging, restlet, servlet
- logging) -->
- <logger name="org.codehaus.groovy" level="WARN" />
- <logger name="com.att.scamper" level="WARN" />
- <logger name="ajsc.utils" level="WARN" />
- <logger name="ajsc.utils.DME2Helper" level="WARN" />
- <logger name="ajsc.filters" level="WARN" />
- <logger name="ajsc.beans.interceptors" level="WARN" />
- <logger name="ajsc.restlet" level="WARN" />
- <logger name="ajsc.servlet" level="WARN" />
- <logger name="com.att.ajsc" level="WARN" />
- <logger name="com.att.ajsc.csi.logging" level="WARN" />
- <logger name="com.att.ajsc.filemonitor" level="WARN" />
- <logger name="com.netflix.loadbalancer" level="WARN" />
- <logger name="org.apache.zookeeper" level="OFF" />
- <!-- Other Loggers that may help troubleshoot -->
- <logger name="net.sf" level="WARN" />
- <logger name="org.apache.commons.httpclient" level="WARN" />
- <logger name="org.apache.commons" level="WARN" />
- <logger name="org.apache.coyote" level="WARN" />
- <logger name="org.apache.jasper" level="WARN" />
- <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
- May aid in troubleshooting) -->
- <logger name="org.apache.camel" level="WARN" />
- <logger name="org.apache.cxf" level="WARN" />
- <logger name="org.apache.camel.processor.interceptor" level="WARN" />
- <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
- <logger name="org.apache.cxf.service" level="WARN" />
- <logger name="org.restlet" level="WARN" />
- <logger name="org.apache.camel.component.restlet" level="WARN" />
- <logger name="org.hibernate.validator" level="WARN" />
- <logger name="org.hibernate" level="WARN" />
- <logger name="org.hibernate.ejb" level="OFF" />
- <!-- logback internals logging -->
- <logger name="ch.qos.logback.classic" level="WARN" />
- <logger name="ch.qos.logback.core" level="WARN" />
- <logger name="org.eclipse.jetty" level="WARN" />
- <!-- logback jms appenders & loggers definition starts here -->
- <appender name="auditLogs"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter" />
- <file>${logDirectory}/perf-audit/Audit-${lrmRVer}-${lrmRO}-${Pid}.log
- </file>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/perf-audit/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
- </encoder>
- </appender>
- <appender name="perfLogs"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter" />
- <file>${logDirectory}/perf-audit/Perform-${lrmRVer}-${lrmRO}-${Pid}.log
- </file>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/perf-audit/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
- </encoder>
- </appender>
- <logger name="AuditRecord" level="INFO" additivity="false">
- <appender-ref ref="auditLogs" />
- </logger>
- <logger name="AuditRecord_DirectCall" level="INFO" additivity="false">
- <appender-ref ref="auditLogs" />
- </logger>
- <logger name="PerfTrackerRecord" level="INFO" additivity="false">
- <appender-ref ref="perfLogs" />
- </logger>
- <!-- logback jms appenders & loggers definition ends here -->
- <logger name="org.onap.aai.interceptors.post" level="DEBUG"
- additivity="false">
- <appender-ref ref="asynctranslog" />
- </logger>
- <logger name="org.onap.aai.interceptors.pre.SetLoggingContext" level="DEBUG">
- <appender-ref ref="asyncAUDIT"/>
- </logger>
- <logger name="org.onap.aai.interceptors.post.ResetLoggingContext" level="DEBUG">
- <appender-ref ref="asyncAUDIT"/>
- </logger>
- <logger name="org.onap.aai.dmaap" level="DEBUG" additivity="false">
- <appender-ref ref="dmaapAAIEventConsumer" />
- <appender-ref ref="dmaapAAIEventConsumerDebug" />
- <appender-ref ref="dmaapAAIEventConsumerMetric" />
- </logger>
- <logger name="org.apache" level="OFF" />
- <logger name="org.zookeeper" level="OFF" />
- <logger name="com.thinkaurelius" level="WARN" />
- <logger name="com.att.aft.dme2" level="WARN" />
- <!-- ============================================================================ -->
- <!-- General EELF logger -->
- <!-- ============================================================================ -->
- <logger name="com.att.eelf" level="WARN" additivity="false">
- <appender-ref ref="asyncDEBUG" />
- <appender-ref ref="asyncERROR" />
- <appender-ref ref="asyncMETRIC" />
- </logger>
- <root level="DEBUG">
- <appender-ref ref="external" />
- {{ if .Values.global.config.logback.console.enabled }}
- <appender-ref ref="STDOUT" />
- {{ end }}
- </root>
+ <statusListener class="ch.qos.logback.core.status.NopStatusListener" />
+ <property resource="application.properties" />
+ <property name="namespace" value="aai-resources"/>
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <jmxConfigurator />
+ <property name="logDirectory" value="${AJSC_HOME}/logs" />
+ <property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <!-- <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> -->
+ <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfTransLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{partnerName}:%m%n"/>
+ <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" />
+ <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" />
+ <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" />
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>
+ %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}
+ </pattern>
+ </encoder>
+ </appender>
+ <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/sane.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
+ </pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="SANE" />
+ </appender>
+ <appender name="METRIC"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/metrics.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="METRIC" />
+ </appender>
+ <appender name="DEBUG"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/debug.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="DEBUG" />
+ </appender>
+ <appender name="ERROR"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/rest/error.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfErrorLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="ERROR" />
+ </appender>
+ <appender name="AUDIT"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/audit.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfAuditLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="AUDIT" />
+ </appender>
+ <appender name="translog"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/translog.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfTransLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="translog" />
+ </appender>
+ <appender name="dmaapAAIEventConsumer"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="dmaapAAIEventConsumerDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="dmaapAAIEventConsumerMetric"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="external"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/external/external.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <logger name="org.onap.aai" level="DEBUG" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncERROR" />
+ <appender-ref ref="asyncMETRIC" />
+ <appender-ref ref="asyncSANE" />
+ <appender-ref ref="STDOUT" />
+ </logger>
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" />
+ <logger name="org.springframework.beans" level="WARN" />
+ <logger name="org.springframework.web" level="WARN" />
+ <logger name="com.blog.spring.jms" level="WARN" />
+ <logger name="com.jayway.jsonpath" level="WARN" />
+
+ <logger name="ch.qos.logback.classic" level="WARN" />
+ <logger name="ch.qos.logback.core" level="WARN" />
+ <logger name="org.eclipse.jetty" level="WARN" />
+
+ <logger name="org.onap.aai.interceptors.post" level="DEBUG"
+ additivity="false">
+ <appender-ref ref="asynctranslog" />
+ </logger>
+ <logger name="org.onap.aai.interceptors.pre.SetLoggingContext" level="DEBUG">
+ <appender-ref ref="asyncAUDIT"/>
+ </logger>
+ <logger name="org.onap.aai.interceptors.post.ResetLoggingContext" level="DEBUG">
+ <appender-ref ref="asyncAUDIT"/>
+ </logger>
+ <logger name="org.onap.aai.dmaap" level="DEBUG" additivity="false">
+ <appender-ref ref="dmaapAAIEventConsumer" />
+ <appender-ref ref="dmaapAAIEventConsumerDebug" />
+ <appender-ref ref="dmaapAAIEventConsumerMetric" />
+ </logger>
+ <logger name="org.apache" level="OFF" />
+ <logger name="org.zookeeper" level="OFF" />
+ <logger name="com.thinkaurelius" level="WARN" />
+ <logger name="com.att.aft.dme2" level="WARN" />
+ <!-- ============================================================================ -->
+ <!-- General EELF logger -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="WARN" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncERROR" />
+ <appender-ref ref="asyncMETRIC" />
+ </logger>
+ <root level="DEBUG">
+ <appender-ref ref="external" />
+ {{ if .Values.global.config.logback.console.enabled }}
+ <appender-ref ref="STDOUT" />
+ {{ end }}
+ </root>
</configuration>
</root>
<!-- LOG "com.baeldung*" at TRACE level -->
- <logger name="org.onap.aaf.fproxy" level="trace" additivity="false">
- <appender-ref ref="RollingFile" />
- <appender-ref ref="Console" />
- </logger>
+ <logger name="org.onap.aaf.fproxy" level="info" />
</configuration>
\ No newline at end of file
</appender>
<!-- LOG everything at INFO level -->
- <root level="debug">
+ <root level="info">
<appender-ref ref="RollingFile" />
<appender-ref ref="Console" />
</root>
<!-- LOG "com.baeldung*" at TRACE level -->
- <logger name="org.onap.aaf.rproxy" level="trace" additivity="false">
- <appender-ref ref="RollingFile" />
- <appender-ref ref="Console" />
- </logger>
+ <logger name="org.onap.aaf.rproxy" level="info" />
</configuration>
{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
---
apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }}
+---
+apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.fullname" . }}-rproxy-auth-config
"visualRange": "1",
"path": "/aai/v14/cloud-infrastructure"
},
+ {
+ "serviceName": "_aai-cloudInfrastructure",
+ "version": "v15",
+ "url": "/aai/v15/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/cloud-infrastructure"
+ },
+ {
+ "serviceName": "_aai-cloudInfrastructure",
+ "version": "v16",
+ "url": "/aai/v16/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/cloud-infrastructure"
+ },
{
"serviceName": "_aai-business",
"version": "v11",
"visualRange": "1",
"path": "/aai/v14/business"
},
+ {
+ "serviceName": "_aai-business",
+ "version": "v15",
+ "url": "/aai/v15/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/business"
+ },
+ {
+ "serviceName": "_aai-business",
+ "version": "v16",
+ "url": "/aai/v16/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/business"
+ },
{
"serviceName": "_aai-actions",
"version": "v11",
"visualRange": "1",
"path": "/aai/v14/actions"
},
+ {
+ "serviceName": "_aai-actions",
+ "version": "v15",
+ "url": "/aai/v15/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/actions"
+ },
+ {
+ "serviceName": "_aai-actions",
+ "version": "v16",
+ "url": "/aai/v16/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/actions"
+ },
{
"serviceName": "_aai-service-design-and-creation",
"version": "v11",
"lb_policy":"ip_hash",
"visualRange": "1",
"path": "/aai/v14/service-design-and-creation"
+ },
+ {
+ "serviceName": "_aai-service-design-and-creation",
+ "version": "v15",
+ "url": "/aai/v15/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/service-design-and-creation"
+ },
+ {
+ "serviceName": "_aai-service-design-and-creation",
+ "version": "v16",
+ "url": "/aai/v16/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/service-design-and-creation"
},
{
"serviceName": "_aai-network",
"visualRange": "1",
"path": "/aai/v14/network"
},
+ {
+ "serviceName": "_aai-network",
+ "version": "v15",
+ "url": "/aai/v15/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/network"
+ },
+ {
+ "serviceName": "_aai-network",
+ "version": "v16",
+ "url": "/aai/v16/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/network"
+ },
{
"serviceName": "_aai-externalSystem",
"version": "v11",
"visualRange": "1",
"path": "/aai/v14/external-system"
},
+ {
+ "serviceName": "_aai-externalSystem",
+ "version": "v15",
+ "url": "/aai/v15/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/external-system"
+ },
+ {
+ "serviceName": "_aai-externalSystem",
+ "version": "v16",
+ "url": "/aai/v16/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/external-system"
+ },
{
"serviceName": "aai-cloudInfrastructure",
"version": "v11",
"lb_policy":"ip_hash",
"visualRange": "1"
},
+ {
+ "serviceName": "aai-cloudInfrastructure",
+ "version": "v15",
+ "url": "/aai/v15/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-cloudInfrastructure",
+ "version": "v16",
+ "url": "/aai/v16/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
{
"serviceName": "aai-business",
"version": "v11",
"lb_policy":"ip_hash",
"visualRange": "1"
},
+ {
+ "serviceName": "aai-business",
+ "version": "v15",
+ "url": "/aai/v15/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-business",
+ "version": "v16",
+ "url": "/aai/v16/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
{
"serviceName": "aai-actions",
"version": "v11",
"lb_policy":"ip_hash",
"visualRange": "1"
},
+ {
+ "serviceName": "aai-actions",
+ "version": "v15",
+ "url": "/aai/v15/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-actions",
+ "version": "v16",
+ "url": "/aai/v16/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
{
"serviceName": "aai-service-design-and-creation",
"version": "v11",
"lb_policy":"ip_hash",
"visualRange": "1"
},
+ {
+ "serviceName": "aai-service-design-and-creation",
+ "version": "v15",
+ "url": "/aai/v15/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-service-design-and-creation",
+ "version": "v16",
+ "url": "/aai/v16/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
{
"serviceName": "aai-network",
"version": "v11",
"lb_policy":"ip_hash",
"visualRange": "1"
},
+ {
+ "serviceName": "aai-network",
+ "version": "v15",
+ "url": "/aai/v15/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-network",
+ "version": "v16",
+ "url": "/aai/v16/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
{
"serviceName": "aai-externalSystem",
"version": "v11",
"enable_ssl": true,
"lb_policy":"ip_hash",
"visualRange": "1"
+ },
+ {
+ "serviceName": "aai-externalSystem",
+ "version": "v15",
+ "url": "/aai/v15/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-externalSystem",
+ "version": "v16",
+ "url": "/aai/v16/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
}
]'
spec:
args:
- --container-name
- aai-cassandra
+ - --container-name
+ - aai-schema-service
{{ end }}
env:
- name: NAMESPACE
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
name: {{ include "common.fullname" . }}-logs
- mountPath: /usr/share/filebeat/data
name: {{ include "common.fullname" . }}-filebeat
+ resources:
+{{ include "common.resources" . }}
{{ if .Values.global.installSidecarSecurity }}
- name: {{ .Values.global.rproxy.name }}
image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}"
- name: {{ include "common.fullname" . }}-rproxy-log-config
mountPath: /opt/app/rproxy/config/logback-spring.xml
subPath: logback-spring.xml
+ - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
+ subPath: uri-authorization.json
- name: {{ include "common.fullname" . }}-rproxy-auth-config
mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
subPath: tomcat_keystore
- name: {{ include "common.fullname" . }}-rproxy-auth-config
mountPath: /opt/app/rproxy/config/auth/client-cert.p12
subPath: client-cert.p12
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
- mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
- subPath: uri-authorization.json
- name: {{ include "common.fullname" . }}-rproxy-auth-config
mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
subPath: aaf_truststore.jks
name: {{ include "common.fullname" . }}-realm-configmap
- name: {{ include "common.fullname" . }}-auth-truststore-sec
secret:
- secretName: aai-auth-truststore-secret
+ secretName: aai-common-truststore
items:
{{ range $job := .Values.global.config.auth.files }}
- key: {{ . }}
- name: {{ include "common.fullname" . }}-rproxy-log-config
configMap:
name: {{ include "common.fullname" . }}-rproxy-log-config
+ - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
- name: {{ include "common.fullname" . }}-rproxy-auth-config
secret:
secretName: {{ include "common.fullname" . }}-rproxy-auth-config
global: # global defaults
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
# application image
repository: nexus3.onap.org:10001
-image: onap/aai-resources:1.3.4
+image: onap/aai-resources:1.4-STAGING-latest
pullPolicy: Always
restartPolicy: Always
flavor: small
--- /dev/null
+# Patterns to ignore when building packages.\r
+# This supports shell glob matching, relative path matching, and\r
+# negation (prefixed with !). Only one pattern per line.\r
+.DS_Store\r
+# Common VCS dirs\r
+.git/\r
+.gitignore\r
+.bzr/\r
+.bzrignore\r
+.hg/\r
+.hgignore\r
+.svn/\r
+# Common backup files\r
+*.swp\r
+*.bak\r
+*.tmp\r
+*~\r
+# Various IDEs\r
+.project\r
+.idea/\r
+*.tmproj\r
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2019 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
+
apiVersion: v1
-description: ONAP DMaaP Data Router
-name: dmaap-data-router
-version: 1.0
+description: ONAP AAI Schema Service
+name: aai-schema-service
+version: 4.0.0
--- /dev/null
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+aai.server.url.base=https://aai.{{ include "common.namespace" . }}:8443/aai/
+aai.server.url=https://aai.{{ include "common.namespace" . }}:8443/aai/{{ .Values.global.config.schema.version.api.default }}/
+aai.global.callback.url=https://aai.{{ include "common.namespace" . }}:8443/aai/
+
+{{ if .Values.global.config.basic.auth.enabled }}
+aai.tools.enableBasicAuth=true
+aai.tools.username={{ .Values.global.config.basic.auth.username }}
+aai.tools.password={{ .Values.global.config.basic.auth.passwd }}
+{{ end }}
+
+aai.truststore.filename={{ .Values.global.config.truststore.filename }}
+aai.truststore.passwd.x={{ .Values.global.config.truststore.passwd }}
+aai.keystore.filename={{ .Values.global.config.keystore.filename }}
+aai.keystore.passwd.x={{ .Values.global.config.keystore.passwd }}
+
+aai.default.api.version={{ .Values.global.config.schema.version.api.default }}
+
+aai.logging.trace.enabled=true
+aai.logging.trace.logrequest=false
+aai.logging.trace.logresponse=false
+
+aai.transaction.logging=true
+aai.transaction.logging.get=false
+aai.transaction.logging.post=false
--- /dev/null
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# The following info parameters are being referenced by ajsc6
+info.build.artifact=aai-schema-service
+info.build.name=schema-service
+info.build.description=Schema Service Microservice
+info.build.version=1.1.0
+
+spring.application.name=aai-schema-service
+spring.jersey.type=filter
+
+server.contextPath=/
+spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
+
+spring.profiles.active={{ .Values.global.config.profiles.active }}
+spring.jersey.application-path=${schema.uri.base.path}
+server.tomcat.max-threads=200
+server.tomcat.min-Spare-Threads=25
+server.tomcat.max-idle-time=60000
+
+server.local.startpath=aai-schema-service/src/main/resources/
+server.basic.auth.location=${server.local.startpath}/etc/auth/realm.properties
+
+server.port=8452
+server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
+server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
+server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
+server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
+server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
+server.ssl.client-auth=want
+server.ssl.key-store-type=JKS
+
+schema.configuration.location=N/A
+schema.source.name={{ .Values.global.config.schema.source.name }}
+schema.nodes.location=${server.local.startpath}/schema/${schema.source.name}/oxm/
+schema.edges.location=${server.local.startpath}/schema/${schema.source.name}/dbedgerules/
+schema.query.location=${server.local.startpath}/schema/${schema.source.name}/query/
+
+schema.ingest.file=${server.local.startpath}/application.properties
+
+# Schema Version Related Attributes
+schema.uri.base.path={{ .Values.global.config.schema.uri.base.path }}/schema-service
+# Lists all of the versions in the schema
+schema.version.list={{ .Values.global.config.schema.version.list }}
+# Specifies from which version should the depth parameter to default to zero
+schema.version.depth.start={{ .Values.global.config.schema.version.depth }}
+# Specifies from which version should the related link be displayed in response payload
+schema.version.related.link.start={{ .Values.global.config.schema.version.related.link }}
+
+# Specifies from which version should the client see only the uri excluding host info
+# Before this version server base will also be included
+schema.version.app.root.start={{ .Values.global.config.schema.version.app.root }}
+# Specifies from which version should the namespace be changed
+schema.version.namespace.change.start={{ .Values.global.config.schema.version.namespace.change }}
+# Specifies from which version should the client start seeing the edge label in payload
+schema.version.edge.label.start={{ .Values.global.config.schema.version.edge.label }}
+# Specifies the version that the application should default to
+schema.version.api.default={{ .Values.global.config.schema.version.api.default }}
--- /dev/null
+<!--
+ ============LICENSE_START=======================================================
+ org.onap.aai
+ ================================================================================
+ Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+-->
+<configuration>
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <appender name="ACCESS"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
+ </encoder>
+ </appender>
+ <appender-ref ref="ACCESS" />
+</configuration>
+
+<!--
+%a - Remote IP address
+%A - Local IP address
+%b - Bytes sent, excluding HTTP headers, or '-' if no bytes were sent
+%B - Bytes sent, excluding HTTP headers
+%h - Remote host name
+%H - Request protocol
+%l - Remote logical username from identd (always returns '-')
+%m - Request method
+%p - Local port
+%q - Query string (prepended with a '?' if it exists, otherwise an empty string
+%r - First line of the request
+%s - HTTP status code of the response
+%S - User session ID
+%t - Date and time, in Common Log Format format
+%u - Remote user that was authenticated
+%U - Requested URL path
+%v - Local server name
+%I - current request thread name (can compare later with stacktraces)
+
+%z - Custom pattern that parses the cert for the subject
+%y - Custom pattern determines rest or dme2
+ -->
--- /dev/null
+<configuration scan="true" scanPeriod="60 seconds" debug="false">
+ <statusListener class="ch.qos.logback.core.status.NopStatusListener" />
+ <property resource="application.properties" />
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <jmxConfigurator />
+ <property name="logDirectory" value="${AJSC_HOME}/logs" />
+ <property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <!-- <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> -->
+ <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfTransLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{partnerName}:%m%n"/>
+ <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" />
+ <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" />
+ <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" />
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>
+ %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}
+ </pattern>
+ </encoder>
+ </appender>
+ <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/sane.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
+ </pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="SANE" />
+ </appender>
+ <appender name="METRIC"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/metrics.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="METRIC" />
+ </appender>
+ <appender name="DEBUG"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/debug.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="DEBUG" />
+ </appender>
+ <appender name="ERROR"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/rest/error.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfErrorLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="ERROR" />
+ </appender>
+ <appender name="AUDIT"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/audit.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfAuditLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="AUDIT" />
+ </appender>
+ <appender name="translog"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/translog.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfTransLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="translog" />
+ </appender>
+ <appender name="dmaapAAIEventConsumer"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="dmaapAAIEventConsumerDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="dmaapAAIEventConsumerMetric"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="external"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/external/external.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <logger name="org.onap.aai.schemaservice" level="DEBUG" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncERROR" />
+ <appender-ref ref="asyncMETRIC" />
+ <appender-ref ref="asyncSANE" />
+ <appender-ref ref="STDOUT" />
+ </logger>
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" />
+ <logger name="org.springframework.beans" level="WARN" />
+ <logger name="org.springframework.web" level="WARN" />
+ <logger name="com.blog.spring.jms" level="WARN" />
+ <!-- logback internals logging -->
+ <logger name="ch.qos.logback.classic" level="WARN" />
+ <logger name="ch.qos.logback.core" level="WARN" />
+ <logger name="org.eclipse.jetty" level="WARN" />
+
+ <logger name="org.onap.aai.schemaservice.interceptors.post" level="DEBUG"
+ additivity="false">
+ <appender-ref ref="asynctranslog" />
+ </logger>
+ <logger name="org.onap.aai.schemaservice.interceptors.pre.SetLoggingContext" level="DEBUG">
+ <appender-ref ref="asyncAUDIT"/>
+ </logger>
+ <logger name="org.onap.aai.schemaservice.interceptors.post.ResetLoggingContext" level="DEBUG">
+ <appender-ref ref="asyncAUDIT"/>
+ </logger>
+ <!-- ============================================================================ -->
+ <!-- General EELF logger -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="WARN" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncERROR" />
+ <appender-ref ref="asyncMETRIC" />
+ </logger>
+ <root level="DEBUG">
+ <appender-ref ref="external" />
+ {{ if .Values.global.config.logback.console.enabled }}
+ <appender-ref ref="STDOUT" />
+ {{ end }}
+ </root>
+</configuration>
--- /dev/null
+AAI:OBF:1gfr1ev31gg7,admin
+MSO:OBF:1jzx1lz31k01,admin
+SDNC:OBF:1itr1i0l1i151isv,admin
+DCAE:OBF:1g8u1f9d1f991g8w,admin
+POLICY:OBF:1mk61i171ima1im41i0j1mko,admin
+ASDC:OBF:1f991j0u1j001f9d,admin
+VID:OBF:1jm91i0v1jl9,admin
+APPC:OBF:1f991ksf1ksf1f9d,admin
+ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin
+AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin
+OOF:OBF:1img1ke71ily,admin
+aai@aai.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+so@so.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+sdnc@sdnc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+policy@policy.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
--- /dev/null
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "config/logback.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-localhost-access-log-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "config/localhost-access-logback.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-aaiconfig-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "config/aaiconfig.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-springapp-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "config/application.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-realm-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "config/realm.properties").AsConfig . | indent 2 }}
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ annotations:
+ checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: LOCAL_USER_ID
+ value: {{ .Values.global.config.userId | quote }}
+ - name: LOCAL_GROUP_ID
+ value: {{ .Values.global.config.groupId | quote }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/aai-schema-service/resources/etc/appprops/aaiconfig.properties
+ name: aaiconfig-conf
+ subPath: aaiconfig.properties
+ - mountPath: /opt/aai/logroot/AAI-SCHEMA-SERVICE
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /opt/app/aai-schema-service/resources/logback.xml
+ name: {{ include "common.fullname" . }}-log-conf
+ subPath: logback.xml
+ - mountPath: /opt/app/aai-schema-service/resources/localhost-access-logback.xml
+ name: localhost-access-log-conf
+ subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-schema-service/resources/etc/auth/realm.properties
+ name: realm-conf
+ subPath: realm.properties
+ - mountPath: /opt/app/aai-schema-service/resources/application.properties
+ name: springapp-conf
+ subPath: application.properties
+ {{ $global := . }}
+ {{ range $job := .Values.global.config.auth.files }}
+ - mountPath: /opt/app/aai-schema-service/resources/etc/auth/{{ . }}
+ name: auth-truststore-sec
+ subPath: {{ . }}
+ {{ end }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ - containerPort: {{ .Values.service.internalPort2 }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+
+ # side car containers
+ - name: filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ name: filebeat-conf
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /usr/share/filebeat/data
+ name: {{ include "common.fullname" . }}-filebeat
+ volumes:
+ - name: aai-common-aai-auth-mount
+ secret:
+ secretName: aai-common-aai-auth
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: filebeat-conf
+ configMap:
+ name: aai-filebeat
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-log-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-log
+ - name: localhost-access-log-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-localhost-access-log-configmap
+ - name: springapp-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-springapp-configmap
+ - name: aaiconfig-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-aaiconfig-configmap
+ - name: realm-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-realm-configmap
+ - name: auth-truststore-sec
+ secret:
+ secretName: aai-common-truststore
+ items:
+ {{ range $job := .Values.global.config.auth.files }}
+ - key: {{ . }}
+ path: {{ . }}
+ {{ end }}
+ restartPolicy: {{ .Values.restartPolicy }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
apiVersion: v1
kind: Service
metadata:
- name: {{.Values.global.config.mariadb.name}}
+ name: {{ include "common.servicename" . }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
- type: {{.Values.global.config.mariadb.servicetype}}
+ type: {{ .Values.service.type }}
ports:
- {{if eq .Values.global.config.mariadb.servicetype "NodePort" -}}
- - port: {{.Values.global.config.mariadb.internalPort}}
- nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }}
- {{- else -}}
- - port: {{.Values.global.config.mariadb.externalPort}}
- targetPort: {{.Values.global.config.mariadb.internalPort}}
- {{- end}}
- name: {{.Values.global.config.mariadb.name}}
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.internalPort2 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- else -}}
+ - port: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.internalPort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- end}}
selector:
app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
\ No newline at end of file
+ release: {{ .Release.Name }}
+ clusterIP: None
--- /dev/null
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for resources.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+global: # global defaults
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+
+# application image
+repository: nexus3.onap.org:10001
+image: onap/aai-schema-service:1.0-STAGING-latest
+pullPolicy: Always
+restartPolicy: Always
+flavor: small
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 60
+ periodSeconds: 60
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 60
+ periodSeconds: 10
+
+service:
+ type: ClusterIP
+ portName: aai-schema-service-8452
+ internalPort: 8452
+ portName2: aai-schema-service-5005
+ internalPort2: 5005
+
+ingress:
+ enabled: false
+
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+# limits:
+# cpu: 2
+# memory: 4Gi
+# requests:
+# cpu: 2
+# memory: 4Gi
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 1
+ memory: 3Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 2
+ memory: 4Gi
+ unlimited: {}
apiVersion: v1
description: ONAP AAI search-data
name: aai-search-data
-version: 3.0.0
+version: 4.0.0
es.cluster-name=ES_AAI
es.ip-address=aai-elasticsearch.{{.Release.Namespace}}
es.http-port={{ .Values.config.elasticsearchHttpPort }}
+es.uri-scheme=https
+es.auth-user=admin
+es.auth-password=OBF:1u2a1toa1w8v1tok1u30
+es.trust-store=auth/tomcat_keystore
+es.trust-store-password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
metadata:
name: {{ include "common.fullname" . }}-keystone
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/config/auth/tomcat_keystore").AsSecrets . | indent 2 }}
metadata:
name: {{ include "common.fullname" . }}-policy
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/auth/search_policy.json").AsSecrets . | indent 2 }}
global: # global defaults
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
# application image
apiVersion: v1
description: ONAP AAI sparky-be
name: aai-sparky-be
-version: 3.0.0
+version: 4.0.0
# limitations under the License.
oxm.schemaNodeDir=/opt/app/sparky/onap/oxm
+#schemaServiceTranslator is used to define whether to retreive the oxm from schema service microservice or read from the disk, possible values are schema-service/config
+oxm.schemaServiceTranslatorList=config
+# The end point for onap is https://<hostname>:<port>/onap/schema-service/v1/
+oxm.schemaServiceBaseUrl=https://<schema-service/config>/aai/schema-service/v1/
+oxm.schemaServiceKeystore=file:${CONFIG_HOME}/auth/aai-client-cert.p12
+oxm.schemaServiceTruststore=file:${CONFIG_HOME}/auth/tomcat_keystore
+oxm.schemaServiceKeystorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
+oxm.schemaServiceTruststorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
+
+
+
+# Schema Service need this variable for the time being
+spring.applicationName=sparky
spring.profiles.active=camel,ssl,fe-prod,oxm-schema-prod,oxm-default,resources,sync,portal
+portal.cadiFileLocation={{.Values.config.cadiFileLocation}}
+portal.cadiFileLocation={{.Values.config.cadiFileLocation}}
searchservice.hostname={{.Values.global.searchData.serviceName}}
searchservice.port=9509
searchservice.client-cert=client-cert-onap.p12
searchservice.client-cert-password=1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
searchservice.truststore=tomcat_keystore
+
+schema.ingest.file=${CONFIG_HOME}/schemaIngest.properties
--- /dev/null
+cipher.enc.key=AGLDdG4D04BKm2IxIWEr8o==!
################################################################################
# Java class that implements the ECOMP role and user mgt API
-portal.api.impl.class = org.onap.aai.sparky.security.portal.PortalRestAPIServiceImpl
+portal.api.impl.class = org.onap.aai.sparky.security.portal.PortalRestAPICentralServiceImpl
# Instance of ECOMP Portal where the app has been on-boarded
# use insecure http for dev purposes to avoid self-signed certificate
# Toggles use of UEB
ueb_listeners_enable = false
# IDs application withing UEB flow
-ueb_app_key = qFKles9N8gDTV0Zc
+ueb_app_key = ueb_key_7
+# Use this tag if the app is centralized
+role_access_centralized=remote
+
+# Connection and Read timeout values
+ext_req_connection_timeout=15000
+ext_req_read_timeout=20000
+
+#Add AAF namespace if the app is centralized
+auth_namespace={{.Values.config.aafNamespace}}
--- /dev/null
+# Configure AAF
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+aaf_url=<%=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+#aaf_url=https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=2.0/envContext=TEST/routeOffer=BAU_SE
+# AAF Environment Designation
+
+#if you are running aaf service from a docker image you have to use aaf service IP and port number
+aaf_id={{.Values.config.aafUsername}}
+#Encrypt the password using AAF Jar
+aaf_password={{.Values.config.aafPassword}}
+# Sample CADI Properties, from CADI 1.4.2
+#hostname=org.onap.aai.orr
+csp_domain=PROD
+# Add Absolute path to Keyfile
+cadi_keyfile={{.Values.config.cadiKeyFile}}
+
+# This is required to accept Certificate Authentication from Certman certificates.
+# can be TEST, IST or PROD
+aaf_env=DEV
+
+# DEBUG prints off all the properties. Use to get started.
+cadi_loglevel=DEBUG
+
+# Add Absolute path to truststore2018.jks
+cadi_truststore={{.Values.config.cadiTrustStore}}
+# Note: This is the ONLY password that doesn't have to be encrypted. All Java's TrustStores are this passcode by default, because they are public certs
+cadi_truststore_password={{.Values.config.cadiTrustStorePassword}}
+
+# how to turn on SSL Logging
+#javax.net.debug=ssl
+
+# Use "maps.bing.com" to get Lat and Long for an Address
+AFT_LATITUDE=32.780140
+AFT_LONGITUDE=-96.800451
+AFT_ENVIRONMENT=AFTUAT
+AFT_DME2_CLIENT_IGNORE_SSL_CONFIG=true
+DME2.DEBUG=true
+AFT_DME2_HTTP_EXCHANGE_TRACE_ON=true
+
+cadi_latitude=32.780140
+cadi_longitude=-96.800451
+
+aaf_root_ns=com.att.aaf
+aaf_api_version=2.0
--- /dev/null
+77E_fh-8gTjeg8egAo-JgNkXYm1FGEBPMo44vKPgKyGCJj9Dn0xJqIBct2Ko35X4_HSU3wPq3I2q
+YHIvJCjmzXTVu2zvu4rIGTlwycTtLGDkgPyhOYFytv4GgazbpSs9331MPUeVVrdpkDCQmjtHSB4m
+DThhfEe2lkbZ35ljX3sVSf3JDy4ngRot0ktQwnnY4vxFdgVUl7LzVinXWgFLoqMyXmKh_bGw9aUH
+VMgqFsF_YmqLZY5ZARAraeywktvrU5kXYh5SnfXoJy7XIk0TBjHKqO-1mW-TcIgS3_v6GIGkZnpq
+e1FyE8cS21gTPFlc1KDoWUZE2yoEsQKJc4RFWfjid_mE6nckxym1TOsEn3G2_TlkZvliN_QMDB_c
+RuFLDB9HCChm4YYHpSn-RBqtJFz29bMTHQX8VNVfZ_Zhh-4dWOlEfpSzJvAqm_boo-8y8YDGIusx
+mvKyPXEKVCuBOljHaKhYg0d43nAXIFsssKpjmtQizA2L_TP1Mo_lDFIlCsPcRlHKTvzkTstEAhRj
+JnepzA--olBMwBkPxjm1Y5XQBGZH72i_o4Hr7_NqHb9sP486I2Nd1-owjHkhacGrLO1oORnuBUxp
+_SnaXYywe9tTz3BcfFupXSoDv4Sj7g9B53yPIWmjGggigidql3SNJsui6qOtwDHOejzEDFm23Lj7
+fXD6sb52U_ul9ahi4CoLTzpvMsPRYOqyRCk8K8FVBauZbG5D42oaFPn0S0rCSHOCU1TXbRdTF-Cs
+I2R0pEHNgb33yx6vtInaTSYIQ5cxa3XDA_50AQearV5SuYSlp8dK0BkpVCKgvSQdTn-2WiaV_hvO
+KzG7D2adT1kYY6TjYMXIaUiJ33y1XSNDG0s6r4NG5dNE6Jj7thdpnV-AAZoi0uZh1_bsHKLVmHRr
+NCXAc6DZm1D4N9y5lOJwUprUlJisZXLFTQThGMRY5dtiY_eK9Xjj4FQygXXhuhFXHz2-e4YApORv
+lXDcT29IZuuI1j26bxdNdhNr1wZsqqievBN6l6OQMiP21eIrxAUu1BEmiVOrfOzaEjxldDN2gFum
+4-zf9gsQT9UT8KEuOje64wVeHr09JpWuddV9HOAMvqc6mKTWmvUv_QiLgtK_b39QccMrOfOA1usM
+biRJ9wuTYIr584Q9CjHEcm5e2YufcbF-IDZ4IDui8gNXyYJuusTYdspeKzrtiLKfgI56ZWA3it9G
+SOkN18YyUmhk7HFkx9qEifb4UEbUQPb0dyXBRotf-91c5CPkct-36uV4sZBA_AR1tX3-aRKKB_SQ
+B0zaG-eaEdEqKv-ZYHqk23ZxiEsCX3ZdY7VSMWztE3_D5n8UgEl4et5LVfnjvU-arVVO93WUbXk0
+zi2QrOwytOZ0StAvFdF1nVwWllPg4EYcn8qLJIaaBRvLMlpHixtwRhltwJeMmJl3ExImOxNhVbhF
+6LxVXW6JK8JfMIwb_TE4EShDBjemq76BojQOwrO4OAyPG7B5iUtefdY-Zu1EtjXPhrUgljI_A1tg
+5_2WNjNTCT7Bvig3saFsIRi3cvgIcMAF2H7kJYw3UDvCFnx4LIom2u6vSeyatPxEOhRfpP0KvgEU
+koM9DFJW7VWQ11mB_DcU2NoYHdFKFy_cM62kIvoRwZTADGryEtkLSWEDT8MLpVrGXP2RjSZ3HHqC
+vVpVqQHC2VIqNKi2uHtYCiTEfj81Z0rCrnH3hYIRoOSe5W6m17xyb0RloG0G44uK0oNCfDYLwK0L
+TJaBdWSIBYI__ISsKx8o8r-3XLtbwQPPhv4-LpGwJYd7sIcqnpTYAyNGSrbEM4ECzHCH9Hwf9Duy
+cAQGWqXIbTV9i8ryw8OhcCZPTf3noPZyhzzdegiv6KNT-BBbxsgtDehtP-jvpd9eAhjlfUV_hoFJ
+rBUVMFrIOEDnnItVqBDmnavRdhn6N9ObVjVMv_4inhkvtpBCEVxtVQT2kFuBmZvPu_uHHbXi7_g8
+SVs3AjJ2ya3pZraK6gH3IOYoGtTAH3rKl7XdTMjqWnUCbhepuJqeEOF-DhpsEW7Oo0Lqzbjg
\ No newline at end of file
# prevent the portal interface's login processing from searching for a user\r
# specific cookie, and will instead allow passage if a valid session cookie is discovered.\r
onap_enabled={{.Values.config.portalOnapEnabled}}\r
+onap.user_id_cookie_name={{.Values.config.portalCookieName}}\r
+cookie_decryptor_classname={{.Values.config.cookieDecryptorClass}}\r
+app_roles={{.Values.config.portalAppRoles}}\r
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
name: {{ include "common.fullname" . }}-logs
- mountPath: /usr/share/filebeat/data
name: aai-sparky-filebeat
+ resources:
+{{ include "common.resources" . }}
volumes:
- name: localtime
metadata:
name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }}
# application image
repository: nexus3.onap.org:10001
-image: onap/sparky-be:1.3.0
+image: onap/sparky-be:1.4-STAGING-latest
pullPolicy: Always
restartPolicy: Always
flavor: small
gerritBranch: 3.0.0-ONAP
gerritProject: http://gerrit.onap.org/r/aai/test-config
portalUsername: aaiui
- portalPassword: 1t2v1vfv1unz1vgz1t3b
+ portalPassword: OBF:1t2v1vfv1unz1vgz1t3b
+ portalCookieName: UserId
+ portalAppRoles: ui_view
+ aafUsername: aai@aai.onap.org
+ aafNamespace: org.onap.aai.aaiui
+ aafPassword: enc:xxYw1FqXU5UpianbPeH5Rezg0YfjzuwQrSiLcCmJGfz
+ cadiKeyFile: /opt/app/sparky/config/portal/keyFile
+ cadiTrustStore: /opt/app/sparky/config/auth/truststoreONAPall.jks
+ cadiFileLocation: /opt/app/sparky/config/portal/cadi.properties
+ cadiTrustStorePassword: changeit
+ cookieDecryptorClass: org.onap.aai.sparky.security.BaseCookieDecryptor
# ONAP Cookie Processing - During initial development, the following flag, if true, will
# prevent the portal interface's login processing from searching for a user
apiVersion: v1
description: ONAP AAI Spike microservice
name: aai-spike
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
- mountPath: /var/log/onap
name: {{ include "common.fullname" . }}-logs
resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
# side car containers
- name: filebeat-onap
name: {{ include "common.fullname" . }}-logs
- mountPath: /usr/share/filebeat/data
name: aai-filebeat
+ resources:
+{{ include "common.resources" . }}
volumes:
- name: localtime
metadata:
name: {{ include "common.fullname" . }}-spike-secrets
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }}
# Global configuration defaults.
#################################################################
global:
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
loggingImage: beats/filebeat:5.5.0
#################################################################
apiVersion: v1
description: ONAP AAI traversal
name: aai-traversal
-version: 3.0.0
+version: 4.0.0
-2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf
-jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm
-4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe
-moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf
-GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT
-74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh
-iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb
-p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt
-3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW
-hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7
-RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX
-xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk
-8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q
-ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i
-5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe
-GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE
-_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k
-zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf
-S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU
-LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw
-hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W
-nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP
-bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN
-JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk
-Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y
-J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP
-mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF
\ No newline at end of file
+yf1wUdfxbhVQQq5UF8hzWB_01VVrRIkC8BaLT7NMTrmv30RsMj3lvlaX3_CnVC1emYgmiUfWnT7k
+brk0m-URJAKM8Pm6PrnOyKlx3U7NS8HVcFdKpVm_bx0CFsA3eY2NGe-D0gd35V1MohCbABZ8G2a6
+AgE7QmToHCwclXW_goK5P7lmJX1HaMVAIydMreP1m9sSR4UboRlvkH6VsMM1H1Y9ZhhXF--RkWAM
+EcIspNTQE4ef3ZvYtSzuWssGZP8Hjo4XJlXz1uCSkyczw0IR19n-lspF9S0cIMro6QqvJsyjyjRo
+UdYgxdwmQ_st4P43TZ8YEBQyE8r7VUoh_EqUx9ldilxGA0kBOQcTdtd805Kf98grXiQXeT-8UD1L
+02aLzbz8Md7f8foGS1oGLfoImdjYCzOOZs3qHmKSb6YoHY8VcBCxIEfCznYl8wLYLRsSZ0tV4SAM
+qCM_KHOM0HOZrNfSSAW5ZVZb67U9NI9SLFRV8gkmqxMspfjSLJCyHhq0D6RMECSpeAeVgoh6SWDw
+mBSXunY5ZWVzdUyEezjCcl3NqTahrlfMSV5xkfUmSNFe_WW9rIXF0vD6MHAEW62yA1OA8WoMUqp2
+VKkUzWGVGAdMvbU52D6hqmGXER44kxAHVgEwPdhQhqgk4BpjR2v9ozQ6E_xNGkSRnriNB-H6BSN0
+vZa0pNJfvmBCjwGeoyRbCJrN1grLoDHQ3_6g-IwsD3NugKp6SHxUgfiPAUMGz-J2ZdbAlU0SNQgM
+8gn6_cOaXvhqHBwh9SfT4jXyuCJru0zw3pyOjuw6fLMezvJDPvFfIgWllzc2IQ7_bufMZgCr2yAe
+O-nBzsXK8aqItzCti53sZLSM1YC6OuRaiIt2i0yTVa7koFYSFhyELqEco5cFKMs0c6SrgIxnRrBT
+x0RPXIyLdiRr76uP2wxL8KDfJ1vbCKi1xkZRchvQfm3ssgpzXVz8lnZ-HxacEhhAfGdDV56ZgRhu
+5UVQd2RdP9JVpnXRJPhVwlQeQlrIXWHp01efBPRMTZQd2lpaNqn5v5chzpi9bbM3P3-BLxnN2NID
+dv1E9Ox7MH-m3IQT9yFUi-UrDxAId4dnpgeCvyxhfnc1HJ9B71x9wmryC9PJWiKs3K-T_eC9pR4o
+eN5PUZZ7arwdMUmzqKPNAtyMqaJCWfD3GZ1KsC8OV5Ze0DRQZPeT3IHg2BUC1NGj2SdjcwaGP_zl
+uytFZWN7kQjnI4brorkO_jzjf7SEPCO7Vy2Z2vikIv7O8bSWZWDGYCcxUoYigFYcjZFirRYr3Yvl
+YZU-F_qh6ZvrVxStSpz6iYDAzPW9v4ZyLSHyWe5H2AN89uRdnvag1769KpjsmGVYbn5jabgCJFs8
+EL7rxymrXri5cKsGH8XC1E0a-kP6vvhdHJhx5eFsFmKJaWh3RCJ8_I5CSzSRsK8JvE1Z6nGFn_SI
+dpeNjf66lbm4y68loUh5Q4BDce3YaCT1gHmluBzXnv1vFzuvJ2jcVyq-nUDjdTqvM9okW8Prmt7l
+ttQ3MVZI4rd-tXJfV4lxaI6wF4LIwiMJmY2tiCHoJ5nbLfHvMG7G5K1NAbizPltQxURPiMPZeCDZ
+15SXI9vdCR-FyQikzp1hUUMMqz231-6BDDTKMOXpicQRQ0CHpEfxY4Rq3mu0QmRi-EIs6JAzfuLi
+ba7fbfHnkhl3GWkj0CVZD8uDbzJceSTHICqVt-3qECUSG3ZfsuebWAEWED_xQoXyAL7kK8fMOPwl
+m6qEk4z7boiJSrcQ2ZIdyPs2bZNvlv4wYg0F3BhFf2HeCYwR3BKXQGlDXGOAD5GuRpHHBch9JfVa
+iUbvCEF23mee633C_K4zCaaVR9UqXMefzqFxSsobMp3heo3eIcQzLhe2SL2xpI9TbsvN2N4c9UMk
+_TnQBHiYBgPxtB_j8bnVu7C__lTTpPKYLpUPxgWEIzljZzbkF37QQ1XtAc2EzcOi2FT4qsjlNgPw
+PbL6ZihWEYZrZUilTSLzzjcQDLzoaF6BL2LOOS-Uju-B7COhcSMc0JLYOob6RDBE9T6HUMuZ
# Properties Generated by AT&T Certificate Manager
# @copyright 2016, AT&T
############################################################
-cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
cadi_keyfile=/opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile
cadi_keystore=/opt/app/aai-traversal/resources/aaf/org.onap.aai.p12
-cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV
-#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)>
+cadi_keystore_password=enc:nF3D1h00vVoLZkCnFtTCJAiH6maEiA3933rI3ctap9Ggjlm2SMg_dxk6ui9iiDwr
+#cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL
cadi_alias=aai@aai.onap.org
cadi_truststore=/opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks
-cadi_truststore_password=enc:s77wlnZFoQ08NhnU3OSeWO6uKgRwC6sAK-wTvVubNz2
+cadi_truststore_password=enc:8BxmWFFRI9wcf2jVixnfdK2GPI4veaXofZ65fcYThHv
cadi_loglevel=INFO
cadi_bath_convert=/opt/app/aai-traversal/resources/aaf/bath_config.csv
server.port=8446
server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
-server.ssl.key-store=${server.local.startpath}etc/auth/{{ .Values.global.config.keystore.filename }}
+server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
-server.ssl.trust-store=${server.local.startpath}etc/auth/{{ .Values.global.config.truststore.filename }}
+server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
server.ssl.client-auth=want
server.ssl.key-store-type=JKS
# Specifies the version that the application should default to
schema.version.api.default={{ .Values.global.config.schema.version.api.default }}
+schema.translator.list={{ .Values.global.config.schema.translator.list }}
+schema.service.base.url=https://aai-schema-service.{{ include "common.namespace" . }}:8452/aai/schema-service/v1/
+schema.service.nodes.endpoint=nodes?version=
+schema.service.edges.endpoint=edgerules?version=
+schema.service.versions.endpoint=versions
+schema.service.custom.queries.endpoint=stored-queries
+schema.service.client={{ .Values.global.config.schema.service.client }}
+
+schema.service.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
+schema.service.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
+schema.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
+schema.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
<!--
- ============LICENSE_START=======================================================
- org.onap.aai
- ================================================================================
- Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- Modifications Copyright © 2018 Amdocs, Bell Canada
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
- http://www.apache.org/licenses/LICENSE-2.0
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
- ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ ============LICENSE_START=======================================================
+ org.onap.aai
+ ================================================================================
+ Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ Modifications Copyright © 2018 Amdocs, Bell Canada
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+ ECOMP is a trademark and service mark of AT&T Intellectual Property.
-->
<configuration scan="true" scanPeriod="60 seconds" debug="false">
- <statusListener class="ch.qos.logback.core.status.NopStatusListener" />
- <property resource="application.properties" />
- <property name="namespace" value="aai-traversal"/>
- <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
- <jmxConfigurator />
- <property name="logDirectory" value="${AJSC_HOME}/logs" />
- <property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
- <property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
- <property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
- <!-- <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> -->
- <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
- <property name="eelfTransLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{partnerName}:%m%n"/>
- <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" />
- <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" />
- <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" />
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <pattern>
- %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}
- </pattern>
- </encoder>
- </appender>
- <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/rest/sane.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder>
- <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
- </pattern>
- </encoder>
- </appender>
- <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="SANE" />
- </appender>
- <appender name="METRIC"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <file>${logDirectory}/rest/metrics.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfMetricLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="METRIC" />
- </appender>
- <appender name="DEBUG"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <file>${logDirectory}/rest/debug.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="DEBUG" />
- </appender>
- <appender name="ERROR"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <file>${logDirectory}/rest/error.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfErrorLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="ERROR" />
- </appender>
- <appender name="AUDIT"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/rest/audit.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfAuditLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="AUDIT" />
- </appender>
- <appender name="translog"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <file>${logDirectory}/rest/translog.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfTransLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="translog" />
- </appender>
- <appender name="dmaapAAIEventConsumer"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="dmaapAAIEventConsumerDebug"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="dmaapAAIEventConsumerMetric"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfMetricLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="external"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <file>${logDirectory}/external/external.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.EcompEncoder">
- <pattern>${eelfLogPattern}</pattern>
- </encoder>
- </appender>
- <logger name="org.onap.aai" level="DEBUG" additivity="false">
- <appender-ref ref="asyncDEBUG" />
- <appender-ref ref="asyncERROR" />
- <appender-ref ref="asyncMETRIC" />
- <appender-ref ref="asyncSANE" />
- </logger>
- <!-- Spring related loggers -->
- <logger name="org.springframework" level="WARN" />
- <logger name="org.springframework.beans" level="WARN" />
- <logger name="org.springframework.web" level="WARN" />
- <logger name="com.blog.spring.jms" level="WARN" />
- <logger name="com.jayway.jsonpath" level="WARN" />
- <!-- AJSC Services (bootstrap services) -->
- <logger name="ajsc" level="WARN" />
- <logger name="ajsc.RouteMgmtService" level="WARN" />
- <logger name="ajsc.ComputeService" level="WARN" />
- <logger name="ajsc.VandelayService" level="WARN" />
- <logger name="ajsc.FilePersistenceService" level="WARN" />
- <logger name="ajsc.UserDefinedJarService" level="WARN" />
- <logger name="ajsc.UserDefinedBeansDefService" level="WARN" />
- <logger name="ajsc.LoggingConfigurationService" level="WARN" />
- <!-- AJSC related loggers (DME2 Registration, csi logging, restlet, servlet
- logging) -->
- <logger name="org.codehaus.groovy" level="WARN" />
- <logger name="com.att.scamper" level="WARN" />
- <logger name="ajsc.utils" level="WARN" />
- <logger name="ajsc.utils.DME2Helper" level="WARN" />
- <logger name="ajsc.filters" level="WARN" />
- <logger name="ajsc.beans.interceptors" level="WARN" />
- <logger name="ajsc.restlet" level="WARN" />
- <logger name="ajsc.servlet" level="WARN" />
- <logger name="com.att.ajsc" level="WARN" />
- <logger name="com.att.ajsc.csi.logging" level="WARN" />
- <logger name="com.att.ajsc.filemonitor" level="WARN" />
- <logger name="com.netflix.loadbalancer" level="WARN" />
- <logger name="org.apache.zookeeper" level="OFF" />
- <!-- Other Loggers that may help troubleshoot -->
- <logger name="net.sf" level="WARN" />
- <logger name="org.apache.commons.httpclient" level="WARN" />
- <logger name="org.apache.commons" level="WARN" />
- <logger name="org.apache.coyote" level="WARN" />
- <logger name="org.apache.jasper" level="WARN" />
- <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
- May aid in troubleshooting) -->
- <logger name="org.apache.camel" level="WARN" />
- <logger name="org.apache.cxf" level="WARN" />
- <logger name="org.apache.camel.processor.interceptor" level="WARN" />
- <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
- <logger name="org.apache.cxf.service" level="WARN" />
- <logger name="org.restlet" level="WARN" />
- <logger name="org.apache.camel.component.restlet" level="WARN" />
- <logger name="org.hibernate.validator" level="WARN" />
- <logger name="org.hibernate" level="WARN" />
- <logger name="org.hibernate.ejb" level="OFF" />
- <!-- logback internals logging -->
- <logger name="ch.qos.logback.classic" level="WARN" />
- <logger name="ch.qos.logback.core" level="WARN" />
- <logger name="org.eclipse.jetty" level="WARN" />
- <!-- logback jms appenders & loggers definition starts here -->
- <appender name="auditLogs"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter" />
- <file>${logDirectory}/perf-audit/Audit-${lrmRVer}-${lrmRO}-${Pid}.log
- </file>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/perf-audit/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
- </encoder>
- </appender>
- <appender name="perfLogs"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter" />
- <file>${logDirectory}/perf-audit/Perform-${lrmRVer}-${lrmRO}-${Pid}.log
- </file>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/perf-audit/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
- </encoder>
- </appender>
- <appender name="miscLogs" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/misc/misc.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/misc/misc.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder>
- <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
- </pattern>
- </encoder>
- </appender>
- <logger name="AuditRecord" level="INFO" additivity="false">
- <appender-ref ref="auditLogs" />
- </logger>
- <logger name="AuditRecord_DirectCall" level="INFO" additivity="false">
- <appender-ref ref="auditLogs" />
- </logger>
- <logger name="PerfTrackerRecord" level="INFO" additivity="false">
- <appender-ref ref="perfLogs" />
- </logger>
- <logger name="MiscRecord" level="INFO" additivity="false">
- <appender-ref ref="miscLogs" />
- </logger>
- <!-- logback jms appenders & loggers definition ends here -->
- <logger name="org.onap.aai.interceptors.post" level="DEBUG"
- additivity="false">
- <appender-ref ref="asynctranslog" />
- </logger>
- <logger name="org.onap.aai.interceptors.pre.SetLoggingContext" level="DEBUG">
- <appender-ref ref="asyncAUDIT"/>
- </logger>
- <logger name="org.onap.aai.interceptors.post.ResetLoggingContext" level="DEBUG">
- <appender-ref ref="asyncAUDIT"/>
- </logger>
- <logger name="org.onap.aai.dmaap" level="DEBUG" additivity="false">
- <appender-ref ref="dmaapAAIEventConsumer" />
- <appender-ref ref="dmaapAAIEventConsumerDebug" />
- <appender-ref ref="dmaapAAIEventConsumerMetric" />
- </logger>
- <logger name="org.apache" level="OFF" />
- <logger name="org.zookeeper" level="OFF" />
- <logger name="com.thinkaurelius" level="WARN" />
- <logger name="com.att.aft.dme2" level="WARN" />
- <!-- ============================================================================ -->
- <!-- General EELF logger -->
- <!-- ============================================================================ -->
- <logger name="com.att.eelf" level="WARN" additivity="false">
- <appender-ref ref="asyncDEBUG" />
- <appender-ref ref="asyncERROR" />
- <appender-ref ref="asyncMETRIC" />
- </logger>
- <root level="DEBUG">
- <appender-ref ref="external" />
- {{if .Values.global.config.logback.console.enabled}}
- <appender-ref ref="STDOUT" />
- {{ end }}
- </root>
+ <statusListener class="ch.qos.logback.core.status.NopStatusListener" />
+ <property resource="application.properties" />
+ <property name="namespace" value="aai-traversal"/>
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <jmxConfigurator />
+ <property name="logDirectory" value="${AJSC_HOME}/logs" />
+ <property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <!-- <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> -->
+ <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfTransLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{partnerName}:%m%n"/>
+ <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" />
+ <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" />
+ <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" />
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>
+ %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}
+ </pattern>
+ </encoder>
+ </appender>
+ <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/sane.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
+ </pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="SANE" />
+ </appender>
+ <appender name="METRIC"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/metrics.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="METRIC" />
+ </appender>
+ <appender name="DEBUG"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/debug.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="DEBUG" />
+ </appender>
+ <appender name="ERROR"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/rest/error.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfErrorLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="ERROR" />
+ </appender>
+ <appender name="AUDIT"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/audit.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfAuditLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="AUDIT" />
+ </appender>
+ <appender name="translog"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/translog.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfTransLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="translog" />
+ </appender>
+ <appender name="dmaapAAIEventConsumer"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="dmaapAAIEventConsumerDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="dmaapAAIEventConsumerMetric"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="external"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/external/external.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <logger name="org.onap.aai" level="DEBUG" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncERROR" />
+ <appender-ref ref="asyncMETRIC" />
+ <appender-ref ref="asyncSANE" />
+ <appender-ref ref="STDOUT" />
+ </logger>
+
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" />
+ <logger name="org.springframework.beans" level="WARN" />
+ <logger name="org.springframework.web" level="WARN" />
+ <logger name="com.blog.spring.jms" level="WARN" />
+ <logger name="com.jayway.jsonpath" level="WARN" />
+
+ <logger name="ch.qos.logback.classic" level="WARN" />
+ <logger name="ch.qos.logback.core" level="WARN" />
+ <logger name="org.eclipse.jetty" level="WARN" />
+
+ <logger name="org.onap.aai.interceptors.post" level="DEBUG"
+ additivity="false">
+ <appender-ref ref="asynctranslog" />
+ </logger>
+ <logger name="org.onap.aai.interceptors.pre.SetLoggingContext" level="DEBUG">
+ <appender-ref ref="asyncAUDIT"/>
+ </logger>
+ <logger name="org.onap.aai.interceptors.post.ResetLoggingContext" level="DEBUG">
+ <appender-ref ref="asyncAUDIT"/>
+ </logger>
+ <logger name="org.onap.aai.dmaap" level="DEBUG" additivity="false">
+ <appender-ref ref="dmaapAAIEventConsumer" />
+ <appender-ref ref="dmaapAAIEventConsumerDebug" />
+ <appender-ref ref="dmaapAAIEventConsumerMetric" />
+ </logger>
+ <logger name="org.apache" level="OFF" />
+ <logger name="org.zookeeper" level="OFF" />
+ <logger name="com.thinkaurelius" level="WARN" />
+ <logger name="com.att.aft.dme2" level="WARN" />
+ <!-- ============================================================================ -->
+ <!-- General EELF logger -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="WARN" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncERROR" />
+ <appender-ref ref="asyncMETRIC" />
+ </logger>
+ <root level="DEBUG">
+ <appender-ref ref="external" />
+ {{if .Values.global.config.logback.console.enabled}}
+ <appender-ref ref="STDOUT" />
+ {{ end }}
+ </root>
</configuration>
"visualRange": "1",
"path": "/aai/v14/search/generic-query"
},
+ {
+ "serviceName": "_aai-generic-query",
+ "version": "v15",
+ "url": "/aai/v15/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/search/generic-query"
+ },
+ {
+ "serviceName": "_aai-generic-query",
+ "version": "v16",
+ "url": "/aai/v16/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/search/generic-query"
+ },
{
"serviceName": "_aai-nodes-query",
"version": "v11",
"visualRange": "1",
"path": "/aai/v14/search/nodes-query"
},
+ {
+ "serviceName": "_aai-nodes-query",
+ "version": "v15",
+ "url": "/aai/v15/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/search/nodes-query"
+ },
+ {
+ "serviceName": "_aai-nodes-query",
+ "version": "v16",
+ "url": "/aai/v16/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/search/nodes-query"
+ },
{
"serviceName": "_aai-query",
"version": "v11",
"visualRange": "1",
"path": "/aai/v14/query"
},
+ {
+ "serviceName": "_aai-query",
+ "version": "v15",
+ "url": "/aai/v15/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/query"
+ },
+ {
+ "serviceName": "_aai-query",
+ "version": "v16",
+ "url": "/aai/v16/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/query"
+ },
{
"serviceName": "_aai-named-query",
"url": "/aai/search",
"lb_policy":"ip_hash",
"visualRange": "1"
},
+ {
+ "serviceName": "aai-generic-query",
+ "version": "v15",
+ "url": "/aai/v15/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-generic-query",
+ "version": "v16",
+ "url": "/aai/v16/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
{
"serviceName": "aai-nodes-query",
"version": "v11",
"lb_policy":"ip_hash",
"visualRange": "1"
},
+ {
+ "serviceName": "aai-nodes-query",
+ "version": "v15",
+ "url": "/aai/v15/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-nodes-query",
+ "version": "v16",
+ "url": "/aai/v16/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
{
"serviceName": "aai-query",
"version": "v11",
"lb_policy":"ip_hash",
"visualRange": "1"
},
+ {
+ "serviceName": "aai-query",
+ "version": "v15",
+ "url": "/aai/v15/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-query",
+ "version": "v16",
+ "url": "/aai/v16/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
{
"serviceName": "aai-named-query",
"url": "/aai/search",
args:
- --container-name
- aai-cassandra
+ - --container-name
+ - aai-schema-service
{{ end }}
env:
- name: NAMESPACE
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
name: {{ include "common.fullname" . }}-logs
- mountPath: /usr/share/filebeat/data
name: {{ include "common.fullname" . }}-filebeat
+ resources:
+{{ include "common.resources" . }}
volumes:
- name: localtime
hostPath:
name: {{ include "common.fullname" . }}-realm-configmap
- name: {{ include "common.fullname" . }}-auth-truststore-sec
secret:
- secretName: aai-auth-truststore-secret
+ secretName: aai-common-truststore
items:
{{ range $job := .Values.global.config.auth.files }}
- key: {{ . }}
name: {{ include "common.fullname" . }}-realm-configmap
- name: {{ include "common.fullname" . }}-auth-truststore-sec
secret:
- secretName: aai-auth-truststore-secret
+ secretName: aai-common-truststore
items:
{{ range $job := .Values.global.config.auth.files }}
- key: {{ . }}
global: # global defaults
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
# application image
repository: nexus3.onap.org:10001
-image: onap/aai-traversal:1.3.3
+image: onap/aai-traversal:1.4-STAGING-latest
pullPolicy: Always
restartPolicy: Always
flavor: small
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIFATCCA+mgAwIBAgIIWY+5kgf/UH8wDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE
+BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp
+bnRlcm1lZGlhdGVDQV85MB4XDTE5MDMyNjAzMjc1MloXDTIwMDMyNjAzMjc1Mlow
+azERMA8GA1UEAwwIYWFpLm9uYXAxDzANBgkqhkiG9w0BCQEWADEZMBcGA1UECwwQ
+YWFpQGFhaS5vbmFwLm9yZzEOMAwGA1UECwwFT1NBQUYxDTALBgNVBAoMBE9OQVAx
+CzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyZj
+PvQrgB2bhyE3kpSH6OjXigs/+MfmV4eOrEwmMzQ1lWjItu2z5WY9xNGCky85G3Pr
+qmCfT/qNPXd0W5kEujYlL0QnvrCa77WP3kSSu0kMKdUJV3S90Rp1SOhGFU/WroAQ
+XvlzyBCunqQ9/F/L6mS8dLotUbkGIQlojAYOukWOT/+ogMMxzpxtb91QR+Wl4YeY
+yzX//0rls/6nEKzCh2STHJuTkXqL0kod+KY08unpvMX2J/SEeHdWLS8Gsuus6oqM
+r4bFyquua/U1ApxEMn0/agY58V75dF5CRPJRYrqqf9I6DBr0SntHv6pzMhokjewl
+ukkrEsvIOkqEvIcE+QIDAQABo4IByzCCAccwCQYDVR0TBAIwADAOBgNVHQ8BAf8E
+BAMCBeAwIAYDVR0lAQH/BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFQGA1UdIwRN
+MEuAFIH3mVsQuciM3vNSXupOaaBDPqzdoTCkLjAsMQ4wDAYDVQQLDAVPU0FBRjEN
+MAsGA1UECgwET05BUDELMAkGA1UEBhMCVVOCAQcwHQYDVR0OBBYEFFziBN1nFOnS
+Sp7XkxOuzVNR1GFLMIIBEQYDVR0RBIIBCDCCAQSCCGFhaS5vbmFwghJhYWktc3Bh
+cmt5LWJlLm9uYXCCG2FhaS5hcGkuc2ltcGxlZGVtby5vbmFwLm9yZ4IlYWFpLmVs
+YXN0aWNzZWFyY2guc2ltcGxlZGVtby5vbmFwLm9yZ4IlYWFpLmdyZW1saW5zZXJ2
+ZXIuc2ltcGxlZGVtby5vbmFwLm9yZ4IdYWFpLmhiYXNlLnNpbXBsZWRlbW8ub25h
+cC5vcmeCJWFhaS5zZWFyY2hzZXJ2aWNlLnNpbXBsZWRlbW8ub25hcC5vcmeCF2Fh
+aS5zaW1wbGVkZW1vLm9uYXAub3JnghphYWkudWkuc2ltcGxlZGVtby5vbmFwLm9y
+ZzANBgkqhkiG9w0BAQsFAAOCAQEAlqwzbZv/0uxVPmFJMB2t5B2nw3GNojLwxnHh
+UVKzrLbDDpM36CkY8uX9kYAaf/Eg8eA5Jp0T9lGCheg0TNHM9OBqyyvDPjewZ5jO
+N0xooRs7gh4bYtQaWIjCOg6bXg+mHkW4VVbpewMJYivGpJZQ76LauuHtg1OA688s
+fy4SGrbC902OoPZ8zJlINOyljqSa+uNwvv6bg9Iqnuq/jUaFpKOYVUkMzw/ImVzy
+3kXH/hY+nz4FNvMPlULgwxskOBRp90a5VWBC48cNzg4aNtanVz6lPAr/AVD1R6jt
+ZDEd3Ww8nTlRKjUryxgoorqo8ThctZscWBpHMRW4B/LgGEYtRA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB
+RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN
+MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG
+A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL
+neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d
+o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3
+nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV
+v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO
+15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw
+gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV
+M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/
+BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B
+AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q
+ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl
+u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+
++pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/
+QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht
+8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX
+kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3
+aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky
+uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w
+tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep
+BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k=
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEAuyZjPvQrgB2bhyE3kpSH6OjXigs/+MfmV4eOrEwmMzQ1lWjI
+tu2z5WY9xNGCky85G3PrqmCfT/qNPXd0W5kEujYlL0QnvrCa77WP3kSSu0kMKdUJ
+V3S90Rp1SOhGFU/WroAQXvlzyBCunqQ9/F/L6mS8dLotUbkGIQlojAYOukWOT/+o
+gMMxzpxtb91QR+Wl4YeYyzX//0rls/6nEKzCh2STHJuTkXqL0kod+KY08unpvMX2
+J/SEeHdWLS8Gsuus6oqMr4bFyquua/U1ApxEMn0/agY58V75dF5CRPJRYrqqf9I6
+DBr0SntHv6pzMhokjewlukkrEsvIOkqEvIcE+QIDAQABAoIBAEe1OrvJZM2PCqOp
+N5jjbnvwk32iN93EAl8xYppkBxMBgzJ/VsC4rYBNP4elWym4I2KAdSDwKrrDXtDZ
+b20VYXlT+8VzkOMA2izU3Y4lqi82mwGATjcDVSPExoGr9gZ+c9yi1yL8478ZnT7N
+4a5Mql5iQM9c8rZodY+9AiD8xTHbgXbaGmBsDhTxT/HPDsoacR/SHMh3XowbhAcs
+eXAe+NdDtLcG6WOEqi/EhkagkWvsecIBoy888Ffbxa5h/DLEaCCoC3Dw1tWFX8KM
+86sC9sQKDVRVKpKs2/9MGl9LoPi9jNDrOP6/Zx3T4k479ozGp/0G70LzmUcih72j
+MUbr4f0CgYEA/AV0yOLZh0i2K53jpv3e8RDJkOBFuLb0ZZVdGkVYHncw9/WY070E
+TJi0B51RAJtdSksAWa6o+1+VaJKQHtMZpABwMWDMRQUqdC+o+knONRpdCHwxXnSl
+gvujFyYJhURKDr42z0xjbQrHaEZRuVJ6tzJQhFtE66G01ngREhDPbUsCgYEAvhrB
+A/IOQpPaHcfU2ik80VE0KU9N4Ez50ZlheEbBDVTrMWzuFy8p9niNSfDKC7s5aqlP
+DgDvTD80D8Zw6+yT/aDU5iEf5vMdKc1pnlr8jJoCNSvuyJZ40kDSehsBOKC+YN3g
+b6xaYWIcH3mwwoLZO9XFsN5KAg/dSMJED8AGAEsCgYAduMMCIgbHdqLNWAyOGCif
+w3wSEvEGDMWb6VaWj5EJ3sKuq48/gW4tXmD0+O+ho7EH3vqGmRuisa4cLBTFHd5L
+QiX5HNJaXXaZRzmlcujXyGkqZAMqgZU3clfUlg7PYbNeM76hCgA7zuaffJOMyJZi
+XpOyWFUzeNmr5XMV71eXKwKBgEtgzFvGJMVdXsUkMU/3vfe5XRdsLJLdssjbKnzI
+gU/J9h/480caGmdyUYOaCGMyb4fNbl09HaV8AianJqtFeUC9/uzpAX9PsqaanmB9
+71nIz0tKCjpa/7lOnqZwAsHzasl58L4W9xdaEZChbecSfxRspSCGY44BwFpTPS2J
+lFeVAoGAFOetqKStyEy+qruEOMk+lWwaKLGZ4hLk7qmFochxwrXgx7hcZ4Zrqkv9
+7qyQtbAalFiCHGmLBdSb+GLfD/1pPUA3wJoLo/I3f4g9c7cw7m7r8MdWPDXSL2Vk
+vM97Syv92KQUBl8te7S3+bDBNklgb+KwRqSk3QRAl8ARWEjg8Kk=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf
+jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm
+4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe
+moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf
+GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT
+74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh
+iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb
+p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt
+3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW
+hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7
+RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX
+xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk
+8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q
+ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i
+5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe
+GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE
+_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k
+zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf
+S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU
+LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw
+hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W
+nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP
+bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN
+JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk
+Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y
+J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP
+mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF
\ No newline at end of file
data:
{{ tpl (.Files.Glob "resources/config/aai/*").AsSecrets . | indent 2 }}
-
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-fproxy-auth-certs
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/fproxy/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-rproxy-auth-certs
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/rproxy/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-rproxy-security-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/rproxy/security/*").AsSecrets . | indent 2 }}
+{{ end }}
\ No newline at end of file
subPath: haproxy.cfg
{{ end }}
name: haproxy-cfg
+ - mountPath: /etc/ssl/private/aai.pem
+ name: aai-pem
+ subPath: aai.pem
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
{{- if .Values.nodeSelector }}
nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
{{- end -}}
{{- if .Values.affinity }}
affinity:
-{{ toYaml .Values.affinity | indent 10 }}
+{{ toYaml .Values.affinity | indent 8 }}
{{- end }}
volumes:
- name: haproxy-cfg
configMap:
name: aai-deployment-configmap
+ - name: aai-pem
+ secret:
+ secretName: aai-haproxy-secret
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
metadata:
name: aai-common-aai-auth
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
type: Opaque
data:
{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-common-truststore
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/aai/*").AsSecrets . | indent 2 }}
busyboxImage: busybox
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
# Schema specific properties that include supported versions of api
schema:
+ # Specifies if the connection should be one way ssl, two way ssl or no auth
+ service:
+ client: one-way-ssl
+ # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service
+ translator:
+ list: schema-service
source:
# Specifies which folder to take a look at
name: onap
version:
# Current version of the REST API
api:
- default: v14
+ default: v16
# Specifies which version the depth parameter is configurable
- depth: v9
+ depth: v11
# List of all the supported versions of the API
- list: v8,v9,v10,v11,v12,v13,v14
+ list: v11,v12,v13,v14,v15,v16
# Specifies from which version related link should appear
related:
- link: v10
+ link: v11
# Specifies from which version the app root change happened
app:
root: v11
apiVersion: v1
description: Application Controller
name: appc
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP APPC Ansible Server
name: appc-ansible-server
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
--- /dev/null
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) -}}
+{{- range $i, $t := until (int $global.Values.replicaCount)}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" $global }}-data{{$i}}
+ namespace: {{ include "common.namespace" $global }}
+ labels:
+ app: {{ include "common.fullname" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}
+spec:
+ capacity:
+ storage: {{ $global.Values.persistence.size}}
+ accessModes:
+ - {{ $global.Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}{{$i}}
+---
+{{- end -}}
+{{- end -}}
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: extensions/v1beta1
-kind: Deployment
+apiVersion: apps/v1beta1
+kind: StatefulSet
metadata:
name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
- mountPath: {{ .Values.config.configDir }}/RestServer_config
name: config
subPath: RestServer_config
+ - mountPath: {{ .Values.persistence.playbookPath }}
+ name: {{ include "common.fullname" . }}-data
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
configMap:
name: {{ include "common.fullname" . }}
defaultMode: 0644
- imagePullSecrets:
+{{ if not .Values.persistence.enabled }}
+ - name: {{ include "common.fullname" . }}-data
+ emptyDir: {}
+{{ else }}
+ volumeClaimTemplates:
+ - metadata:
+ name: {{ include "common.fullname" . }}-data
+ labels:
+ name: {{ include "common.fullname" . }}
+ spec:
+ accessModes: [ {{ .Values.persistence.accessMode }} ]
+ storageClassName: {{ include "common.fullname" . }}-data
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size }}
+{{ end }}
+ imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-ansible-server-image:0.3.2
+image: onap/ccsdk-ansible-server-image:0.4.1-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
config:
appcChartName: appc
mysqlServiceName: appc-dbhost
-
+ configDir: /opt/onap/ccsdk
# default number of instances
replicaCount: 1
portName: appc-ansible-server
internalPort: 8000
externalPort: 8000
+ nfsprovisionerPrefix: appc
+ disableNfsProvisioner: true
+
+## Persist data to a persitent volume
+persistence:
+ enabled: true
+
+ ## A manually managed Persistent Volume and Claim
+ ## Requires persistence.enabled: true
+ ## If defined, PVC must be created manually before volume will be bound
+ # existingClaim:
+ volumeReclaimPolicy: Retain
+
+ ## database data Persistent Volume Storage Class
+ ## If defined, storageClassName: <storageClass>
+ ## If set to "-", storageClassName: "", which disables dynamic provisioning
+ ## If undefined (the default) or set to null, no storageClassName spec is
+ ## set, choosing the default provisioner. (gp2 on AWS, standard on
+ ## GKE, AWS & OpenStack)
+ accessMode: ReadWriteMany
+ size: 1Gi
+ mountPath: /dockerdata-nfs
+ mountSubPath: appc/ansible
+ playbookPath: /home/ansible
ingress:
enabled: false
apiVersion: v1
description: ONAP APPC Self Service Controller Design Tool
name: appc-cdt
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
ports:
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
name: {{ .Values.service.name }}
{{- else -}}
# application image
repository: nexus3.onap.org:10001
-image: onap/appc-cdt-image:1.4.3
+image: onap/appc-cdt-image:1.5.0-SNAPSHOT-latest
pullPolicy: Always
# application configuration
service:
type: NodePort
name: appc-cdt
- externalPort: 80
- internalPort: 80
+ externalPort: 18080
+ internalPort: 18080
nodePort: 89
ingress:
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: mariadb-galera
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: dgbuilder
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
# ============LICENSE_START=======================================================
# APPC
# ================================================================================
-# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+# Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs,Bell Canada
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# This script takes care of installing the SDNC & APPC platform components
# if not already installed, and starts the APPC Docker Container
#
+#set -x
function enable_odl_cluster(){
if [ -z $APPC_REPLICAS ]; then
ENABLE_AAF=${ENABLE_AAF:-true}
DBINIT_DIR=${DBINIT_DIR:-/opt/opendaylight/current/daexim}
-appcInstallStartTime=$(date +%s)
-
#
# Wait for database to init properly
#
then
echo "Installing SDNC database"
${SDNC_HOME}/bin/installSdncDb.sh
- fi
- appc_db_exists=$(mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p{{.Values.config.mariadbRootPassword}} mysql <<-END
+ appc_db_exists=$(mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p{{.Values.config.mariadbRootPassword}} mysql <<-END
show databases like 'appcctl';
END
)
- if [ "x${appc_db_exists}" == "x" ]
- then
- echo "Installing APPC database"
- ${APPC_HOME}/bin/installAppcDb.sh
+ if [ "x${appc_db_exists}" == "x" ]
+ then
+ echo "Installing APPC database"
+ ${APPC_HOME}/bin/installAppcDb.sh
+ fi
+ else
+ sleep 30
fi
echo "Installed at `date`" > ${DBINIT_DIR}/.installed
echo "Installing ODL Host Key"
${SDNC_HOME}/bin/installOdlHostKey.sh
+# echo "Copying a working version of the logging configuration into the opendaylight etc folder"
+# cp ${APPC_HOME}/data/org.ops4j.pax.logging.cfg ${ODL_HOME}/etc/org.ops4j.pax.logging.cfg
+
echo "Starting OpenDaylight"
${ODL_HOME}/bin/start
echo "Waiting ${SLEEP_TIME} seconds for OpenDaylight to initialize"
sleep ${SLEEP_TIME}
- echo "Copying a working version of the logging configuration into the opendaylight etc folder"
- cp ${APPC_HOME}/data/org.ops4j.pax.logging.cfg ${ODL_HOME}/etc/org.ops4j.pax.logging.cfg
- echo "Copying a new version of aaf cadi shiro into the opendaylight deploy folder"
- cp ${APPC_HOME}/data/aaf-shiro-aafrealm-osgi-bundle.jar ${ODL_HOME}/deploy/aaf-shiro-aafrealm-osgi-bundle.jar
-
- echo "Installing SDNC platform features"
- ${SDNC_HOME}/bin/installFeatures.sh
if [ -x ${SDNC_HOME}/svclogic/bin/install.sh ]
then
${SDNC_HOME}/svclogic/bin/install.sh
fi
- if $ENABLE_ODL_CLUSTER ; then echo "Installing Opendaylight cluster features" ; ${ODL_HOME}/bin/client feature:install odl-mdsal-clustering ; ${ODL_HOME}/bin/client feature:install odl-jolokia ; fi
-
- echo "Installing APPC platform features"
- ${APPC_HOME}/bin/installFeatures.sh
-
- if [ -x ${APPC_HOME}/svclogic/bin/install.sh ]
- then
- echo "Installing APPC DGs using platform-logic"
- ${APPC_HOME}/svclogic/bin/install.sh
- fi
-
if [ -x ${APPC_HOME}/svclogic/bin/install-converted-dgs.sh ]
then
echo "Installing APPC JSON DGs converted to XML using dg-loader"
${APPC_HOME}/svclogic/bin/install-converted-dgs.sh
fi
- if $ENABLE_ODL_CLUSTER ; then enable_odl_cluster ; fi
-
- echo "Adding a property system.properties for AAF cadi.properties location"
- echo "" >> ${ODL_HOME}/etc/system.properties
- echo "cadi_prop_files=${APPC_HOME}/data/properties/cadi.properties" >> ${ODL_HOME}/etc/system.properties
- echo "" >> ${ODL_HOME}/etc/system.properties
+ if $ENABLE_ODL_CLUSTER
+ then
+ echo "Installing Opendaylight cluster features"
+ ${ODL_HOME}/bin/client feature:install odl-mdsal-clustering
+ enable_odl_cluster
+ fi
echo "Copying the aaa shiro configuration into opendaylight"
if $ENABLE_AAF
done
echo "Karaf process has stopped"
sleep 10s
+
echo "Installed at `date`" > ${SDNC_HOME}/.installed
fi
- appcInstallEndTime=$(date +%s)
- echo "Total Appc install took $(expr $appcInstallEndTime - $appcInstallStartTime) seconds"
+# Move journal and snapshots directory to persistent storage
+
+hostdir=${ODL_HOME}/daexim/$(hostname -s)
+if [ ! -d $hostdir ]
+then
+ mkdir -p $hostdir
+ if [ -d ${ODL_HOME}/journal ]
+ then
+ mv ${ODL_HOME}/journal ${hostdir}
+ else
+ mkdir ${hostdir}/journal
+ fi
+ if [ -d ${ODL_HOME}/snapshots ]
+ then
+ mv ${ODL_HOME}/snapshots ${hostdir}
+ else
+ mkdir ${hostdir}/snapshots
+ fi
+fi
+
+ln -s ${hostdir}/journal ${ODL_HOME}/journal
+ln -s ${hostdir}/snapshots ${ODL_HOME}/snapshots
echo "Starting cdt-proxy-service jar, logging to ${APPC_HOME}/cdt-proxy-service/jar.log"
java -jar ${APPC_HOME}/cdt-proxy-service/cdt-proxy-service.jar > ${APPC_HOME}/cdt-proxy-service/jar.log &
# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
apiVersion: v1
-description: DMaaP Data Router MariaDB Instance
-name: dmaap-dr-db
-version: 1.0
+description: ONAP Common Design Studio
+name: cds
+version: 4.0.0
--- /dev/null
+# CDS
+
+## Introduction
+
+CDS stands for Common Design Studio. It helps developping service specific
+artifacts for pre instanciation and post configuration.
+
+Full description is on [ONAP Read the Doc](https://docs.onap.org/en/latest/submodules/ccsdk/cds.git/docs/index.html).
+
+Charts has an UI and blueprints processort and controllers.
+Trigger to enable it is on SDNC chart has of today.
+
+## Requirements
+
+CDS needs the following ONAP projects to work:
+
+- AAI
+- SO
+- SDC
+- SDNC
--- /dev/null
+# Copyright (c) 2019 IBM, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Blueprints Processor Micro Service
+name: blueprints-processor
+version: 4.0.0
\ No newline at end of file
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright (c) 2019 IBM, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
dependencies:
- name: common
- version: ~3.0.0
- repository: '@local'
+ version: ~4.x-0
+ repository: '@local'
\ No newline at end of file
--- /dev/null
+# Copyright (c) 2019 IBM, Bell Canada.\r
+#\r
+# Licensed under the Apache License, Version 2.0 (the "License");\r
+# you may not use this file except in compliance with the License.\r
+# You may obtain a copy of the License at\r
+#\r
+# http://www.apache.org/licenses/LICENSE-2.0\r
+#\r
+# Unless required by applicable law or agreed to in writing, software\r
+# distributed under the License is distributed on an "AS IS" BASIS,\r
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+# See the License for the specific language governing permissions and\r
+# limitations under the License.\r
+\r
+# Functionality config\r
+blueprintsprocessor.grpcEnable=true\r
+blueprintsprocessor.restconfEnabled=true\r
+blueprintsprocessor.httpPort=8080\r
+blueprintsprocessor.grpcPort=9111\r
+\r
+# Basic Authentication\r
+security.user.password: {bcrypt}$2a$10$duaUzVUVW0YPQCSIbGEkQOXwafZGwQ/b32/Ys4R1iwSSawFgz7QNu\r
+security.user.name: ccsdkapps\r
+\r
+# Blueprint Processor File Execution and Handling Properties\r
+blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy\r
+blueprintsprocessor.blueprintArchivePath=/opt/app/onap/blueprints/archive\r
+\r
+# Primary Database Configuration\r
+blueprintsprocessor.db.primary.url=jdbc:mysql://cds-db:3306/sdnctl\r
+blueprintsprocessor.db.primary.username=sdnctl\r
+blueprintsprocessor.db.primary.password=sdnctl\r
+blueprintsprocessor.db.primary.driverClassName=org.mariadb.jdbc.Driver\r
+blueprintsprocessor.db.primary.hibernateHbm2ddlAuto=update\r
+blueprintsprocessor.db.primary.hibernateDDLAuto=update\r
+blueprintsprocessor.db.primary.hibernateNamingStrategy=org.hibernate.cfg.ImprovedNamingStrategy\r
+blueprintsprocessor.db.primary.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialect\r
+\r
+# Python executor\r
+blueprints.processor.functions.python.executor.executionPath=/opt/app/onap/scripts/jython/ccsdk_blueprints\r
+blueprints.processor.functions.python.executor.modulePaths=/opt/app/onap/scripts/jython/ccsdk_blueprints,/opt/app/onap/scripts/jython/ccsdk_netconf\r
+\r
+# SDN-C's ODL Restconf Connection Details\r
+blueprintsprocessor.restclient.sdncodl.type=basic-auth\r
+blueprintsprocessor.restclient.sdncodl.url=http://sdnc:8282/\r
+blueprintsprocessor.restclient.sdncodl.username=admin\r
+blueprintsprocessor.restclient.sdncodl.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
\ No newline at end of file
-# Copyright (c) 2018 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T, ZTE
+# Copyright (c) 2019 IBM, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
--- /dev/null
+# Copyright (c) 2019 IBM, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - cds-db
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: APP_CONFIG_HOME
+ value: {{ .Values.config.appConfigDir }}
+ ports:
+ - containerPort: {{ .Values.service.http.internalPort }}
+ {{ if .Values.config.grpcEnabled }}
+ - containerPort: {{ .Values.service.grpc.internalPort }}
+ {{ end }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ httpGet:
+ path: /api/v1/execution-service/ping
+ port: {{ .Values.service.http.internalPort }}
+ httpHeaders:
+ - name: Authorization
+ value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ httpGet:
+ path: /api/v1/execution-service/ping
+ port: {{ .Values.service.http.internalPort }}
+ httpHeaders:
+ - name: Authorization
+ value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: {{ .Values.config.appConfigDir }}/application.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: application.properties
+ - mountPath: {{ .Values.config.appConfigDir }}/logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: logback.xml
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ items:
+ - key: application.properties
+ path: application.properties
+ - key: logback.xml
+ path: logback.xml
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+# Copyright (c) 2019 IBM, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - port: {{ .Values.service.http.externalPort }}
+ targetPort: {{ .Values.service.http.internalPort }}
+ {{- if eq .Values.service.type "NodePort"}}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ {{- end}}
+ name: {{ .Values.service.http.portName | default "http" }}
+ - port: {{ .Values.service.grpc.externalPort }}
+ targetPort: {{ .Values.service.grpc.internalPort }}
+ {{- if eq .Values.service.type "NodePort"}}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ {{- end}}
+ name: {{ .Values.service.grpc.portName | default "grpc" }}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
\ No newline at end of file
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright (c) 2019 IBM, Bell Canada
+#
+# Modifications Copyright (c) 2019 Bell Canada.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# Global configuration defaults.
#################################################################
global:
+ # Change to an unused port prefix range to prevent port conflicts
+ # with other instances running within the same k8s cluster
nodePortPrefix: 302
+
+ # image repositories
repository: nexus3.onap.org:10001
+
+ # readiness check
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
+
+ # image pull policy
+ pullPolicy: Always
+
+ persistence:
+ mountPath: /dockerdata-nfs
#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/vvp/cms:1.0.0
+image: onap/ccsdk-blueprintsprocessor:0.4-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
debugEnabled: false
+# application configuration
+config:
+ appConfigDir: /opt/app/onap/config
+
+# default number of instances
replicaCount: 1
nodeSelector: {}
service:
type: ClusterIP
- internalPort1: 80
- internalPort2: 9000
+ http:
+ portName: blueprints-processor-http
+ internalPort: 8080
+ externalPort: 8080
+ grpc:
+ portName: blueprints-processor-grpc
+ internalPort: 9111
+ externalPort: 9111
+
+persistence:
+ enabled: true
ingress:
enabled: false
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+# limits:
+# cpu: 2
+# memory: 4Gi
+# requests:
+# cpu: 2
+# memory: 4Gi
apiVersion: v1
description: Controller Blueprints Micro Service
name: controller-blueprints
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright (c) 2018 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
dependencies:
- name: common
- version: ~3.0.0
- repository: '@local'
+ version: ~4.x-0
+ repository: '@local'
\ No newline at end of file
--- /dev/null
+# Copyright © 2017-2018 AT&T Intellectual Property.
+# Modifications Copyright © 2018 IBM.
+# Modifications Copyright © 2019 Bell Canada.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Basic Authentication
+basic-auth.user-name=ccsdkapps
+basic-auth.hashed-pwd={bcrypt}$2a$10$MJxhNiOAffxbyrV9.rrOUewP9Q/ASg5Nit2cmP.yBaXGsVXo8BW3y
+
+logging.level.org.springframework.web=INFO
+logging.level.org.hibernate.SQL=warn
+logging.level.org.hibernate.type.descriptor.sql=debug
+
+# To Remove Null in JSON API Response
+spring.jackson.default-property-inclusion=non_null
+
+# Swagger Configuration
+swagger.contact.name=CCSDK team
+swagger.contact.url=www.onap.org
+swagger.contact.email=onap-discuss@lists.onap.org
+
+# DB information
+spring.jpa.properties.hibernate.show_sql=true
+spring.jpa.properties.hibernate.use_sql_comments=true
+spring.jpa.properties.hibernate.format_sql=true
+spring.datasource.url=jdbc:mysql://cds-db:3306/sdnctl
+spring.datasource.username=sdnctl
+spring.datasource.password=sdnctl
+spring.datasource.driver-class-name=org.mariadb.jdbc.Driver
+spring.jpa.show-sql=true
+spring.jpa.hibernate.ddl-auto=none
+spring.jpa.hibernate.naming-strategy=org.hibernate.cfg.ImprovedNamingStrategy
+spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQL5InnoDBDialect
+
+# Load Resource Source Mappings
+resourceSourceMappings=primary-db=source-primary-db,input=source-input,default=source-default,primary-config-data=source-rest,capability=source-capability
+
+# Controller Blueprints Core Configuration
+controllerblueprints.blueprintDeployPath=/etc/blueprints/deploy
+controllerblueprints.blueprintArchivePath=/etc/blueprints/archive
+controllerblueprints.blueprintEnrichmentPath=/etc/blueprints/enrichment
+# Controller Blueprint Load Configurations
+# blueprints.load.initial-data may be overridden by ENV variables
+controllerblueprints.loadInitialData={{ .Values.config.initDataLoad }}
+controllerblueprints.loadBluePrint=true
+controllerblueprints.loadBluePrintPaths=/opt/app/onap/model-catalog/blueprint-model/service-blueprint
+controllerblueprints.loadModelType=true
+controllerblueprints.loadModeTypePaths=/opt/app/onap/model-catalog/definition-type/starter-type
+controllerblueprints.loadResourceDictionary=true
+controllerblueprints.loadResourceDictionaryPaths=/opt/app/onap/model-catalog/resource-dictionary/starter-dictionary
+
+# CBA file extension
+controllerblueprints.loadCbaExtension=zip
+
+# Web server config
+server.port=8080
\ No newline at end of file
--- /dev/null
+<!--
+ ~ Copyright (c) 2017-2018 AT&T Intellectual Property.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ -->
+
+<configuration>
+
+ <property name="localPattern" value="%d{HH:mm:ss.SSS} %-5level %logger{100} - %msg%n" />
+
+ <property name="defaultPattern" value="%date{ISO8601,UTC}|%X{RequestID}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Timer}| %msg%n" />
+
+ <property name="debugLoggerPattern" value="%date{ISO8601,UTC}|%X{RequestID}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Timer}|[%caller{3}]| %msg%n" />
+
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <!-- encoders are assigned the type
+ ch.qos.logback.classic.encoder.PatternLayoutEncoder by default -->
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+
+ <logger name="org.springframework" level="info"/>
+ <logger name="org.springframework.web" level="info"/>
+ <logger name="org.springframework.security.web.authentication" level="warn"/>
+ <logger name="org.hibernate" level="error"/>
+ <logger name="org.onap.ccsdk.apps" level="info"/>
+
+ <root level="warn">
+ <appender-ref ref="STDOUT"/>
+ </root>
+
+</configuration>
--- /dev/null
+# Copyright (c) 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T, ZTE
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
# Copyright (c) 2018 Amdocs, Bell Canada
#
+# Modifications Copyright (c) 2019 IBM, Bell Canada
+#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
- /root/ready.py
args:
- --container-name
- - {{ index .Values "mariadb-galera" "nameOverride" }}
+ - cds-db
env:
- name: NAMESPACE
valueFrom:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: APP_CONFIG_HOME
+ value: {{ .Values.config.appConfigDir }}
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: APPLICATIONNAME
- value: {{ .Values.config.applicationName }}
- - name: BUNDLEVERSION
- value: {{ .Values.config.bundleVersion }}
- - name: APP_CONFIG_HOME
- value: {{ .Values.config.appConfigDir }}
- - name: DB_URL
- value: {{ .Values.config.dbUrl }}
- - name: DB_USER
- value: {{ index .Values "mariadb-galera" "config" "userName" }}
- - name: DB_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-root-password
- - name: MS_USER
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: restUser
- - name: MS_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: restPassword
- - name: INIT_DATA_LOAD
- value: {{ .Values.config.initDataLoad | quote }}
- - name: STICKYSELECTORKEY
- value: {{ .Values.config.stickySelectorKey | quote }}
- - name: ENVCONTEXT
- value: {{ .Values.config.envContext }}
volumeMounts:
- mountPath: /etc/localtime
name: localtime
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
-
volumes:
- name: localtime
hostPath:
--- /dev/null
+# Copyright (c) 2018 Amdocs, Bell Canada
+#
+# Modifications Copyright (c) 2019 IBM, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+# Example MSB registration annotation
+# msb.onap.org/service-info: '[
+# {
+# "serviceName": "controller-blueprints",
+# "version": "v1",
+# "url": "/ecomp/mso/infra",
+# "protocol": "REST"
+# "port": "8080",
+# "visualRange":"1"
+# }
+# ]'
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ {{- if eq .Values.service.type "NodePort"}}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ {{- end}}
+ name: {{ .Values.service.portName | default "http" }}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
\ No newline at end of file
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-controllerblueprints:0.3.2
+image: onap/ccsdk-controllerblueprints:0.4-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
# application configuration
config:
- applicationName: ControllerBluePrints
- bundleVersion: 1.0.0
appConfigDir: /opt/app/onap/config
- dbUrl: jdbc:mysql://controller-blueprints-db:3306/sdnctl
initDataLoad: true
- stickySelectorKey:
- envContext: DEV
- restUser: ccsdkapps
- restPassword: ccsdkapps
-
-mariadb-galera:
- config:
- userName: sdnctl
- userPassword: sdnctl
- mariadbRootPassword: sdnctl
- mysqlDatabase: sdnctl
- nameOverride: controller-blueprints-db
- service:
- name: controller-blueprints-db
- portName: cb-db
- replicaCount: 1
- persistence:
- enabled: true
- mountSubPath: controller-blueprints/data
# default number of instances
replicaCount: 1
-# Copyright (c) 2018 Amdocs, Bell Canada
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
dependencies:
- - name: mariadb-galera
- version: ~3.0.0
- repository: file://../mariadb-galera/
- name: common
- version: ~3.0.0
+ version: ~4.x-0
+ repository: '@local'
+ - name: mariadb-galera
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2018 Orange
+# Modifications Copyright © 2018 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
labels:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
+ name: {{ include "common.fullname" . }}
spec:
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- - containerPort: {{.Values.global.config.mariadb.internalPort}}
+ - containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- args:
- - --lower-case-table-names=1
- - --wait_timeout=28800
+ {{ if .Values.liveness.enabled }}
livenessProbe:
tcpSocket:
- port: {{.Values.global.config.mariadb.internalPort}}
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
+ {{ end }}
+ env:
+ - name: HOST
+ value: 0.0.0.0
readinessProbe:
tcpSocket:
- port: {{.Values.global.config.mariadb.internalPort}}
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-secret
- key: db-root-password
- - name: MYSQL_USER
- value: {{.Values.global.config.mariadb.userName}}
- - name: MYSQL_DATABASE
- value: {{.Values.global.config.mariadb.mysqlDatabase}}
- - name: MYSQL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-secret
- key: db-user-password
volumeMounts:
- - mountPath: /docker-entrypoint-initdb.d/sql_init_01.sql
- name: docker-entrypoint-initdb
- subPath: sql_init_01.sql
- - mountPath: /etc/mysql/conf.d
- name: mariadb-conf
- - mountPath: /var/lib/mysql
- name: mariadb-data
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ # side car containers
+ # - name: filebeat-onap
+ # image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ # imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ # volumeMounts:
+ # - mountPath: /usr/share/filebeat/filebeat.yml
+ # name: filebeat-conf
+ # subPath: filebeat.yml
+ # - mountPath: /home/esr/works/logs
+ # name: esr-server-logs
+ # - mountPath: /usr/share/filebeat/data
+ # name: esr-server-filebeat
volumes:
- name: localtime
hostPath:
path: /etc/localtime
- - name: docker-entrypoint-initdb
- configMap:
- name: {{ include "common.fullname" . }}-mdb-initd-configmap
- - name: mariadb-conf
- configMap:
- name: {{ include "common.fullname" . }}-mdb-configmap
- - name: mariadb-data
- {{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
+ # - name: filebeat-conf
+ # configMap:
+ # name: {{ include "common.fullname" . }}-esr-filebeat
+ # - name: esr-server-logs
+ # emptyDir: {}
+ # - name: esr-server-filebeat
+ # emptyDir: {}
+ # - name: esrserver-log
+ # configMap:
+ # name: {{ include "common.fullname" . }}-esr-esrserver-log
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}-{{ .Values.service.internalPort }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2018 Orange
+# Modifications Copyright © 2018 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
-# Default values for mariadb.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-global: # global defaults
- persistence: {}
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 303
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:1.1.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+
+subChartsOnly:
+ enabled: true
# application image
repository: nexus3.onap.org:10001
-image: mariadb:10.2.14
+image: onap/ccsdk-cds-ui:1.0.0-STAGING-latest
pullPolicy: Always
-# application configuration - see parent values chart
+# application configuration
+config:
-# flag to enable debugging - application support required
-debugEnabled: false
+mariadb-galera:
+ config:
+ userName: sdnctl
+ userPassword: sdnctl
+ mariadbRootPassword: sdnctl
+ mysqlDatabase: sdnctl
+ nameOverride: cds-db
+ service:
+ name: cds-db
+ portName: cds-db
+ replicaCount: 1
+ persistence:
+ enabled: true
+ mountSubPath: cds/data
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
+ httpGet:
+ path: /
+ port: 3000
initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
enabled: true
readiness:
+ httpGet:
+ path: /ping
+ port: 3000
initialDelaySeconds: 30
periodSeconds: 10
-## Persist data to a persitent volume
-persistence:
- enabled: true
- volumeReclaimPolicy: Retain
- accessMode: ReadWriteMany
- size: 1Gi
- mountPath: /dockerdata-nfs
- mountSubPath: dmaap/dr-db/data
+service:
+ type: NodePort
+ portName: ui
+ name: cds
+ nodePort: 97
+ internalPort: 3000
ingress:
enabled: false
-
# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
resources:
small:
limits:
- cpu: 2000m
- memory: 4Gi
- requests:
- cpu: 500m
+ cpu: 1
memory: 1Gi
+ requests:
+ cpu: 10m
+ memory: 100Mi
large:
limits:
- cpu: 4000m
- memory: 8Gi
- requests:
- cpu: 1000m
+ cpu: 2
memory: 2Gi
+ requests:
+ cpu: 200m
+ memory: 200Mi
unlimited: {}
apiVersion: v1
description: ONAP Clamp
name: clamp
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Clamp Dashboard Elasticsearch
name: clamp-dash-es
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
# application image
loggingRepository: docker.elastic.co
-image: elasticsearch/elasticsearch-oss:6.1.3
+image: elasticsearch/elasticsearch-oss:6.6.2
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP Clamp Dashboard Kibana
name: clamp-dash-kibana
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP Clamp Dashboard Logstash
name: clamp-dash-logstash
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
drop { }
}
- if [http_request_failure] or [@metadata][code] != "200" {
+ if [http_request_failure] or [@metadata][code] != 200 {
mutate {
add_tag => [ "error" ]
}
}
- if "dmaap_source" in [tags] {
+ if "dmaap_source" in [@metadata][request][tags] {
#
# Dmaap provides a json list, whose items are Strings containing the event
# provided to Dmaap, which itself is an escaped json.
source => "[message]"
target => "message"
}
- ruby {
- code => "
- for ev in event.get('message', [])
- ev.set('@metadata', event.get('@metadata'))
- end
- "
- }
-
+
split {
field => "message"
}
}
- if "error" not in [tags] {
+ if "error" not in [@metadata][request][tags]{
#
# Creating data for a secondary index
#
add_tag => [ "event-cl-aggs" ]
}
- if "event-cl-aggs" in [tags] {
+ if "event-cl-aggs" in [@metadata][request][tags]{
#
# we only need a few fields for aggregations; remove all fields from clone except :
# vmName,vnfName,vnfType,requestID,closedLoopAlarmStart, closedLoopControlName,closedLoopAlarmEnd,abated,nbrDmaapevents,finalFailure
apiVersion: v1
description: MariaDB Service
name: mariadb
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
- input_type: log
#This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
paths:
- - /var/log/ONAP/*/*/*/*.log
- - /var/log/ONAP/*/*/*.log
- - /var/log/ONAP/*/*.log
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
#Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
ignore_older: 48h
# Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
clean_inactive: 96h
-
# Name of the registry file. If a relative path is used, it is considered relative to the
# data path. Else full qualified file name.
#filebeat.registry_file: ${path.data}/registry
apiVersion: v1
description: ONAP Command Line Interface
name: cli
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
apiVersion: v1
description: ONAP cassandra
name: cassandra
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
--- /dev/null
+{{- if .Values.configOverrides }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configOverrides
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ toYaml .Values.configOverrides | indent 2 }}
+{{- end }}
+
# See the License for the specific language governing permissions and
# limitations under the License.
-#{{ if .Values.persistence.enabled }}
+{{ if .Values.persistence.enabled }}
{{- $root := . -}}
{{ range $i, $e := until (int $root.Values.replicaCount) }}
---
path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }}
persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }}
{{ end }}
-#{{ end }}
+{{ end }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
+ annotations:
+ service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
spec:
type: {{ .Values.service.type }}
+ publishNotReadyAddresses: true
ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- - port: {{ .Values.service.externalPort2 }}
- targetPort: {{ .Values.service.internalPort2 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
- name: {{ .Values.service.portName }}2
- - port: {{ .Values.service.externalPort3 }}
- targetPort: {{ .Values.service.internalPort3 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }}
- name: {{ .Values.service.portName }}3
- - port: {{ .Values.service.externalPort4 }}
- targetPort: {{ .Values.service.internalPort4 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }}
- name: {{ .Values.service.portName }}4
- - port: {{ .Values.service.externalPort5 }}
- targetPort: {{ .Values.service.internalPort5 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort5 }}
- name: {{ .Values.service.portName }}5
-
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- - port: {{ .Values.service.externalPort2 }}
- targetPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName }}2
- - port: {{ .Values.service.externalPort3 }}
- targetPort: {{ .Values.service.internalPort3 }}
- name: {{ .Values.service.portName }}3
- - port: {{ .Values.service.externalPort4 }}
- targetPort: {{ .Values.service.internalPort4 }}
- name: {{ .Values.service.portName }}4
- - port: {{ .Values.service.externalPort5 }}
- targetPort: {{ .Values.service.internalPort5 }}
- name: {{ .Values.service.portName }}5
- {{- end}}
+ {{if eq .Values.service.type "NodePort" -}}
+ {{- $global := . }}
+ {{- range $index, $ports := .Values.service.ports }}
+ - port: {{ $ports.port }}
+ targetPort: {{ $ports.port }}
+ nodePort: {{ $global.Values.global.nodePortPrefix | default $global.Values.nodePortPrefix }}{{ $ports.nodePort }}
+ name: {{ $ports.name }}
+ {{- end }}
+{{- else -}}
+ {{- range $index, $ports := .Values.service.ports }}
+ - port: {{ $ports.port }}
+ targetPort: {{ $ports.port }}
+ name: {{ $ports.name }}
+ {{- end }}
+{{- end}}
selector:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
+ clusterIP: None
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
serviceName: {{ include "common.servicename" . }}
replicas: {{ .Values.replicaCount }}
podManagementPolicy: {{ .Values.podManagementPolicy }}
release: {{ .Release.Name }}
name: {{ include "common.name" . }}
spec:
+ hostNetwork: {{ .Values.hostNetwork }}
containers:
- name: {{ include "common.name" . }}
image: {{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- - containerPort: {{ .Values.service.internalPort }}
- - containerPort: {{ .Values.service.internalPort2 }}
- - containerPort: {{ .Values.service.internalPort3 }}
- - containerPort: {{ .Values.service.internalPort4 }}
- - containerPort: {{ .Values.service.internalPort5 }}
+ {{- range $index, $ports := .Values.service.ports }}
+ - containerPort: {{ $ports.port }}
+ {{- end }}
volumeMounts:
- - name: {{ .Values.service.name }}
+ - name: cassandra-data
mountPath: /var/lib/cassandra
- {{ if eq .Values.configmapping true }}
- - name: {{ .Values.service.name }}-docker-entry-initd
- mountPath: /{{ .Values.service.name }}-docker-entrypoint-initdb.d/cassandra.cql
- subPath: cassandra.cql
- {{ end }}
+ - name: localtime
+ mountPath: /etc/localtime
+ readOnly: true
+ {{- range $key, $value := .Values.configOverrides }}
+ - name: cassandra-config-{{ $key | replace "." "-" }}
+ mountPath: /etc/cassandra/{{ $key }}
+ subPath: {{ $key }}
+ {{- end }}
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
exec:
- nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }'
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
{{ end -}}
readinessProbe:
exec:
- -c
- nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }'
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- timeoutSeconds: {{ .Values.liveness.periodSeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
+ successThreshold: {{ .Values.readiness.successThreshold }}
+ failureThreshold: {{ .Values.readiness.failureThreshold }}
env:
- {{- $seed_size := default 1 .Values.replicaCount | int -}}
- {{- $global := . }}
+ {{- $seed_size := default 1 .Values.replicaCount | int -}}
+ {{- $global := . }}
+ - name: CASSANDRA_SEEDS
+ {{- if .Values.hostNetwork }}
+ value: {{ required "You must fill \".Values.config.seeds\" with list of Cassandra seeds when hostNetwork is set to true" .Values.config.seeds | quote }}
+ {{- else }}
+ value: "{{- range $i, $e := until $seed_size }}{{ template "common.fullname" $global }}-{{ $i }}.{{ template "common.servicename" $global }}.{{ $global.Release.Namespace }}.svc.{{ $global.Values.config.cluster_domain }}{{- if (lt ( add1 $i ) $seed_size ) }},{{- end }}{{- end }}"
+ {{- end }}
- name: MAX_HEAP_SIZE
value: {{ .Values.config.heap.max }}
- name: HEAP_NEWSIZE
value: {{ .Values.config.rackName | quote }}
- name: CASSANDRA_AUTO_BOOTSTRAP
value: {{ .Values.config.autoBootstrap | quote }}
+ - name: CASSANDRA_START_RPC
+ value: {{ default "true" .Values.config.start_rpc | quote }}
+ - name: CASSANDRA_ENDPOINT_SNITCH
+ value: {{ default "GossipingPropertyFileSnitch" .Values.config.endpoint_snitch | quote }}
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- {{ if eq .Values.configmapping true }}
lifecycle:
- postStart:
+ preStop:
exec:
- command:
- - /bin/sh
- - -c
- - >
- /bin/sleep {{ .Values.readiness.initialDelaySeconds }};
- cd /{{ .Values.service.name }}-docker-entrypoint-initdb.d;
- cqlsh -u root -p root -f cassandra.cql
- {{ end }}
+ {{- if not .Values.persistence.enabled }}
+ command: ["/bin/sh", "-c", "exec nodetool decommission"]
+ {{- else }}
+ command: ["/bin/sh", "-c", "PID=$(pidof java) && kill $PID && while ps -p $PID > /dev/null; do sleep 1; done"]
+ {{- end }}
resources:
{{ toYaml .Values.resources | indent 10 }}
{{- if .Values.nodeSelector }}
- name: localtime
hostPath:
path: /etc/localtime
- {{ if eq .Values.configmapping true }}
- - name: {{ .Values.service.name }}-docker-entry-initd
+ {{- range $key, $value := .Values.configOverrides }}
+ - name: cassandra-config-{{ $key | replace "." "-" }}
configMap:
- name: {{ .Values.service.name }}-docker-entry-initd
- {{ end }}
+ name: {{ include "common.fullname" . }}-configOverrides
+ {{- end }}
{{- if not .Values.persistence.enabled }}
- - name: {{ .Values.service.name }}
+ - name: cassandra-data
emptyDir: {}
{{- else }}
volumeClaimTemplates:
- metadata:
- name: {{ .Values.service.name }}
+ name: cassandra-data
labels:
app: {{ template "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
annotations:
# flag to enable debugging - application support required
debugEnabled: false
-# configmapping detail whether it exist locally or not
-# by default it is false, if you wanna configure it then mention
-# locally TRUE value in local values.yaml.
-
-configmapping: false
-
# application configuration
config:
+ cluster_domain: cluster.local
heap:
max: 512M
min: 100M
dataCenter: Pod
rackName: Rack
autoBootstrap: true
- cassandraUsername: root
- cassandraPassword: root
+ # If hostNetwork is true then provide the comma separated list of seeds.
+ #seeds:seed1,seed2
# default number of instances
-replicaCount: 1
+replicaCount: 3
+
+hostNetwork: false
nodeSelector: {}
liveness:
initialDelaySeconds: 60
periodSeconds: 10
+ timeoutSeconds: 3
+ successThreshold: 1
+ failureThreshold: 3
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
initialDelaySeconds: 60
periodSeconds: 10
+ timeoutSeconds: 3
+ successThreshold: 1
+ failureThreshold: 3
service:
type: ClusterIP
name: cassandra
- portName: cassandra
- externalPort: 9160
- internalPort: 9160
- externalPort2: 7000
- internalPort2: 7000
- externalPort3: 7001
- internalPort3: 7001
- externalPort4: 7199
- internalPort4: 7199
- externalPort5: 9042
- internalPort5: 9042
+ ports:
+ - name: intra
+ port: 7000
+ - name: tls
+ port: 7001
+ - name: jmx
+ port: 7199
+ - name: cql
+ port: 9042
+ - name: thrift
+ port: 9160
+ - name: agent
+ port: 61621
podManagementPolicy: OrderedReady
updateStrategy:
- type: OnDelete
+ type: RollingUpdate
ingress:
enabled: false
storageType: local
storageClass: ""
+configOverrides: {}
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
apiVersion: v1
description: Common templates for inclusion in other charts
name: common
-version: 3.0.0
+version: 4.0.0
+++ /dev/null
-#
-# Copyright (c) 2017-2018 AT&T Intellectual Property.
-# Modifications Copyright (c) 2018 IBM.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-appName=ControllerBluePrints
-ms_name=org.onap.ccsdk.apps.controllerblueprints
-appVersion=1.0.0
-
-# Basic Authentication
-basic-auth.user-name=ccsdkapps
-basic-auth.hashed-pwd=$2a$10$MJxhNiOAffxbyrV9.rrOUewP9Q/ASg5Nit2cmP.yBaXGsVXo8BW3y
-
-logging.level.org.springframework.web=INFO
-logging.level.org.hibernate.SQL=warn
-logging.level.org.hibernate.type.descriptor.sql=debug
-
-#To Remove Null in JSON API Response
-spring.jackson.default-property-inclusion=non_null
-
-#Swagger Configuration
-swagger.contact.name=CCSDK team
-swagger.contact.url=www.onap.org
-swagger.contact.email=onap-discuss@lists.onap.org
-
-spring.jpa.properties.hibernate.show_sql=true
-spring.jpa.properties.hibernate.use_sql_comments=true
-spring.jpa.properties.hibernate.format_sql=true
-
-# spring.datasource.url, spring.datasource.username,spring.datasource.password may be overridden by ENV variables
-spring.datasource.url=jdbc:mysql://controller-blueprints-db:3306/sdnctl
-spring.datasource.username=sdnctl
-spring.datasource.password=sdnctl
-spring.datasource.driver-class-name=org.mariadb.jdbc.Driver
-spring.jpa.show-sql = true
-spring.jpa.hibernate.ddl-auto = none
-spring.jpa.hibernate.naming-strategy = org.hibernate.cfg.ImprovedNamingStrategy
-spring.jpa.properties.hibernate.dialect = org.hibernate.dialect.MySQL5Dialect
-
-#Load Blueprints
-# blueprints.load.initial-data may be overridden by ENV variables
-blueprints.load.initial-data=true
-load.dataTypePath=load/model_type/data_type
-load.nodeTypePath=load/model_type/node_type
-load.artifactTypePath=load/model_type/artifact_type
-load.resourceDictionaryPath=load/resource_dictionary
-load.blueprintsPath=load/blueprints
-
-# Load Resource Source Mappings
-resourceSourceMappings=db=source-db,input=source-input,default=source-default,mdsal=source-rest
+++ /dev/null
-# Copyright (c) 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-type: Opaque
-data:
- db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }}
- restUser: {{ .Values.config.restUser | b64enc | quote }}
- restPassword: {{ .Values.config.restPassword | b64enc | quote }}
apiVersion: v1
description: D.G. Builder application
name: dgbuilder
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
metadata:
name: {{ include "common.fullname" . }}-config
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
---
metadata:
name: {{ include "common.fullname" . }}-scripts
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/scripts/*").AsConfig . | indent 2 }}
apiVersion: v1
description: Chart for MariaDB Galera cluster
name: mariadb-galera
-version: 3.0.0
+version: 4.0.0
keywords:
- mariadb
- mysql
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: 'file://../common'
\ No newline at end of file
metadata:
name: {{ include "common.fullname" . }}-confd
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }}
---
metadata:
name: {{ include "common.fullname" . }}-external-config
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
data:
my_extra.cnf: |
{{ .Values.externalConfig | indent 4 }}
metadata:
labels:
app: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
annotations:
pod.alpha.kubernetes.io/initialized: "true"
spec:
name: {{ include "common.fullname" . }}-data
labels:
name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
apiVersion: v1
description: MongoDB Server
name: mongo
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: MUSIC - Multi-site State Coordination Service
name: music
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Cassandra Job - Run CQL Scripts after Cassandra Starts.
name: music-cassandra-job
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP - Cassandra Database
name: music-cassandra
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
app: {{ include "common.name" . }}
release: "{{ .Release.Name }}"
{{- end }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
apiVersion: v1
description: ONAP - MUSIC Tomcat Container
name: music-tomcat
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: MySQL Server
name: mysql
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
metadata:
name: {{ include "common.fullname" . }}-db-configmap
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
data:
master.cnf: |
# Apply this config only on the master.
namespace: {{ include "common.namespace" . }}
labels:
app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
spec:
ports:
- name: nfs
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
spec:
ports:
- port: {{ .Values.service.internalPort }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
spec:
ports:
- port: {{ .Values.service.internalPort }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
spec:
ports:
- port: {{ .Values.service.internalPort }}
name: {{ include "common.servicename" . }}-nodeport
namespace: {{ include "common.namespace" . }}
labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-0
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
spec:
ports:
- name: {{ .Values.service.portName | default .Values.service.name }}-1
metadata:
labels:
app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
spec:
initContainers:
#{{ if not .Values.disableNfsProvisioner }}
- metadata:
name: {{ include "common.fullname" . }}-mysql
labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
name: {{ include "common.fullname" . }}
spec:
accessModes: [ {{ .Values.persistence.accessMode }} ]
metadata:
name: "{{ include "common.fullname" . }}-mysql"
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
provisioner: {{ include "common.fullname" . }}/nfs
{{ end }}
apiVersion: v1\r
description: Name Generation Micro Service\r
name: network-name-gen\r
-version: 3.0.0\r
+version: 4.0.0\r
\r
dependencies:\r
- name: common\r
- version: ~3.0.0\r
+ version: ~4.x-0\r
repository: '@local'\r
- name: mariadb-galera\r
- version: ~3.0.0\r
+ version: ~4.x-0\r
repository: file://../mariadb-galera/\r
apiVersion: v1
description: ONAP Postgres Server
name: postgres
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Postgres Server
name: pgpool
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP Consul Agent
name: consul
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Consul Server
name: consul-server
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
"interval": "15s",
"timeout": "1s"
},
+ {
+ "id": "multicloud-starlingx",
+ "name": "Multicloud Starlingx Health Check",
+ "http": "http://multicloud-starlingx:9009/api/multicloud-starlingx/v0/swagger.json",
+ "method": "HEAD",
+ "header": {
+ "Cache-Control": ["no-cache"],
+ "Content-Type": ["application/json"],
+ "Accept": ["application/json"]
+ },
+ "tls_skip_verify": true,
+ "interval": "15s",
+ "timeout": "1s"
+ },
{
"id": "multicloud-vio",
"name": "Multicloud Vio Health Check",
apiVersion: v1
description: ONAP optional tools
name: contrib
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Netbox IPAM
name: netbox
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Netbox - Application (WSGI + Gunicorn)
name: netbox-app
-version: 3.0.0
+version: 4.0.0
name: {{ include "common.fullname" . }}-initializers-configmap
- name: {{ include "common.fullname" . }}-configuration-config
configMap:
- name: {{ include "common.fullname" . }}-configuration-configmap
\ No newline at end of file
+ name: {{ include "common.fullname" . }}-configuration-configmap
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
superuserName: admin
superuserEmail: admin@onap.org
-repository: docker.io
-image: ninech/netbox:v2.3.5
+repository: netboxcommunity
+image: netbox:v2.5.8
# probe configuration parameters
liveness:
apiVersion: v1
description: Netbox - Nginx web server
name: netbox-nginx
-version: 3.0.0
+version: 4.0.0
# application image
repository: docker.io
-image: nginx:1.13-alpine
+image: nginx:1.15-alpine
pullPolicy: Always
ingress:
apiVersion: v1
description: Netbox Posgres database
name: netbox-postgres
-version: 3.0.0
+version: 4.0.0
# application image
repository: docker.io
-image: postgres:10.2-alpine
+image: postgres:10.4-alpine
pullPolicy: Always
# application configuration
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
--- /dev/null
+#!/bin/bash
+#############################################################################
+# Copyright © 2019 Bell.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#############################################################################
+#
+# This installation is for an RKE install of kubernetes
+# after this run the standard oom install
+# this installation can be run on amy ubuntu 16.04 VM, RHEL 7.6 (root only), physical or cloud azure/aws host
+# https://wiki.onap.org/display/DW/OOM+RKE+Kubernetes+Deployment
+# source from https://jira.onap.org/browse/OOM-1598
+#
+# master/dublin
+# RKE 0.1.16 Kubernetes 1.11.6, kubectl 1.11.6, Helm 2.9.1, Docker 18.06
+# single node install, HA pending
+
+usage() {
+cat <<EOF
+Usage: $0 [PARAMs]
+example
+sudo ./rke_setup.sh -b dublin -s rke.onap.cloud -e onap -l amdocs -v true
+-u : Display usage
+-b [branch] : branch = master or dublin (required)
+-s [server] : server = IP or DNS name (required)
+-e [environment] : use the default (onap)
+-k [key] : ssh key name
+-l [username] : login username account (use ubuntu for example)
+EOF
+}
+
+install_onap() {
+ #constants
+ PORT=8880
+ if [ "$BRANCH" == "casablanca" ]; then
+ KUBERNETES_VERSION=
+ RKE_VERSION=0.1.15
+ KUBECTL_VERSION=1.11.3
+ HELM_VERSION=2.9.1
+ DOCKER_VERSION=17.03
+ else
+ KUBERNETES_VERSION=
+ RKE_VERSION=0.1.16
+ KUBECTL_VERSION=1.11.6
+ HELM_VERSION=2.9.1
+ DOCKER_VERSION=18.06
+ fi
+
+ # copy your private ssh key and cluster.yml file to the vm
+ # on your dev machine
+ #sudo cp ~/.ssh/onap_rsa .
+ #sudo chmod 777 onap_rsa
+ #scp onap_rsa ubuntu@192.168.241.132:~/
+ # on this vm
+ #sudo chmod 400 onap_rsa
+ #sudo cp onap_rsa ~/.ssh
+ # make sure public key is insetup correctly in
+ # sudo vi ~/.ssh/authorized_keys
+
+ echo "please supply your ssh key as provided by the -k keyname - it must be be chmod 400 and chown user:user in ~/.ssh/"
+ echo "The RKE version specific cluster.yaml is already integrated in this script for 0.1.15/0.1.16 no need for below generation..."
+ echo "rke config --name cluster.yml"
+ echo "specifically"
+ echo "address: $SERVER"
+ echo "user: $USERNAME"
+ echo "ssh_key_path: $SSHPATH_PREFIX/$SSHKEY"
+
+ RKETOOLS=
+ HYPERCUBE=
+ POD_INFRA_CONTAINER=
+ if [ "$RKE_VERSION" == "0.1.16" ]; then
+ RKETOOLS=0.1.15
+ HYPERCUBE=1.11.6-rancher1
+ POD_INFRA_CONTAINER=rancher/pause-amd64:3.1
+ else
+ # 0.1.15
+ RKETOOLS=0.1.14
+ HYPERCUBE=1.11.3-rancher1
+ POD_INFRA_CONTAINER=gcr.io.google_containers/pause-amd64:3.1
+ fi
+
+ cat > cluster.yml <<EOF
+# generated from rke_setup.sh
+nodes:
+- address: $SERVER
+ port: "22"
+ internal_address: ""
+ role:
+ - controlplane
+ - worker
+ - etcd
+ hostname_override: ""
+ user: $USERNAME
+ docker_socket: /var/run/docker.sock
+ ssh_key: ""
+ ssh_key_path: $SSHPATH_PREFIX/$SSHKEY
+ labels: {}
+services:
+ etcd:
+ image: ""
+ extra_args: {}
+ extra_binds: []
+ extra_env: []
+ external_urls: []
+ ca_cert: ""
+ cert: ""
+ key: ""
+ path: ""
+ snapshot: null
+ retention: ""
+ creation: ""
+ kube-api:
+ image: ""
+ extra_args: {}
+ extra_binds: []
+ extra_env: []
+ service_cluster_ip_range: 10.43.0.0/16
+ service_node_port_range: ""
+ pod_security_policy: false
+ kube-controller:
+ image: ""
+ extra_args: {}
+ extra_binds: []
+ extra_env: []
+ cluster_cidr: 10.42.0.0/16
+ service_cluster_ip_range: 10.43.0.0/16
+ scheduler:
+ image: ""
+ extra_args: {}
+ extra_binds: []
+ extra_env: []
+ kubelet:
+ image: ""
+ extra_args:
+ max-pods: 900
+ extra_binds: []
+ extra_env: []
+ cluster_domain: cluster.local
+ infra_container_image: ""
+ cluster_dns_server: 10.43.0.10
+ fail_swap_on: false
+ kubeproxy:
+ image: ""
+ extra_args: {}
+ extra_binds: []
+ extra_env: []
+network:
+ plugin: canal
+ options: {}
+authentication:
+ strategy: x509
+ options: {}
+ sans: []
+system_images:
+ etcd: rancher/coreos-etcd:v3.2.18
+ alpine: rancher/rke-tools:v$RKETOOLS
+ nginx_proxy: rancher/rke-tools:v$RKETOOLS
+ cert_downloader: rancher/rke-tools:v$RKETOOLS
+ kubernetes_services_sidecar: rancher/rke-tools:v$RKETOOLS
+ kubedns: rancher/k8s-dns-kube-dns-amd64:1.14.10
+ dnsmasq: rancher/k8s-dns-dnsmasq-nanny-amd64:1.14.10
+ kubedns_sidecar: rancher/k8s-dns-sidecar-amd64:1.14.10
+ kubedns_autoscaler: rancher/cluster-proportional-autoscaler-amd64:1.0.0
+ kubernetes: rancher/hyperkube:v$HYPERCUBE
+ flannel: rancher/coreos-flannel:v0.10.0
+ flannel_cni: rancher/coreos-flannel-cni:v0.3.0
+ calico_node: rancher/calico-node:v3.1.3
+ calico_cni: rancher/calico-cni:v3.1.3
+ calico_controllers: ""
+ calico_ctl: rancher/calico-ctl:v2.0.0
+ canal_node: rancher/calico-node:v3.1.3
+ canal_cni: rancher/calico-cni:v3.1.3
+ canal_flannel: rancher/coreos-flannel:v0.10.0
+ wave_node: weaveworks/weave-kube:2.1.2
+ weave_cni: weaveworks/weave-npc:2.1.2
+ pod_infra_container: $POD_INFRA_CONTAINER
+ ingress: rancher/nginx-ingress-controller:0.16.2-rancher1
+ ingress_backend: rancher/nginx-ingress-controller-defaultbackend:1.4
+ metrics_server: rancher/metrics-server-amd64:v0.2.1
+ssh_key_path: $SSHPATH
+ssh_agent_auth: false
+authorization:
+ mode: rbac
+ options: {}
+ignore_docker_version: false
+kubernetes_version: "$KUBERNETES_VERSION"
+private_registries: []
+ingress:
+ provider: ""
+ options: {}
+ node_selector: {}
+ extra_args: {}
+cluster_name: ""
+cloud_provider:
+ name: ""
+prefix_path: ""
+addon_job_timeout: 0
+bastion_host:
+ address: ""
+ port: ""
+ user: ""
+ ssh_key: ""
+ ssh_key_path: ""
+monitoring:
+ provider: ""
+ options: {}
+EOF
+
+
+
+ echo "Installing on ${SERVER} for ${BRANCH}: RKE: ${RKE_VERSION} Kubectl: ${KUBECTL_VERSION} Helm: ${HELM_VERSION} Docker: ${DOCKER_VERSION} username: ${USERNAME}"
+ sudo echo "127.0.0.1 ${SERVER}" >> /etc/hosts
+ echo "Install docker - If you must install as non-root - comment out the docker install below - run it separately, run the user mod, logout/login and continue this script"
+ curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh
+ sudo usermod -aG docker $USERNAME
+
+ echo "Install RKE"
+ sudo wget https://github.com/rancher/rke/releases/download/v$RKE_VERSION/rke_linux-amd64
+ mv rke_linux-amd64 rke
+ sudo chmod +x rke
+ sudo mv ./rke /usr/local/bin/rke
+
+ echo "Install make - required for beijing+ - installed via yum groupinstall Development Tools in RHEL"
+ # ubuntu specific
+ sudo apt-get install make -y
+
+ sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl
+ sudo chmod +x ./kubectl
+ sudo mv ./kubectl /usr/local/bin/kubectl
+ sudo mkdir ~/.kube
+ wget http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz
+ sudo tar -zxvf helm-v${HELM_VERSION}-linux-amd64.tar.gz
+ sudo mv linux-amd64/helm /usr/local/bin/helm
+
+ echo "Bringing RKE up - using supplied cluster.yml"
+ sudo rke up
+ echo "wait 2 extra min for the cluster"
+ sleep 60
+ echo "1 more min"
+ sleep 60
+ echo "copy kube_config_cluter.yaml generated - to ~/.kube/config"
+ sudo cp kube_config_cluster.yml ~/.kube/config
+ # avoid using sudo for kubectl
+ sudo chmod 777 ~/.kube/config
+ echo "Verify all pods up on the kubernetes system - will return localhost:8080 until a host is added"
+ echo "kubectl get pods --all-namespaces"
+ kubectl get pods --all-namespaces
+ echo "install tiller/helm"
+ kubectl -n kube-system create serviceaccount tiller
+ kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
+ helm init --service-account tiller
+ kubectl -n kube-system rollout status deploy/tiller-deploy
+ echo "upgrade server side of helm in kubernetes"
+ if [ "$USERNAME" == "root" ]; then
+ helm version
+ else
+ sudo helm version
+ fi
+ echo "sleep 30"
+ sleep 30
+ if [ "$USERNAME" == "root" ]; then
+ helm init --upgrade
+ else
+ sudo helm init --upgrade
+ fi
+ echo "sleep 30"
+ sleep 30
+ echo "verify both versions are the same below"
+ if [ "$USERNAME" == "root" ]; then
+ helm version
+ else
+ sudo helm version
+ fi
+ echo "start helm server"
+ if [ "$USERNAME" == "root" ]; then
+ helm serve &
+ else
+ sudo helm serve &
+ fi
+ echo "sleep 30"
+ sleep 30
+ echo "add local helm repo"
+ if [ "$USERNAME" == "root" ]; then
+ helm repo add local http://127.0.0.1:8879
+ helm repo list
+ else
+ sudo helm repo add local http://127.0.0.1:8879
+ sudo helm repo list
+ fi
+ echo "To enable grafana dashboard - do this after running cd.sh which brings up onap - or you may get a 302xx port conflict"
+ echo "kubectl expose -n kube-system deployment monitoring-grafana --type=LoadBalancer --name monitoring-grafana-client"
+ echo "to get the nodeport for a specific VM running grafana"
+ echo "kubectl get services --all-namespaces | grep graf"
+ sudo docker version
+ helm version
+ kubectl version
+ kubectl get services --all-namespaces
+ kubectl get pods --all-namespaces
+ echo "finished!"
+}
+
+BRANCH=
+SERVER=
+ENVIRON=
+VALIDATE=false
+USERNAME=ubuntu
+SSHPATH_PREFIX=~/.ssh
+
+while getopts ":b:s:e:u:l:k:v" PARAM; do
+ case $PARAM in
+ u)
+ usage
+ exit 1
+ ;;
+ b)
+ BRANCH=${OPTARG}
+ ;;
+ e)
+ ENVIRON=${OPTARG}
+ ;;
+ s)
+ SERVER=${OPTARG}
+ ;;
+ l)
+ USERNAME=${OPTARG}
+ ;;
+ k)
+ SSHKEY=${OPTARG}
+ ;;
+ v)
+ VALIDATE=${OPTARG}
+ ;;
+ ?)
+ usage
+ exit
+ ;;
+ esac
+done
+
+if [[ -z $BRANCH ]]; then
+ usage
+ exit 1
+fi
+
+install_onap $BRANCH $SERVER $ENVIRON $USERNAME $SSHPATH_PREFIX $SSHKEY $VALIDATE
apiVersion: v1
description: ONAP DCAE Gen2
name: dcaegen2
-version: 3.0.0
+version: 4.0.0
-make-dmaap:
- cd charts && helm dep up dcae-bootstrap
+make-dcaegen2: make-dcae-bootstrap make-dcae-cloudify-manager make-dcae-config-binding-service make-dcae-healthcheck make-dcae-redis make-dcae-servicechange-handler make-dcae-inventory-api
+
+make-dcae-bootstrap:
+ cd charts && helm dep up dcae-bootstrap && helm lint dcae-bootstrap
+
+make-dcae-cloudify-manager:
+ cd charts && helm dep up dcae-cloudify-manager && helm lint dcae-cloudify-manager
+
+make-dcae-config-binding-service:
+ cd charts && helm dep up dcae-config-binding-service && helm lint dcae-config-binding-service
+
+make-dcae-healthcheck:
+ cd charts && helm dep up dcae-healthcheck && helm lint dcae-healthcheck
+
+make-dcae-redis:
+ cd charts && helm dep up dcae-redis && helm lint dcae-redis
+
+make-dcae-servicechange-handler:
+ cd charts && helm dep up dcae-servicechange-handler && helm lint dcae-servicechange-handler
+
+make-dcae-inventory-api:
+ cd charts/dcae-servicechange-handler/charts && helm dep up dcae-inventory-api && helm lint dcae-inventory-api
apiVersion: v1
description: ONAP DCAE Bootstrap
name: dcae-bootstrap
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: postgres
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
{
"namespace" : "{{ if .Values.dcae_ns }}{{ .Values.dcae_ns}}{{ else }}{{include "common.namespace" . }}{{ end}}",
"consul_dns_name" : "{{ .Values.config.address.consul.host }}.{{ include "common.namespace" . }}",
+ "default_k8s_location" : "{{ .Values.default_k8s_location }}",
"image_pull_secrets" : ["{{ include "common.namespace" . }}-docker-registry-key"],
"filebeat":
{
"config_subpath": "filebeat.yml",
"image" : "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}",
"config_map" : "dcae-filebeat-configmap"
+ },
+ "tls":
+ {
+ "cert_path": "/opt/tls/shared",
+ "image": "{{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}"
}
}
# limitations under the License.
# ============LICENSE_END=========================================================
-sdc_address: '{{ .Values.config.address.sdc }}.{{include "common.namespace" . }}:8443'
-sdc_uri: 'https://{{ .Values.config.address.sdc }}.{{include "common.namespace" . }}:8443'
-sdc_user: "dcae"
-sdc_password: !!str Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-sdc_environment_name: "AUTO"
-sdc_msg_bus_address: '{{ .Values.config.address.message_router }}.{{include "common.namespace" . }}'
-postgres_user_inventory: "postgres"
-postgres_password_inventory: "onap123"
-{{ if .Values.componentImages.service_change_handler }}
-service_change_handler_image: '{{ include "common.repository" . }}/{{ .Values.componentImages.service_change_handler }}'
-{{ end }}
-{{ if .Values.componentImages.inventory }}
-inventory_image: '{{ include "common.repository" . }}/{{ .Values.componentImages.inventory }}'
+{{ if .Values.componentImages.dashboard }}
+dashboard_docker_image: {{ include "common.repository" . }}/{{ .Values.componentImages.dashboard }}
{{ end }}
+external_port: {{ .Values.config.address.dashboard.port }}
+external_tls_port: {{ .Values.config.address.dashboard.portSecure }}
+database_cluster_name: {{ .Values.postgres.service.name2 }}.{{ include "common.namespace" . }}
+database_cluster_fqdn: {{ .Values.postgres.service.name2 }}.{{ include "common.namespace" . }}.{{ .Values.postgres.suffix }}
+database_name: "dashboard_pg"
+cloudify_ip: {{ .Values.config.address.cm }}
+cloudify_user: "admin"
+cloudify_password: "admin"
+consul_url: {{ .Values.config.address.consul.host }}
+postgres_port: "5432"
+replicas: 1
+++ /dev/null
-#============LICENSE_START========================================================
-#=================================================================================
-# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright © 2018 Amdocs, Bell Canada
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-{{ if .Values.componentImages.policy_handler }}
-policy_handler_image: {{ include "common.repository" . }}/{{ .Values.componentImages.policy_handler }}
-{{ end }}
-application_config:
- policy_handler :
- # parallelize the getConfig queries to policy-engine on each policy-update notification
- thread_pool_size : 4
-
- # parallelize requests to policy-engine and keep them alive
- pool_connections : 20
-
- # retry to getConfig from policy-engine on policy-update notification
- policy_retry_count : 5
- policy_retry_sleep : 5
-
- # config of automatic catch_up for resiliency
- catch_up :
- # interval in seconds on how often to call automatic catch_up
- # example: 1200 is 20*60 seconds that is 20 minutes
- interval : 1200
-
- # config of periodic reconfigure-rediscover for adaptability
- reconfigure:
- # interval in seconds on how often to call automatic reconfigure
- # example: 600 is 10*60 seconds that is 10 minutes
- interval : 600
-
- # policy-engine config
- # These are the url of and the auth for the external system, namely the policy-engine (PDP).
- # We obtain that info manually from PDP folks at the moment.
- # In long run we should figure out a way of bringing that info into consul record
- # related to policy-engine itself.
- # - k8s specific routing to policy-engine by hostname "pdp"
- # - relying on dns to resolve hostname "pdp" to ip address
- # - expecing to find "pdp" as the hostname in server cert from policy-engine
- policy_engine :
- url : "https://{{ .Values.config.address.policy_pdp }}.{{include "common.namespace" . }}:8081"
- path_notifications : "/pdp/notifications"
- path_api : "/pdp/api/"
- headers :
- Accept : "application/json"
- "Content-Type" : "application/json"
- ClientAuth : "cHl0aG9uOnRlc3Q="
- Authorization : "Basic dGVzdHBkcDphbHBoYTEyMw=="
- Environment : "TEST"
- target_entity : "policy_engine"
- # optional tls_ca_mode specifies where to find the cacert.pem for tls
- # can be one of these:
- # "cert_directory" - use the cacert.pem stored locally in cert_directory.
- # this is the default if cacert.pem file is found
- #
- # "os_ca_bundle" - use the public ca_bundle provided by linux system.
- # this is the default if cacert.pem file not found
- #
- # "do_not_verify" - special hack to turn off the verification by cacert and hostname
- tls_ca_mode : "cert_directory"
- # optional tls_wss_ca_mode specifies the same for the tls based web-socket
- tls_wss_ca_mode : "cert_directory"
- # optional timeout_in_secs specifies the timeout for the http requests
- timeout_in_secs: 60
- # optional ws_ping_interval_in_secs specifies the ping interval for the web-socket connection
- ws_ping_interval_in_secs: 180
- # deploy_handler config
- # changed from string "deployment_handler" in 2.3.1 to structure in 2.4.0
- deploy_handler :
- # name of deployment-handler service used by policy-handler for logging
- target_entity : "deployment_handler"
- # url of the deployment-handler service for policy-handler to direct the policy-updates to
- # - expecting dns to resolve the hostname deployment-handler to ip address
- url : "https://deployment-handler:8443"
- # limit the size of a single data segment for policy-update messages
- # from policy-handler to deployment-handler in megabytes
- max_msg_length_mb : 5
- query :
- # optionally specify the tenant name for the cloudify under deployment-handler
- # if not specified the "default_tenant" is used by the deployment-handler
- cfy_tenant_name : "default_tenant"
- # optional tls_ca_mode specifies where to find the cacert.pem or skip tls verification
- # can be one of these:
- # "cert_directory" - use the cacert.pem stored locally in cert_directory.
- # this is the default if cacert.pem file is found
- #
- # "os_ca_bundle" - use the public ca_bundle provided by linux system.
- # this is the default if cacert.pem file not found
- #
- # "do_not_verify" - special hack to turn off the verification by cacert and hostname
- tls_ca_mode : "cert_directory"
- # optional timeout_in_secs specifies the timeout for the http requests
- timeout_in_secs: 60
{{ if .Values.componentImages.snmptrap }}
tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.snmptrap }}
{{ end }}
+external_port: {{ .Values.config.address.snmptrap.port }}
tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.ves }}
{{ end }}
external_port : {{ .Values.config.address.ves.port }}
+external_tls_port : {{ .Values.config.address.ves.portSecure }}
ves_other_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_OTHER_OUTPUT/"
ves_heartbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT/"
ves_fault_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_FAULT_OUTPUT/"
#============LICENSE_START========================================================\r
# ================================================================================\r
-# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.\r
+# Copyright (c) 2017-2019 AT&T Intellectual Property. All rights reserved.\r
# Modifications Copyright © 2018 Amdocs, Bell Canada\r
# ================================================================================\r
# Licensed under the Apache License, Version 2.0 (the "License");\r
- msb-discovery\r
- --container-name\r
- kube2msb\r
+ - --container-name\r
+ - dcae-config-binding-service\r
+ - --container-name\r
+ - dcae-db\r
- "-t"\r
- "15"\r
env:\r
#============LICENSE_START========================================================
#=================================================================================
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
#################################################################
global:
nodePortPrefix: 302
+ nodePortPrefixExt: 304
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ tlsRepository: nexus3.onap.org:10001
+ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.1-STAGING-latest
config:
logstashServiceName: log-ls
host: consul-server
port: 8500
cm: dcae-cloudify-manager
+ dashboard:
+ port: 30418
+ portSecure: 30419
datafile_collector:
port: 30223
portSecure: 30262
msb_iag: msb-iag
policy_pdp: pdp
sdc: sdc-be
+ snmptrap:
+ port: 30470
ves:
port: 30235
+ portSecure: 30417
# redisCaching is a string not a boolean!
redisCaching: "false"
name: dcae-postgres
name2: dcae-pg-primary
name3: dcae-pg-replica
+ suffix: svc.cluster.local
container:
name:
primary: dcae-pg-primary
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.5
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.10-STAGING-latest
+default_k8s_location: central
# DCAE component images to be deployed via Cloudify Manager
# Use to override default setting in blueprints
componentImages:
- config_binding_service: onap/org.onap.dcaegen2.platform.configbinding.app-app:2.2.3
- datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.1.1
- deployment_handler: onap/org.onap.dcaegen2.platform.deployment-handler:3.1.0
+ dashboard: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.1.0-SNAPSHOT-latest
holmes_rules: onap/holmes/rule-management:1.2.3
holmes_engine: onap/holmes/engine-management:1.2.2
- inventory: onap/org.onap.dcaegen2.platform.inventory-api:3.0.4
- policy_handler: onap/org.onap.dcaegen2.platform.policy-handler:4.5.0
- service_change_handler: onap/org.onap.dcaegen2.platform.servicechange-handler:1.1.5
tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.0
ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.3.1
snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0
- prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.2.0-SNAPSHOT
+ prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.2.1-SNAPSHOT
hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.1.0-SNAPSHOT
# Resource Limit flavor -By Default using small
apiVersion: v1
description: ONAP DCAE Cloudify Manager
name: dcae-cloudify-manager
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
#============LICENSE_START========================================================
# ================================================================================
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
#################################################################
global:
nodePortPrefix: 302
+ persistence: {}
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
loggingRepository: docker.elastic.co
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.cm-container:1.5.0
+image: onap/org.onap.dcaegen2.deployments.cm-container:1.5.2-STAGING-latest
pullPolicy: Always
# probe configuration parameters
enabled: false
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 60
periodSeconds: 10
service:
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+description: ONAP DCAE Config Binding Service
+name: dcae-config-binding-service
+version: 4.0.0
\ No newline at end of file
# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
-
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+ #If enable will do load balancing among availabe Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
+
+logging:
+ level: debug
+
+ # enable file rotation with default configuration
+ to_files: true
+
+ # do not log to syslog
+ to_syslog: false
+
+ files:
+ path: /usr/share/filebeat/logs
+ name: mybeat.log
+ keepfiles: 7
# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
apiVersion: v1
-kind: Secret
+kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-secret
+ name: {{ .Release.Name }}-cbs-filebeat-configmap
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
-type: Opaque
data:
- db-root-password: {{ .Values.global.config.mariadb.mariadbRootPassword | b64enc | quote }}
- db-user-password: {{ .Values.global.config.mariadb.userPassword | b64enc | quote }}
+{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - consul-server
+ - "-t"
+ - "15"
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ httpGet:
+ path: {{ .Values.readiness.path }}
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /opt/logs
+ env:
+ - name: CONSUL_HOST
+ value: consul.{{ include "common.namespace" . }}
+
+ - name: {{ include "common.name" . }}-filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ mountPath: /usr/share/filebeat/data
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /var/log/onap
+ volumes:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ configMap:
+ name: {{ .Release.Name }}-cbs-filebeat-configmap
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefixExt| default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.name }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.name }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ nodePortPrefixExt: 304
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ repositoryCred:
+ user: docker
+ password: docker
+
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+ # Addresses of other ONAP entities
+ address:
+ consul:
+ host: consul-server
+ port: 8500
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/org.onap.dcaegen2.platform.configbinding.app-app:2.2.3
+pullPolicy: Always
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ # liveness not desirable for Cloudify Manager container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ path: /healthcheck
+
+service:
+ type: NodePort
+ name: config-binding-service
+ externalPort: 10000
+ internalPort: 10000
+ nodePort: 15
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+# Kubernetes namespace for components deployed via Cloudify manager
+# If empty, use the common namespace
+# dcae_ns: "dcae"
#============LICENSE_START========================================================
#=================================================================================
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
# ============LICENSE_END=========================================================
-#TODO would like to make this conditional, as with the other input templates
-# but having template expansion issues trying to do that
-{{ if .Values.componentImages.config_binding_service }}
-cbs_image: {{ include "common.repository" . }}/{{ .Values.componentImages.config_binding_service }}
-{{ end }}
+apiVersion: v1
+description: ONAP DCAE Deployment Handler
+name: dcae-deployment-handler
+version: 4.0.0
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.0.0
repository: '@local'
--- /dev/null
+{
+ "cloudify": {
+ "protocol": "http"
+ },
+ "inventory": {
+ "protocol": "http"
+ }
+}
\ No newline at end of file
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+ #If enable will do load balancing among availabe Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
+
+logging:
+ level: debug
+
+ # enable file rotation with default configuration
+ to_files: true
+
+ # do not log to syslog
+ to_syslog: false
+
+ files:
+ path: /usr/share/filebeat/logs
+ name: mybeat.log
+ keepfiles: 7
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{include "common.fullname" . }}-filebeat-configmap
+ namespace: {{include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }}
\ No newline at end of file
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - dcae-cloudify-manager
+ - --container-name
+ - consul-server
+ - --container-name
+ - dcae-inventory-api
+ - "-t"
+ - "45"
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ - name: init-tls
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources: {}
+ volumeMounts:
+ - mountPath: /opt/tls/shared
+ name: tls-info
+ - name: init-consul
+ image: {{ .Values.global.consulLoaderRepository }}/{{ .Values.global.consulLoaderImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ args:
+ - --service
+ - "cloudify_manager|dcae-cloudify-manager.{{ include "common.namespace" . }}|80"
+ - --service
+ - "inventory|inventory.{{ include "common.namespace" . }}|8080"
+ - --key
+ - deployment_handler|/dhconfig/config.json
+ resources: {}
+ volumeMounts:
+ - mountPath: /dhconfig
+ name: dh-config
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ httpGet:
+ path: {{ .Values.readiness.path }}
+ port: {{ .Values.service.internalPort }}
+ scheme: {{ .Values.readiness.scheme }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - mountPath: /opt/app/dh/log
+ name: component-log
+ - mountPath: /opt/app/dh/etc/cert/
+ name: tls-info
+ env:
+ - name: CONSUL_HOST
+ value: consul-server.{{ include "common.namespace" . }}
+ - name: CLOUDIFY_USER
+ value: admin
+ - name: CLOUDIFY_PASSWORD
+ value: admin
+ - name: CONFIG_BINDING_SERVICE
+ value: config-binding-service
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ - name: {{ include "common.name" . }}-filebeat
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}
+ imagePullPolicy: IfNotPresent
+ resources: {}
+ volumeMounts:
+ - mountPath: /var/log/onap/deployment-handler
+ name: component-log
+ - mountPath: /usr/share/filebeat/data
+ name: filebeat-data
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ name: filebeat-conf
+ subPath: filebeat.yml
+ volumes:
+ - emptyDir: {}
+ name: component-log
+ - emptyDir: {}
+ name: filebeat-data
+ - configMap:
+ defaultMode: 420
+ name: {{ include "common.fullname" . }}-filebeat-configmap
+ name: filebeat-conf
+ - emptyDir: {}
+ name: tls-info
+ - configMap:
+ defaultMode: 422
+ name: {{ include "common.fullname" . }}-configmap
+ name: dh-config
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.name }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.name }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ tlsRepository: nexus3.onap.org:10001
+ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.1-STAGING-latest
+ consulLoaderRepository: nexus3.onap.org:10001
+ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0-STAGING-latest
+ repositoryCred:
+ user: docker
+ password: docker
+
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+ # Addresses of other ONAP entities
+ address:
+ consul:
+ host: consul-server
+ port: 8500
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/org.onap.dcaegen2.platform.deployment-handler:3.2.0
+pullPolicy: Always
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ # liveness not desirable for Cloudify Manager container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 30
+ periodSeconds: 30
+ path: /
+ scheme: HTTPS
+
+service:
+ type: ClusterIP
+ name: deployment-handler
+ externalPort: 8443
+ internalPort: 8443
+
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+# Kubernetes namespace for components deployed via Cloudify manager
+# If empty, use the common namespace
+# dcae_ns: "dcae"
apiVersion: v1
description: ONAP DCAE Health Check
name: dcae-healthcheck
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
periodSeconds: 10
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.1
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.4-STAGING-latest
# Resource Limit flavor -By Default using small
flavor: small
#============LICENSE_START========================================================
#=================================================================================
-# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
# ============LICENSE_END=========================================================
-#
-# ECOMP is a trademark and service mark of AT&T Intellectual Property.
-{{ if .Values.componentImages.deployment_handler }}
-deployment_handler_image: {{ include "common.repository" . }}/{{ .Values.componentImages.deployment_handler }}
-{{ end }}
-application_config:
- cloudify:
- protocol: "http"
- inventory:
- protocol: "http"
+
+apiVersion: v1
+description: ONAP DCAE Policy Handler
+name: dcae-policy-handler
+version: 4.0.0
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~4.0.0
+ repository: '@local'
--- /dev/null
+{
+ "policy_handler": {
+ "thread_pool_size": 4,
+ "pool_connections": 20,
+ "policy_retry_count": 5,
+ "policy_retry_sleep": 5,
+ "catch_up": {
+ "interval": 1200
+ },
+ "reconfigure": {
+ "interval": 600
+ },
+ "policy_engine": {
+ "url": "https://{{ .Values.config.address.policy_pdp }}.{{include "common.namespace" . }}:8081",
+ "path_notifications": "/pdp/notifications",
+ "path_api": "/pdp/api/",
+ "headers": {
+ "Accept": "application/json",
+ "Content-Type": "application/json",
+ "ClientAuth": "cHl0aG9uOnRlc3Q=",
+ "Authorization": "Basic dGVzdHBkcDphbHBoYTEyMw==",
+ "Environment": "TEST"
+ },
+ "target_entity": "policy_engine",
+ "tls_ca_mode": "cert_directory",
+ "tls_wss_ca_mode": "cert_directory",
+ "timeout_in_secs": 60,
+ "ws_ping_interval_in_secs": 180
+ },
+ "deploy_handler": {
+ "target_entity": "deployment_handler",
+ "url": "https://deployment-handler:8443",
+ "max_msg_length_mb": 5,
+ "query": {
+ "cfy_tenant_name": "default_tenant"
+ },
+ "tls_ca_mode": "cert_directory",
+ "timeout_in_secs": 60
+ }
+ }
+}
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+ #If enable will do load balancing among availabe Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
+
+logging:
+ level: debug
+
+ # enable file rotation with default configuration
+ to_files: true
+
+ # do not log to syslog
+ to_syslog: false
+
+ files:
+ path: /usr/share/filebeat/logs
+ name: mybeat.log
+ keepfiles: 7
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{include "common.fullname" . }}-filebeat-configmap
+ namespace: {{include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }}
\ No newline at end of file
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - dcae-deployment-handler
+ - --container-name
+ - consul-server
+ - --container-name
+ - pdp
+ - "-t"
+ - "45"
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ - name: init-tls
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources: {}
+ volumeMounts:
+ - mountPath: /opt/tls/shared
+ name: tls-info
+ - name: init-consul
+ image: {{ .Values.global.consulLoaderRepository }}/{{ .Values.global.consulLoaderImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ args:
+ - --key
+ - policy_handler|/phconfig/config.json
+ resources: {}
+ volumeMounts:
+ - mountPath: /phconfig
+ name: ph-config
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ httpGet:
+ path: {{ .Values.readiness.path }}
+ port: {{ .Values.service.internalPort }}
+ scheme: {{ .Values.readiness.scheme }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - mountPath: /opt/app/policy_handler/logs
+ name: component-log
+ - mountPath: /opt/app/policy_handler/etc/tls/certs/
+ name: tls-info
+ env:
+ - name: CONSUL_HOST
+ value: consul-server.{{ include "common.namespace" . }}
+ - name: CLOUDIFY_USER
+ value: admin
+ - name: CLOUDIFY_PASSWORD
+ value: admin
+ - name: CONFIG_BINDING_SERVICE
+ value: config-binding-service
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ - name: {{ include "common.name" . }}-filebeat
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}
+ imagePullPolicy: IfNotPresent
+ resources: {}
+ volumeMounts:
+ - mountPath: /var/log/onap/deployment-handler
+ name: component-log
+ - mountPath: /usr/share/filebeat/data
+ name: filebeat-data
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ name: filebeat-conf
+ subPath: filebeat.yml
+ volumes:
+ - emptyDir: {}
+ name: component-log
+ - emptyDir: {}
+ name: filebeat-data
+ - configMap:
+ defaultMode: 420
+ name: {{ include "common.fullname" . }}-filebeat-configmap
+ name: filebeat-conf
+ - emptyDir: {}
+ name: tls-info
+ - configMap:
+ defaultMode: 422
+ name: {{ include "common.fullname" . }}-configmap
+ name: ph-config
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.name }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.name }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ tlsRepository: nexus3.onap.org:10001
+ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.1-STAGING-latest
+ consulLoaderRepository: nexus3.onap.org:10001
+ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0-STAGING-latest
+ repositoryCred:
+ user: docker
+ password: docker
+
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+ # Addresses of other ONAP entities
+ address:
+ consul:
+ host: consul-server
+ port: 8500
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/org.onap.dcaegen2.platform.policy-handler:4.6.0-STAGING-latest
+pullPolicy: Always
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ # liveness not desirable for Cloudify Manager container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 60
+ periodSeconds: 300
+ path: /healthcheck
+ scheme: HTTP
+
+service:
+ type: ClusterIP
+ name: policy-handler
+ externalPort: 25577
+ internalPort: 25577
+
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+# Kubernetes namespace for components deployed via Cloudify manager
+# If empty, use the common namespace
+# dcae_ns: "dcae"
apiVersion: v1
description: ONAP DCAE Redis
name: dcae-redis
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+description: ONAP DCAE Service Change Handler
+name: dcae-servicechange-handler
+version: 4.0.0
\ No newline at end of file
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+description: ONAP DCAE Inventory API Service
+name: dcae-inventory-api
+version: 4.0.0
\ No newline at end of file
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~4.x-0
+ repository: '@local'
+ - name: postgres
+ version: ~4.x-0
+ repository: '@local'
--- /dev/null
+{
+ "database": {
+ "driverClass": "org.postgresql.Driver",
+ "user": "{{ .Values.postgres.config.pgUserName }}",
+ "password": "{{ .Values.postgres.config.pgUserPassword }}",
+ "url": "jdbc:postgresql://{{ .Values.postgres.service.name2 }}:5432/{{ .Values.postgres.config.pgDatabase }}",
+ "properties": {
+ "charSet": "UTF-8"
+ },
+ "maxWaitForConnection": "1s",
+ "validationQuery": "/* MyService Health Check */ SELECT 1",
+ "minSize": 2,
+ "maxSize": 8,
+ "initialSize": 2,
+ "checkConnectionWhileIdle": false,
+ "evictionInterval": "10s",
+ "minIdleTime": "1 minute"
+ },
+ "databusControllerConnection": {
+ "host": "databus-controller-hostname",
+ "port": 8443,
+ "mechId": null,
+ "password": null,
+ "required": false
+ },
+ "httpClient": {
+ "minThreads": 1,
+ "maxThreads": 128,
+ "gzipEnabled": false,
+ "gzipEnabledForRequests": false,
+ "timeout": "5000milliseconds",
+ "connectionTimeout": "5000milliseconds"
+ }
+ }
\ No newline at end of file
# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-prov-props-configmap
+ name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/provserver.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - {{ .Values.postgres.nameOverride }}
+ - "-t"
+ - "15"
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ # Assumes that the Docker image is built with ENTRYPOINT set to
+ # ["java", "-jar", "/opt/inventory-api-x.y.z.jar", "server"]
+ # where "x.y.z" is the version number (matches the Docker image version number)
+ # The arg below adds a parameter, the path to a config file.
+ # This tells the inventory-api app to get its configuration from the file
+ # rather than querying Consul.
+ args:
+ - "/opt/config.json"
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ httpGet:
+ path: {{ .Values.readiness.path }}
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-inv-config
+ mountPath: /opt/config.json
+ subPath: config.json
+ env:
+ - name: CONSUL_HOST
+ value: consul.{{ include "common.namespace" . }}
+ volumes:
+ - name: {{ include "common.fullname" . }}-inv-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.name }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.name }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ repositoryCred:
+ user: docker
+ password: docker
+
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+ # Addresses of other ONAP entities
+ address:
+ consul:
+ host: consul-server
+ port: 8500
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/org.onap.dcaegen2.platform.inventory-api:3.0.4
+
+pullPolicy: Always
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ # liveness not desirable for Cloudify Manager container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 30
+ periodSeconds: 30
+ path: /dcae-service-types
+
+service:
+ type: ClusterIP
+ name: inventory
+ externalPort: 8080
+ internalPort: 8080
+
+# application configuration override for postgres
+postgres:
+ nameOverride: dcae-inv-pg
+ service:
+ name: dcae-inv-postgres
+ name2: dcae-inv-pg-primary
+ name3: dcae-inv-pg-replica
+ container:
+ name:
+ primary: dcae-inv-pg-primary
+ replica: dcae-inv-pg-replica
+ config:
+ pgUserName: dcae_inv
+ pgDatabase: dcae_inventory
+ pgPrimaryPassword: onapdemodb
+ pgUserPassword: onapdemodb
+ pgRootPassword: onapdemodb
+ persistence:
+ mountSubPath: dcae-inv/data
+ mountInitPath: dcae-inv
+ pgpool:
+ nameOverride: dcae-inv-pgpool
+ service:
+ name: dcae-inv-pgpool
+ credentials:
+ pgusername: ddcae_inv
+ pgpassword: onapdemodb
+ container:
+ name:
+ primary: dcae-inv-pgpool-primary
+ replica: dcae-inv-pgpool-replica
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+# Kubernetes namespace for components deployed via Cloudify manager
+# If empty, use the common namespace
+# dcae_ns: "dcae"
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~4.x-0
+ repository: '@local'
--- /dev/null
+{
+ "asdcDistributionClient": {
+ "asdcAddress": "{{ .Values.config.address.sdc }}.{{include "common.namespace" . }}:8443",
+ "asdcUri": "https://{{ .Values.config.address.sdc }}.{{include "common.namespace" . }}:8443",
+ "msgBusAddress": "{{ .Values.config.address.message_router }}.{{include "common.namespace" . }}",
+ "user": "{{ .Values.sdc.user }}",
+ "password": "{{ .Values.sdc.password }}",
+ "pollingInterval": 20,
+ "pollingTimeout": 20,
+ "consumerGroup": "dcae",
+ "consumerId": "dcae-sch",
+ "environmentName": "{{ .Values.sdc.environmentName }}",
+ "keyStorePath": null,
+ "keyStorePassword": null,
+ "activateServerTLSAuth": {{ .Values.sdc.useHttps }},
+ "useHttpsWithDmaap": {{ .Values.dmaap.useHttps }},
+ "isFilterInEmptyResources": false
+ },
+ "dcaeInventoryClient": {
+ "uri": "http://inventory:8080"
+ }
+}
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - "dcae-inventory-api"
+ - --container-name
+ - "message-router"
+ - --container-name
+ - "sdc-dcae-be"
+ - "-t"
+ - "45"
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["java"]
+ args:
+ - "-jar"
+ - "/opt/servicechange-handler.jar"
+ - "prod"
+ - "/opt/config.json"
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ exec:
+ command: [{{ .Values.liveness.script }}]
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ exec:
+ command: [{{ .Values.readiness.script }}]
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-sch-config
+ mountPath: /opt/config.json
+ subPath: config.json
+ env:
+ - name: CONSUL_HOST
+ value: consul.{{ include "common.namespace" . }}
+ volumes:
+ - name: {{ include "common.fullname" . }}-sch-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ repositoryCred:
+ user: docker
+ password: docker
+
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+ address:
+ # Addresses of ONAP components
+ message_router: message-router
+ sdc: sdc-be
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/org.onap.dcaegen2.platform.servicechange-handler:1.1.5
+
+pullPolicy: Always
+
+# configuration for accessing SDC
+sdc:
+ user: "dcae"
+ password: !!str Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+ environmentName: "AUTO"
+ useHttps: false
+
+# configuration for accessing DMaaP
+dmaap:
+ useHttps: false
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 30
+ periodSeconds: 30
+ script: /opt/health.sh
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ # liveness not desirable for Cloudify Manager container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 30
+ periodSeconds: 30
+ script: /opt/health.sh
+
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+# Kubernetes namespace for components deployed via Cloudify manager
+# If empty, use the common namespace
+# dcae_ns: "dcae"
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP DMaaP components
name: dmaap
-version: 3.0.0
+version: 4.0.1
# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright © 2018 Amdocs,Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
-make-dmaap: make-bus-controller make-message-router make-dmaap-data-router
+make-dmaap: make-dmaap-bc make-message-router make-dmaap-dr-node make-dmaap-dr-prov
-make-bus-controller:
- cd charts && helm dep up dmaap-bus-controller && helm lint dmaap-bus-controller
+make-dmaap-bc:
+ cd components && helm dep up dmaap-bc && helm lint dmaap-bc
make-message-router:
- cd charts && helm dep up message-router && helm lint message-router
+ cd components && helm dep up message-router && helm lint message-router
-make-dmaap-data-router:
- cd charts && helm dep up dmaap-data-router && helm lint dmaap-data-router
+make-dmaap-dr-node:
+ cd components && helm dep up dmaap-dr-node && helm lint dmaap-dr-node
+
+make-dmaap-dr-prov:
+ cd components && helm dep up dmaap-dr-prov && helm lint dmaap-dr-prov
clean:
@find . -type f -name '*.tgz' -delete
+ @find . -type f -name '*.lock' -delete
+++ /dev/null
-{
- "feedName": "Default PM Feed",
- "feedVersion": "m1.1",
- "feedDescription": "Default feed provisioned for PM File collector",
- "asprClassification" : "unclassified",
- "owner": "onap",
- "pubs": [
- {
- "dcaeLocationName" : "san-francisco",
- "username": "dradmin",
- "userpwd": "dradmin"
- }
-
- ]
-}
-
+++ /dev/null
-# Example MySQL config file for medium systems.
-#
-# This is for a system with memory 8G where MySQL plays
-# an important part, or systems up to 128M where MySQL is used together with
-# other programs (such as a web server)
-#
-# In this file, you can use all long options that a program supports.
-# If you want to know which options a program supports, run the program
-# with the "--help" option.
-
-# The following options will be passed to all MySQL clients
-##[client]
-##user = root
-##port = 3306
-##socket = //opt/app/mysql/mysql.sock
-
-# Here follows entries for some specific programs
-
-# The MySQL server
-[mysqld]
-##performance_schema
-
-slow_query_log =ON
-long_query_time =2
-slow_query_log_file =//var/lib/mysql/slow_query.log
-
-skip-external-locking
-explicit_defaults_for_timestamp = true
-skip-symbolic-links
-local-infile = 0
-key_buffer_size = 16M
-max_allowed_packet = 4M
-table_open_cache = 100
-sort_buffer_size = 512K
-net_buffer_length = 8K
-read_buffer_size = 256K
-read_rnd_buffer_size = 512K
-myisam_sort_buffer_size = 8M
-max_connections = 300
-lower_case_table_names = 1
-thread_stack = 256K
-thread_cache_size = 25
-query_cache_size = 8M
-query_cache_type = 0
-query_prealloc_size = 512K
-query_cache_limit = 1M
-
-# Password validation
-##plugin-load-add=simple_password_check.so
-##simple_password_check_other_characters=0
-
-# Audit Log settings
-plugin-load-add=server_audit.so
-server_audit=FORCE_PLUS_PERMANENT
-server_audit_file_path=//var/lib/mysql/audit.log
-server_audit_file_rotate_size=50M
-server_audit_events=CONNECT,QUERY,TABLE
-server_audit_logging=on
-
-# Don't listen on a TCP/IP port at all. This can be a security enhancement,
-# if all processes that need to connect to mysqld run on the same host.
-# All interaction with mysqld must be made via Unix sockets or named pipes.
-# Note that using this option without enabling named pipes on Windows
-# (via the "enable-named-pipe" option) will render mysqld useless!
-#
-#skip-networking
-
-# Replication Master Server (default)
-# binary logging is required for replication
-##log-bin=//var/lib/mysql/mysql-bin
-
-# binary logging format - mixed recommended
-binlog_format=row
-
-# required unique id between 1 and 2^32 - 1
-# defaults to 1 if master-host is not set
-# but will not function as a master if omitted
-
-# Replication Slave (comment out master section to use this)
-#
-# To configure this host as a replication slave, you can choose between
-# two methods :
-#
-# 1) Use the CHANGE MASTER TO command (fully described in our manual) -
-# the syntax is:
-#
-# CHANGE MASTER TO MASTER_HOST=<host>, MASTER_PORT=<port>,
-# MASTER_USER=<user>, MASTER_PASSWORD=<password> ;
-#
-# where you replace <host>, <user>, <password> by quoted strings and
-# <port> by the master's port number (3306 by default).
-#
-# Example:
-#
-# CHANGE MASTER TO MASTER_HOST='125.564.12.1', MASTER_PORT=3306,
-# MASTER_USER='joe', MASTER_PASSWORD='secret';
-#
-# OR
-#
-# 2) Set the variables below. However, in case you choose this method, then
-# start replication for the first time (even unsuccessfully, for example
-# if you mistyped the password in master-password and the slave fails to
-# connect), the slave will create a master.info file, and any later
-# change in this file to the variables' values below will be ignored and
-# overridden by the content of the master.info file, unless you shutdown
-# the slave server, delete master.info and restart the slaver server.
-# For that reason, you may want to leave the lines below untouched
-# (commented) and instead use CHANGE MASTER TO (see above)
-#
-# required unique id between 2 and 2^32 - 1
-# (and different from the master)
-# defaults to 2 if master-host is set
-# but will not function as a slave if omitted
-#server-id = 2
-#
-# The replication master for this slave - required
-#master-host = <hostname>
-#
-# The username the slave will use for authentication when connecting
-# to the master - required
-#master-user = <username>
-#
-# The password the slave will authenticate with when connecting to
-# the master - required
-#master-password = <password>
-#
-# The port the master is listening on.
-# optional - defaults to 3306
-#master-port = <port>
-#
-# binary logging - not required for slaves, but recommended
-#log-bin=mysql-bin
-
-# Uncomment the following if you are using InnoDB tables
-##innodb_data_home_dir = //opt/app/mysql/data
-##innodb_data_file_path = ibdata1:20M:autoextend:max:32G
-##innodb_log_group_home_dir = //opt/app/mysql/iblogs
-# You can set .._buffer_pool_size up to 50 - 80 %
-# of RAM but beware of setting memory usage too high
-#innodb_buffer_pool_size = 6380M
-#innodb_additional_mem_pool_size = 2M
-# Set .._log_file_size to 25 % of buffer pool size
-innodb_log_file_size = 150M
-innodb_log_files_in_group = 3
-innodb_log_buffer_size = 8M
-#innodb_flush_log_at_trx_commit = 1
-innodb_lock_wait_timeout = 50
-innodb_autoextend_increment = 100
-expire_logs_days = 8
-open_files_limit = 2000
-transaction-isolation=READ-COMMITTED
-####### Galera parameters #######
-## Galera Provider configuration
-wsrep_provider=/usr/lib/galera/libgalera_smm.so
-wsrep_provider_options="gcache.size=1G; gcache.page_size=1G"
-## Galera Cluster configuration
-wsrep_cluster_name="MSO-automated-tests-cluster"
-wsrep_cluster_address="gcomm://"
-#wsrep_cluster_address="gcomm://mariadb1,mariadb2,mariadb3"
-##wsrep_cluster_address="gcomm://192.169.3.184,192.169.3.185,192.169.3.186"
-## Galera Synchronization configuration
-wsrep_sst_method=rsync
-#wsrep_sst_method=xtrabackup-v2
-#wsrep_sst_auth="sstuser:Mon#2o!6"
-## Galera Node configuration
-wsrep_node_name="mariadb1"
-##wsrep_node_address="192.169.3.184"
-wsrep_on=ON
-## Status notification
-#wsrep_notify_cmd=/opt/app/mysql/bin/wsrep_notify
-#######
-
-
-[mysqldump]
-quick
-max_allowed_packet = 16M
-
-[mysql]
-no-auto-rehash
-# Remove the next comment character if you are not familiar with SQL
-#safe-updates
-
-[myisamchk]
-key_buffer_size = 20971520
-
-##[mysqlhotcopy]
-##interactive-timeout
-##[mysqld_safe]
-##malloc-lib=//opt/app/mysql/local/lib/libjemalloc.so.1
-##log-error=//opt/app/mysql/log/mysqld.log
-
-general_log_file = /var/log/mysql/mysql.log
-general_log = 1
+++ /dev/null
-USE `datarouter`;
-
-CREATE TABLE FEEDS (
- FEEDID INT UNSIGNED NOT NULL PRIMARY KEY,
- GROUPID INT(10) UNSIGNED NOT NULL DEFAULT 0,
- NAME VARCHAR(255) NOT NULL,
- VERSION VARCHAR(20) NOT NULL,
- DESCRIPTION VARCHAR(1000),
- BUSINESS_DESCRIPTION VARCHAR(1000) DEFAULT NULL,
- AUTH_CLASS VARCHAR(32) NOT NULL,
- PUBLISHER VARCHAR(8) NOT NULL,
- SELF_LINK VARCHAR(256),
- PUBLISH_LINK VARCHAR(256),
- SUBSCRIBE_LINK VARCHAR(256),
- LOG_LINK VARCHAR(256),
- DELETED BOOLEAN DEFAULT FALSE,
- LAST_MOD TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
- SUSPENDED BOOLEAN DEFAULT FALSE,
- CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP
-);
-
-CREATE TABLE FEED_ENDPOINT_IDS (
- FEEDID INT UNSIGNED NOT NULL,
- USERID VARCHAR(20) NOT NULL,
- PASSWORD VARCHAR(32) NOT NULL
-);
-
-CREATE TABLE FEED_ENDPOINT_ADDRS (
- FEEDID INT UNSIGNED NOT NULL,
- ADDR VARCHAR(44) NOT NULL
-);
-
-CREATE TABLE SUBSCRIPTIONS (
- SUBID INT UNSIGNED NOT NULL PRIMARY KEY,
- FEEDID INT UNSIGNED NOT NULL,
- GROUPID INT(10) UNSIGNED NOT NULL DEFAULT 0,
- DELIVERY_URL VARCHAR(256),
- DELIVERY_USER VARCHAR(20),
- DELIVERY_PASSWORD VARCHAR(32),
- DELIVERY_USE100 BOOLEAN DEFAULT FALSE,
- METADATA_ONLY BOOLEAN DEFAULT FALSE,
- SUBSCRIBER VARCHAR(8) NOT NULL,
- SELF_LINK VARCHAR(256),
- LOG_LINK VARCHAR(256),
- LAST_MOD TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
- SUSPENDED BOOLEAN DEFAULT FALSE,
- CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP
-
-);
-
-CREATE TABLE PARAMETERS (
- KEYNAME VARCHAR(32) NOT NULL PRIMARY KEY,
- VALUE VARCHAR(4096) NOT NULL
-);
-
-CREATE TABLE LOG_RECORDS (
- TYPE ENUM('pub', 'del', 'exp', 'pbf', 'dlx') NOT NULL,
- EVENT_TIME BIGINT NOT NULL, /* time of the publish request */
- PUBLISH_ID VARCHAR(64) NOT NULL, /* unique ID assigned to this publish attempt */
- FEEDID INT UNSIGNED NOT NULL, /* pointer to feed in FEEDS */
- REQURI VARCHAR(256) NOT NULL, /* request URI */
- METHOD ENUM('DELETE', 'GET', 'HEAD', 'OPTIONS', 'PUT', 'POST', 'TRACE') NOT NULL, /* HTTP method */
- CONTENT_TYPE VARCHAR(256) NOT NULL, /* content type of published file */
- CONTENT_LENGTH BIGINT NOT NULL, /* content length of published file */
-
- FEED_FILEID VARCHAR(256), /* file ID of published file */
- REMOTE_ADDR VARCHAR(40), /* IP address of publishing endpoint */
- USER VARCHAR(50), /* user name of publishing endpoint */
- STATUS SMALLINT, /* status code returned to delivering agent */
-
- DELIVERY_SUBID INT UNSIGNED, /* pointer to subscription in SUBSCRIPTIONS */
- DELIVERY_FILEID VARCHAR(256), /* file ID of file being delivered */
- RESULT SMALLINT, /* result received from subscribing agent */
-
- ATTEMPTS INT, /* deliveries attempted */
- REASON ENUM('notRetryable', 'retriesExhausted', 'diskFull', 'other'),
-
- RECORD_ID BIGINT UNSIGNED NOT NULL PRIMARY KEY, /* unique ID for this record */
- CONTENT_LENGTH_2 BIGINT,
-
- INDEX (FEEDID) USING BTREE,
- INDEX (DELIVERY_SUBID) USING BTREE,
- INDEX (RECORD_ID) USING BTREE
-) ENGINE = MyISAM;
-
-CREATE TABLE INGRESS_ROUTES (
- SEQUENCE INT UNSIGNED NOT NULL,
- FEEDID INT UNSIGNED NOT NULL,
- USERID VARCHAR(20),
- SUBNET VARCHAR(44),
- NODESET INT UNSIGNED NOT NULL
-);
-
-CREATE TABLE EGRESS_ROUTES (
- SUBID INT UNSIGNED NOT NULL PRIMARY KEY,
- NODEID INT UNSIGNED NOT NULL
-);
-
-CREATE TABLE NETWORK_ROUTES (
- FROMNODE INT UNSIGNED NOT NULL,
- TONODE INT UNSIGNED NOT NULL,
- VIANODE INT UNSIGNED NOT NULL
-);
-
-CREATE TABLE NODESETS (
- SETID INT UNSIGNED NOT NULL,
- NODEID INT UNSIGNED NOT NULL
-);
-
-CREATE TABLE NODES (
- NODEID INT UNSIGNED NOT NULL PRIMARY KEY,
- NAME VARCHAR(255) NOT NULL,
- ACTIVE BOOLEAN DEFAULT TRUE
-);
-
-CREATE TABLE GROUPS (
- GROUPID INT UNSIGNED NOT NULL PRIMARY KEY,
- AUTHID VARCHAR(100) NOT NULL,
- NAME VARCHAR(50) NOT NULL,
- DESCRIPTION VARCHAR(255),
- CLASSIFICATION VARCHAR(20) NOT NULL,
- MEMBERS TINYTEXT,
- LAST_MOD TIMESTAMP DEFAULT CURRENT_TIMESTAMP
-);
-
-INSERT INTO PARAMETERS VALUES
- ('ACTIVE_POD', '{{.Values.global.config.dmaapDrProv.name}}'),
- ('PROV_ACTIVE_NAME', '{{.Values.global.config.dmaapDrProv.name}}'),
- ('STANDBY_POD', ''),
- ('PROV_NAME', '{{.Values.global.config.dmaapDrProv.name}}'),
- ('NODES', '{{.Values.global.config.dmaapDrNode.name}}'),
- ('PROV_DOMAIN', '{{ include "common.namespace" . }}'),
- ('DELIVERY_INIT_RETRY_INTERVAL', '10'),
- ('DELIVERY_MAX_AGE', '86400'),
- ('DELIVERY_MAX_RETRY_INTERVAL', '3600'),
- ('DELIVERY_RETRY_RATIO', '2'),
- ('LOGROLL_INTERVAL', '300'),
- ('PROV_AUTH_ADDRESSES', '{{.Values.global.config.dmaapDrProv.name}}|{{.Values.global.config.dmaapDrNode.name}}'),
- ('PROV_AUTH_SUBJECTS', ''),
- ('PROV_MAXFEED_COUNT', '10000'),
- ('PROV_MAXSUB_COUNT', '100000'),
- ('PROV_REQUIRE_CERT', 'false'),
- ('PROV_REQUIRE_SECURE', 'false'),
- ('_INT_VALUES', 'LOGROLL_INTERVAL|PROV_MAXFEED_COUNT|PROV_MAXSUB_COUNT|DELIVERY_INIT_RETRY_INTERVAL|DELIVERY_MAX_RETRY_INTERVAL|DELIVERY_RETRY_RATIO|DELIVERY_MAX_AGE');
+++ /dev/null
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.global.config.mariadb.servicetype }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.global.config.mariadb.servicetype }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{.Values.global.config.mariadb.externalPort}}
-{{- else if contains "ClusterIP" .Values.global.config.mariadb.servicetype }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{.Values.global.config.mariadb.internalPort}}
-{{- end }}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- spec:
- hostname: {{.Values.global.config.dmaapDrNode.name}}
- initContainers:
- - name: {{ include "common.name" . }}-readiness
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - /root/ready.py
- args:
- - --container-name
- - {{.Values.global.config.dmaapDrProv.name}}
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{.Values.global.config.dmaapDrNode.externalPort}}
- - containerPort: {{.Values.global.config.dmaapDrNode.externalPort2}}
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{.Values.global.config.dmaapDrNode.internalPort}}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- readinessProbe:
- tcpSocket:
- port: {{.Values.global.config.dmaapDrNode.internalPort}}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: false
- - mountPath: /opt/app/datartr/etc/dedicatedFeed.json
- subPath: dedicatedFeed.json
- name: create-feed
- - mountPath: /opt/app/datartr/etc/createFeed.sh
- subPath: createFeed.sh
- name: create-feed
- - mountPath: /opt/app/datartr/etc/node.properties
- subPath: node.properties
- name: node-props
- lifecycle:
- postStart:
- exec:
- command:
- - /opt/app/datartr/etc/createFeed.sh
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: create-feed
- configMap:
- name: {{ include "common.fullname" . }}-create-feed-configmap
- defaultMode: 0755
- - name: node-props
- configMap:
- name: {{ include "common.fullname" . }}-node-props-configmap
- - name: dr-node-data
- {{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# DMaap Data Router Global config defaults.
-#################################################################
-global:
- persistence: {}
- env:
- name: AUTO
- ubuntuInitRepository: oomk8s
- ubuntuInitImage: ubuntu-init:1.0.0
-
- config:
-# dr db configuration
- mariadb:
- servicetype: ClusterIP
- name: dmaap-dr-db
- portName: dr-db-port
- internalPort: 3306
- externalPort: 3306
- mariadbRootPassword: datarouter
- userName: datarouter
- userPassword: datarouter
- mysqlDatabase: datarouter
-# dr provisioning server configuration
- dmaapDrProv:
- servicetype: NodePort
- name: dmaap-dr-prov
- externalPort: 8080
- externalPort2: 8443
- internalPort: 8080
- internalPort2: 8443
- portName: dr-prov-port
- portName2: dr-prov-port2
- nodePort: 59
- nodePort2: 69
-# dr node server configuration
- dmaapDrNode:
- servicetype: ClusterIP
- name: dmaap-dr-node
- externalPort: 8080
- internalPort: 8080
- externalPort2: 8443
- internalPort2: 8443
- portName: dr-node-port
- portName2: dr-node-port2
# limitations under the License.
apiVersion: v1
-description: a Helm chart to deploy ONAP DMaaP Bus Controller (aka dmaap-prov) in Kubernetes
-name: dmaap-bus-controller
-version: 3.0.0
+description: a Helm chart to deploy ONAP DMaaP Bus Controller (aka dmaap-bc) in Kubernetes
+name: dmaap-bc
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: postgres
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
#
#####################################################
# Indicator for whether to use AAF
-UseAAF: false
+UseAAF: true
# csit: stubs out some southbound APIs for csit
csit: No
# name of this DMaaP instance (deprecated)
-DmaapName: demo
+#DmaapName: demo
#####################################################
#
#
#####################################################
# FQDN of DR Prov Server (deprecated)
-DR.provhost: dcae-drps.domain.not.set
+#DR.provhost: dcae-drps.domain.not.set
# URI to retrieve dynamic DR configuration
ProvisioningURI: /internal/prov
MR.TopicMgrRole: org.onap.dmaap-bc-topic-mgr.client
# MR topic ProjectID (used in certain topic name generation formats)
-MR.projectID: ONAP
+MR.projectID: mr
#####################################################
# Admin Password
aaf.AdminPassword: {{ .Values.adminPwd }}
+# Identity that is owner of any created namespaces for topics
+aaf.NsOwnerIdentity: {{ .Values.adminUser }}
+
# location of the codec keyfile used to decrypt passwords in this properties file before they are passed to AAF
CredentialCodeKeyfile: etc/LocalKey
KeyStoreFile: etc/keystore
# password for the https keystore
-KeyStorePassword: *j&Z*Ma;.4My4M]W0eB*fal$
-
+KeyStorePassword: Y@Y5f&gm?PAz,CVQL,lk[VAF
# password for the private key in the https keystore
-KeyPassword: *j&Z*Ma;.4My4M]W0eB*fal$
+KeyPassword: Y@Y5f&gm?PAz,CVQL,lk[VAF
# type of truststore for https
TrustStoreType: jks
TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks
# password for the https truststore
-TrustStorePassword: pi8HuuSbN03MtQQ7(5TcyQ6;
+TrustStorePassword: 8b&R5%l$l:@jSWz@FCs;rhY*
# path to the file used to trigger an orderly shutdown
QuiesceFile: etc/SHUTDOWN
+inHttpsPort: 0
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs,Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-mdb-configmap
+ name: {{ include "common.fullname" . }}-config
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
---
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-mdb-initd-configmap
+ name: {{ include "common.fullname" . }}-dbc-dmaap
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/mariadb/docker-entrypoint-initdb.d/sql_init_01.sql").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/dmaap/*.json").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-dbc-dcaelocations
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/dcaeLocations/*.json").AsConfig . | indent 2 }}
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
+ hostAliases:
+ - ip: "10.12.6.214"
+ hostnames:
+ - "aaf-onap-test.osaaf.org"
initContainers:
- command:
- /root/ready.py
- name: {{ include "common.name" . }}-config
mountPath: /opt/app/config/conf/
-# NOTE: the basename of the subdirectory is important - it matches the DBCL API URI
- - name: {{ include "common.name" . }}-dmaap
- mountPath: /opt/app/config/dmaap/
- - name: {{ include "common.name" . }}-dcaelocations
- mountPath: /opt/app/config/dcaeLocations/
- - name: {{ include "common.name" . }}-mrclusters
- mountPath: /opt/app/config/mr_clusters/
- - name: {{ include "common.name" . }}-topics
- mountPath: /opt/app/config/topics/
- - name: {{ include "common.name" . }}-feeds
- mountPath: /opt/app/config/feeds/
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
- name: {{ include "common.name" . }}-config
configMap:
name: {{ include "common.fullname" . }}-config
- - name: {{ include "common.name" . }}-dmaap
- configMap:
- name: {{ include "common.fullname" . }}-dmaap
- - name: {{ include "common.name" . }}-dcaelocations
- configMap:
- name: {{ include "common.fullname" . }}-dcaelocations
- - name: {{ include "common.name" . }}-mrclusters
- configMap:
- name: {{ include "common.fullname" . }}-mrclusters
- - name: {{ include "common.name" . }}-topics
- configMap:
- name: {{ include "common.fullname" . }}-topics
- - name: {{ include "common.name" . }}-feeds
- configMap:
- name: {{ include "common.fullname" . }}-feeds
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-post-install
+ labels:
+ app.kubernetes.io/managed-by: {{.Release.Service | quote }}
+ app.kubernetes.io/instance: {{.Release.Name | quote }}
+ helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}"
+ annotations:
+ # This is what defines this resource as a hook. Without this line, the
+ # job is considered part of the release.
+ "helm.sh/hook": post-install
+ "helm.sh/hook-weight": "-5"
+ "helm.sh/hook-delete-policy": hook-succeeded
+spec:
+ template:
+ metadata:
+ name: {{ include "common.fullname" . }}
+ labels:
+ app.kubernetes.io/managed-by: {{.Release.Service | quote }}
+ app.kubernetes.io/instance: {{.Release.Name | quote }}
+ helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}"
+ spec:
+ restartPolicy: Never
+
+ containers:
+ - name: post-install-job
+ image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: DELAY
+ value: "0"
+ - name: PROTO
+ value: "http"
+ - name: PORT
+ value: "8080"
+ - name: REQUESTID
+ value: "{{.Chart.Name}}-post-install"
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+
+# NOTE: on the following several configMaps, careful to include / at end
+# since there may be more than one file in each mountPath
+# NOTE: the basename of the subdirectory of mountPath is important - it matches the DBCL API URI
+ - name: {{ include "common.fullname" . }}-dbc-dmaap
+ mountPath: /opt/app/config/dmaap/
+ - name: {{ include "common.fullname" . }}-dbc-dcaelocations
+ mountPath: /opt/app/config/dcaeLocations/
+ resources:
+{{ include "common.resources" . | indent 10 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-dbc-dmaap
+ configMap:
+ name: {{ include "common.fullname" . }}-dbc-dmaap
+ - name: {{ include "common.fullname" . }}-dbc-dcaelocations
+ configMap:
+ name: {{ include "common.fullname" . }}-dbc-dcaelocations
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
# application images
repository: nexus3.onap.org:10001
-
-image: onap/dmaap/buscontroller:1.0.23
+image: onap/dmaap/dmaap-bc:1.1.2
# application configuration
dmaapMessageRouterService: message-router
-aafURL: https://aaf-authz/
+# change the following value to point to Windriver instance maintained
+# but AAF team.
+# e.g.
+#aafURL: https://aaf-onap-test.osaaf.org:8095/proxy/
+aafURL: https://aaf-service:8100/
topicMgrUser: dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org
topicMgrPwd: demo123456!
adminUser: aaf_admin@people.osaaf.org
apiVersion: v1
description: ONAP DMaaP Data Router Node Server
name: dmaap-dr-node
-version: 1.0
+version: 4.0.0
--- /dev/null
+#
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+#
+
+dependencies:
+ - name: common
+ version: ~4.x-0
+ repository: '@local'
--- /dev/null
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
+cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile
+cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
+cadi_keystore_password=]3V)($O&.Mv]W{f8^]6SxGNL
+cadi_key_password=]3V)($O&.Mv]W{f8^]6SxGNL
+cadi_alias=dmaap-dr-node@dmaap-dr.onap.org
+cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
+cadi_truststore_password=(Rd,&{]%ePdp}4JZjqoJ2G+g
+
+aaf_env=DEV
+aaf_locate_url=https://aaf-onap-test.osaaf.org:8095
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
+cadi_protocols=TLSv1.1,TLSv1.2
+cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1
+fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1
+gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1
+
+cadi_latitude=53.423
+cadi_longitude=7.940
+
+cadi_loglevel=INFO
\ No newline at end of file
#!/bin/sh
-dr_prov_url="{{.Values.global.config.dmaapDrProv.name}}:{{.Values.global.config.dmaapDrProv.internalPort2}}"
-ct_header="Content-Type:application/vnd.att-dr.feed"
-obo_header="X-ATT-DR-ON-BEHALF-OF:dradmin"
+dr_prov_url="{{.Values.config.dmaapDrProv.name}}:{{.Values.config.dmaapDrProv.internalPort2}}"
+ct_header="Content-Type:application/vnd.dmaap-dr.feed"
+obo_header="X-DMAAP-DR-ON-BEHALF-OF:dradmin"
feed_payload=/opt/app/datartr/etc/dedicatedFeed.json
sleep 20
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ - /opt/app/datartr/logs/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+ #If enable will do load balancing among available Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
\ No newline at end of file
--- /dev/null
+<!--
+ ============LICENSE_START=======================================================
+ Copyright (C) 2019 Nordix Foundation.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+ SPDX-License-Identifier: Apache-2.0
+ ============LICENSE_END=========================================================
+-->
+<configuration scan="true" scanPeriod="3 seconds" debug="true">
+
+ <property name="generalLogName" value="apicalls" />
+ <property name="errorLogName" value="errors" />
+ <property name="jettyAndNodeLogName" value="node"/>
+
+ <property name="defaultPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|%msg%n" />
+ <property name="jettyAndNodeLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%thread|%.-5level|%msg%n" />
+ <property name="debugLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|[%caller{3}]|%msg%n" />
+
+ <property name="logDirectory" value="/opt/app/datartr/logs" />
+
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+
+ <appender name="EELF"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${generalLogName}.log</file>
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${generalLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELF" />
+ </appender>
+
+ <appender name="EELFError"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${errorLogName}.log</file>
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>ERROR</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${errorLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFError"/>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <appender name="jettyAndNodelog"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${jettyAndNodeLogName}.log</file>
+ <filter class="org.onap.dmaap.datarouter.node.eelf.EELFFilter" />
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${jettyAndNodeLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${jettyAndNodeLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFjettyAndNodelog" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="jettyAndNodelog" />
+ <includeCallerData>true</includeCallerData>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF loggers -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="info" additivity="false">
+ <appender-ref ref="asyncEELF" />
+ </logger>
+
+ <logger name="com.att.eelf.error" level="error" additivity="false">
+ <appender-ref ref="asyncEELFError" />
+ </logger>
+
+ <logger name="log4j.logger.org.eclipse.jetty" additivity="false" level="info">
+ <appender-ref ref="asyncEELFjettyAndNodelog"/>
+ </logger>
+
+ <root level="INFO">
+ <appender-ref ref="asyncEELF" />
+ <appender-ref ref="asyncEELFError" />
+ <appender-ref ref="asyncEELFjettyAndNodelog" />
+ </root>
+
+</configuration>
# URL to retrieve dynamic configuration
#
#ProvisioningURL: ${DRTR_PROV_INTURL}
-ProvisioningURL=https://{{.Values.global.config.dmaapDrProv.name}}:{{.Values.global.config.dmaapDrProv.externalPort2}}/internal/prov
+ProvisioningURL=https://{{.Values.config.dmaapDrProv.name}}:{{.Values.config.dmaapDrProv.externalPort2}}/internal/prov
#
# URL to upload PUB/DEL/EXP logs
#
#LogUploadURL: ${DRTR_LOG_URL}
-LogUploadURL=https://{{.Values.global.config.dmaapDrProv.name}}:{{.Values.global.config.dmaapDrProv.externalPort2}}/internal/logs
+LogUploadURL=https://{{.Values.config.dmaapDrProv.name}}:{{.Values.config.dmaapDrProv.externalPort2}}/internal/logs
#
# The port number for http as seen within the server
#
#IntHttpPort: ${DRTR_NODE_INTHTTPPORT:-8080}
-IntHttpPort={{.Values.global.config.dmaapDrNode.internalPort}}
+IntHttpPort={{.Values.config.dmaapDrNode.internalPort}}
#
# The port number for https as seen within the server
#
-IntHttpsPort={{.Values.global.config.dmaapDrNode.internalPort2}}
+IntHttpsPort={{.Values.config.dmaapDrNode.internalPort2}}
#
# The external port number for https taking port mapping into account
#
#
# The password for the https keystore
#
-KeyStorePassword=4*&GD+w58RUM]01No.CYY;z6
+KeyStorePassword=]3V)($O&.Mv]W{f8^]6SxGNL
#
# The password for the private key in the https keystore
#
-KeyPassword=4*&GD+w58RUM]01No.CYY;z6
+KeyPassword=]3V)($O&.Mv]W{f8^]6SxGNL
#
# The type of truststore for https
#
#
# The password for the https truststore
#
-TrustStorePassword=UDXlT6Iu[F)k,Htk92+B,0Xj
+TrustStorePassword=(Rd,&{]%ePdp}4JZjqoJ2G+g
#
# The path to the file used to trigger an orderly shutdown
#
# The key used to generate passwords for node to node transfers
#
NodeAuthKey=Node123!
+#
+# DR_NODE DEFAULT ENABLED TLS PROTOCOLS
+NodeHttpsProtocols = TLSv1.1|TLSv1.2
+#
+# AAF type to generate permission string
+AAFType = org.onap.dmaap-dr.feed
+#
+# AAF default instance to generate permission string - default should be legacy
+AAFInstance = legacy
+#
+# AAF action to generate permission string - default should be publish
+AAFAction = publish
+#
+# AAF URL to connect to AAF server
+AafUrl = https://aaf-onap-test.osaaf.org:8095
+#
+# AAF CADI enabled flag
+CadiEnabled = false
--- /dev/null
+{
+ "dcaeLocationName" : "san-francisco",
+ "fqdn" : "dmaap-dr-node.san-francisco",
+ "hostName" : "dmaap-dr-node.pod",
+ "version" : "1.0.1"
+}
--- /dev/null
+{
+ "dcaeLocationName" : "edge1",
+ "fqdn" : "dmaap-dr-node.edge1",
+ "hostName" : "dmaap-dr-node.pod.edge1",
+ "version" : "1.0.1"
+}
{{- range .Values.ingress.hosts }}
http://{{ . }}
{{- end }}
-{{- else if contains "NodePort" .Values.global.config.dmaapDrNode.servicetype }}
+{{- else if contains "NodePort" .Values.config.dmaapDrNode.servicetype }}
export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.global.config.dmaapDrNode.servicetype }}
+{{- else if contains "LoadBalancer" .Values.config.dmaapDrNode.servicetype }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{.Values.global.config.dmaapDrNode.externalPort}}
-{{- else if contains "ClusterIP" .Values.global.config.dmaapDrNode.servicetype }}
+ echo http://$SERVICE_IP:{{.Values.config.dmaapDrNode.externalPort}}
+{{- else if contains "ClusterIP" .Values.config.dmaapDrNode.servicetype }}
export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{.Values.global.config.dmaapDrNode.internalPort}}
+ kubectl port-forward $POD_NAME 8080:{{.Values.config.dmaapDrNode.internalPort}}
{{- end }}
\ No newline at end of file
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-create-feed-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/feeds/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-dbc-drnodes
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/dr_nodes/*.json").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }}
--- /dev/null
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-post-install
+ labels:
+ app.kubernetes.io/managed-by: {{.Release.Service | quote }}
+ app.kubernetes.io/instance: {{.Release.Name | quote }}
+ helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}"
+ annotations:
+ # This is what defines this resource as a hook. Without this line, the
+ # job is considered part of the release.
+ "helm.sh/hook": post-install
+ "helm.sh/hook-weight": "-2"
+ "helm.sh/hook-delete-policy": hook-succeeded
+spec:
+ template:
+ metadata:
+ name: {{ include "common.fullname" . }}
+ labels:
+ app.kubernetes.io/managed-by: {{.Release.Service | quote }}
+ app.kubernetes.io/instance: {{.Release.Name | quote }}
+ helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}"
+ spec:
+ restartPolicy: Never
+ containers:
+ - name: post-install-job
+ image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: DELAY
+ value: "60"
+ - name: PROTO
+ value: "http"
+ - name: PORT
+ value: "8080"
+ - name: REQUESTID
+ value: "{{.Chart.Name}}-post-install"
+
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+
+# NOTE: on the following several configMaps, careful to include / at end
+# since there may be more than one file in each mountPath
+# NOTE: the basename of the subdirectory is important - it matches the DBCL API URI
+ - name: {{ include "common.fullname" . }}-dbc-drnodes
+ mountPath: /opt/app/config/dr_nodes/
+ resources:
+{{ include "common.resources" . | indent 10 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-dbc-drnodes
+ configMap:
+ name: {{ include "common.fullname" . }}-dbc-drnodes
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+{{/*
+ # ============LICENSE_START=======================================================
+ # Copyright (C) 2019 Nordix Foundation.
+ # ================================================================================
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+ #
+ # SPDX-License-Identifier: Apache-2.0
+ # ============LICENSE_END=========================================================
+*/}}
+
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-spool-data-pv
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}-spool-data-pv
+spec:
+ capacity:
+ storage: {{ .Values.persistence.spoolSize }}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" . }}-spool-data-stcl"
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.spoolMountSubPath }}
+---
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-event-logs-pv
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}-event-logs-pv
+spec:
+ capacity:
+ storage: {{ .Values.persistence.eventLogSize }}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" . }}-event-logs-stcl"
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.eventLogsMountSubPath }}
\ No newline at end of file
apiVersion: v1
kind: Service
metadata:
- name: {{.Values.global.config.dmaapDrNode.name}}
+ name: {{.Values.config.dmaapDrNode.name}}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
annotations:
service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
spec:
- type: {{.Values.global.config.dmaapDrNode.servicetype}}
+ type: {{.Values.config.dmaapDrNode.servicetype}}
ports:
- {{if eq .Values.global.config.dmaapDrNode.servicetype "NodePort" -}}
- - port: {{.Values.global.config.dmaapDrNode.externalPort}}
- targetPort: {{.Values.global.config.dmaapDrNode.internalPort}}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.global.config.dmaapDrNode.nodePort}}
- name: {{.Values.global.config.dmaapDrNode.name}}
- - port: {{.Values.global.config.dmaapDrNode.externalPort2}}
- targetPort: {{.Values.global.config.dmaapDrNode.internalPort2}}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.global.config.dmaapDrNode.nodePort2}}
- name: {{.Values.global.config.dmaapDrNode.name}}2
+ {{if eq .Values.config.dmaapDrNode.servicetype "NodePort" -}}
+ - port: {{.Values.config.dmaapDrNode.externalPort}}
+ targetPort: {{.Values.config.dmaapDrNode.internalPort}}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrNode.nodePort}}
+ name: {{.Values.config.dmaapDrNode.name}}
+ - port: {{.Values.config.dmaapDrNode.externalPort2}}
+ targetPort: {{.Values.config.dmaapDrNode.internalPort2}}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrNode.nodePort2}}
+ name: {{.Values.config.dmaapDrNode.name}}2
{{- else -}}
- - port: {{.Values.global.config.dmaapDrNode.externalPort}}
- targetPort: {{.Values.global.config.dmaapDrNode.internalPort}}
- name: {{.Values.global.config.dmaapDrNode.name}}
- - port: {{.Values.global.config.dmaapDrNode.externalPort2}}
- targetPort: {{.Values.global.config.dmaapDrNode.internalPort2}}
- name: {{.Values.global.config.dmaapDrNode.name}}2
+ - port: {{.Values.config.dmaapDrNode.externalPort}}
+ targetPort: {{.Values.config.dmaapDrNode.internalPort}}
+ name: {{.Values.config.dmaapDrNode.name}}
+ - port: {{.Values.config.dmaapDrNode.externalPort2}}
+ targetPort: {{.Values.config.dmaapDrNode.internalPort2}}
+ name: {{.Values.config.dmaapDrNode.name}}2
{{- end}}
selector:
app: {{ include "common.name" . }}
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: apps/v1beta1
+kind: StatefulSet
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ serviceName: {{ .Values.config.dmaapDrNode.name }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - dmaap-dr-prov
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{.Values.config.dmaapDrNode.externalPort}}
+ - containerPort: {{.Values.config.dmaapDrNode.externalPort2}}
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{.Values.config.dmaapDrNode.internalPort}}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{.Values.config.dmaapDrNode.internalPort}}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - mountPath: {{ .Values.persistence.spoolPath }}
+ name: {{ include "common.fullname" . }}-spool-data-pvc
+ - mountPath: {{ .Values.persistence.eventLogsPath }}
+ name: {{ include "common.fullname" . }}-event-logs-pvc
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: false
+ - mountPath: /opt/app/datartr/etc/dedicatedFeed.json
+ name: {{ include "common.fullname" . }}-create-feed-config
+ subPath: dedicatedFeed.json
+ - mountPath: /opt/app/datartr/etc/createFeed.sh
+ name: {{ include "common.fullname" . }}-create-feed-config
+ subPath: createFeed.sh
+ - mountPath: /opt/app/datartr/etc/node.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: node.properties
+ - mountPath: /opt/app/datartr/etc/drNodeCadi.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: drNodeCadi.properties
+ lifecycle:
+ postStart:
+ exec:
+ command:
+ - /opt/app/datartr/etc/createFeed.sh
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ # Filebeat sidecar container
+ - name: {{ include "common.fullname" . }}-filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ mountPath: /usr/share/filebeat/data
+ - name: {{ include "common.fullname" . }}-event-logs-pvc
+ mountPath: /var/log/onap/datarouter-node
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-create-feed-config
+ configMap:
+ name: {{ include "common.fullname" . }}-create-feed-configmap
+ defaultMode: 0755
+ items:
+ - key: createFeed.sh
+ path: createFeed.sh
+ - key: dedicatedFeed.json
+ path: dedicatedFeed.json
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ items:
+ - key: node.properties
+ path: node.properties
+ - key: drNodeCadi.properties
+ path: drNodeCadi.properties
+ - name: {{ include "common.fullname" . }}-log-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-log
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-event-logs-pvc
+ emptyDir: {}
+ volumeClaimTemplates:
+ - metadata:
+ name: {{ include "common.fullname" . }}-spool-data-pvc
+ labels:
+ name: {{ include "common.fullname" . }}
+ spec:
+ accessModes: [ {{ .Values.persistence.accessMode }} ]
+ storageClassName: {{ include "common.fullname" . }}-spool-data-stcl
+ resources:
+ requests:
+ storage: {{ .Values.persistence.spoolSize }}
+ selector:
+ matchLabels:
+ name: {{ include "common.fullname" . }}-spool-data-pv
+ - metadata:
+ name: {{ include "common.fullname" . }}-event-logs-pvc
+ labels:
+ name: {{ include "common.fullname" . }}
+ spec:
+ accessModes: [ {{ .Values.persistence.accessMode }} ]
+ storageClassName: {{ include "common.fullname" . }}-event-logs-stcl
+ resources:
+ requests:
+ storage: {{ .Values.persistence.eventLogSize }}
+ selector:
+ matchLabels:
+ name: {{ include "common.fullname" . }}-event-logs-pv
readinessImage: readiness-check:2.0.0
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ loggingDirectory: /opt/app/datartr/logs
#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dmaap/datarouter-node:1.0.3
+image: onap/dmaap/datarouter-node:2.0.2
pullPolicy: Always
# flag to enable debugging - application support required
## Persist data to a persitent volume
persistence:
- enabled: false
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteMany
+ mountPath: /dockerdata-nfs
+
+ spoolMountSubPath: data-router/dr-node/spool-data
+ spoolSize: 1Gi
+ spoolPath: /opt/app/datartr/spool
+
+ eventLogsMountSubPath: data-router/dr-node/event-logs
+ eventLogSize: 1Gi
+ eventLogsPath: /opt/app/datartr/logs
ingress:
enabled: false
cpu: 1000m
memory: 2Gi
unlimited: {}
+
+config:
+ # dr node server configuration
+ dmaapDrNode:
+ servicetype: ClusterIP
+ name: dmaap-dr-node
+ externalPort: 8080
+ externalPort2: 8443
+ internalPort: 8080
+ internalPort2: 8443
+ portName: dr-node-port
+ portName2: dr-node-port2
+
+# dr provisioning server configuration
+ dmaapDrProv:
+ name: dmaap-dr-prov
+ externalPort2: 8443
+ internalPort2: 8443
apiVersion: v1
description: ONAP DMaaP Data Router Provisioning Server
name: dmaap-dr-prov
-version: 1.0
+version: 4.0.0
--- /dev/null
+#
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+#
+
+dependencies:
+ - name: common
+ version: ~4.x-0
+ repository: '@local'
+ - name: mariadb-galera
+ alias: mariadb
+ version: ~4.x-0
+ repository: '@local'
\ No newline at end of file
--- /dev/null
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
+cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile
+cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
+cadi_keystore_password=AT{];bvaDiytVD&oWhMZj0N5
+cadi_key_password=AT{];bvaDiytVD&oWhMZj0N5
+cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org
+cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
+cadi_truststore_password=ljlS@Y}0]{UO(TnwvEWkgJ%]
+
+aaf_env=DEV
+aaf_locate_url=https://aaf-onap-test.osaaf.org:8095
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
+cadi_protocols=TLSv1.1,TLSv1.2
+cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1
+fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1
+gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1
+
+cadi_latitude=53.423
+cadi_longitude=7.940
+
+cadi_loglevel=INFO
\ No newline at end of file
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ - /opt/app/datartr/logs/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+ #If enable will do load balancing among available Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
\ No newline at end of file
--- /dev/null
+<!--
+ ============LICENSE_START=======================================================
+ Copyright (C) 2019 Nordix Foundation.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+ SPDX-License-Identifier: Apache-2.0
+ ============LICENSE_END=========================================================
+-->
+<configuration scan="true" scanPeriod="3 seconds" debug="true">
+
+ <property name="generalLogName" value="apicalls" />
+ <property name="errorLogName" value="errors" />
+ <property name="jettyLogName" value="jetty"/>
+
+ <property name="defaultPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|%msg%n" />
+ <property name="jettyLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%thread|%.-5level|%msg%n" />
+ <property name="debugLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|[%caller{3}]|%msg%n" />
+
+ <property name="logDirectory" value="/opt/app/datartr/logs" />
+
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+
+ <appender name="EELF"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${generalLogName}.log</file>
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${generalLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELF" />
+ </appender>
+
+ <appender name="EELFError"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${errorLogName}.log</file>
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>ERROR</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${errorLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFError"/>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <appender name="jettylog"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${jettyLogName}.log</file>
+ <filter class="org.onap.dmaap.datarouter.provisioning.eelf.JettyFilter" />
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${jettyLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${jettyLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFjettylog" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="jettylog" />
+ <includeCallerData>true</includeCallerData>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF loggers -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="info" additivity="false">
+ <appender-ref ref="asyncEELF" />
+ </logger>
+
+ <logger name="com.att.eelf.error" level="error" additivity="false">
+ <appender-ref ref="asyncEELFError" />
+ </logger>
+
+ <logger name="log4j.logger.org.eclipse.jetty" additivity="false" level="info">
+ <appender-ref ref="asyncEELFjettylog"/>
+ </logger>
+
+ <root level="INFO">
+ <appender-ref ref="asyncEELF" />
+ <appender-ref ref="asyncEELFError" />
+ <appender-ref ref="asyncEELFjettylog" />
+ </root>
+
+</configuration>
#Jetty Server properties
-org.onap.dmaap.datarouter.provserver.http.port = {{.Values.global.config.dmaapDrProv.externalPort}}
-org.onap.dmaap.datarouter.provserver.https.port = {{.Values.global.config.dmaapDrProv.externalPort2}}
+org.onap.dmaap.datarouter.provserver.http.port = {{.Values.config.dmaapDrProv.externalPort}}
+org.onap.dmaap.datarouter.provserver.https.port = {{.Values.config.dmaapDrProv.externalPort2}}
org.onap.dmaap.datarouter.provserver.https.relaxation = true
-org.onap.dmaap.datarouter.provserver.keymanager.password = Qgw77oaQcdP*F8Pwa[&.,.Ab
+org.onap.dmaap.datarouter.provserver.keymanager.password = AT{];bvaDiytVD&oWhMZj0N5
org.onap.dmaap.datarouter.provserver.keystore.type = jks
org.onap.dmaap.datarouter.provserver.keystore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
-org.onap.dmaap.datarouter.provserver.keystore.password = Qgw77oaQcdP*F8Pwa[&.,.Ab
+org.onap.dmaap.datarouter.provserver.keystore.password = AT{];bvaDiytVD&oWhMZj0N5
org.onap.dmaap.datarouter.provserver.truststore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
-org.onap.dmaap.datarouter.provserver.truststore.password = 9M?)?:KAj1z6gpLhNrVUG@0T
+org.onap.dmaap.datarouter.provserver.truststore.password = ljlS@Y}0]{UO(TnwvEWkgJ%]
org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs
org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool
org.onap.dmaap.datarouter.provserver.dbscripts = /opt/app/datartr/etc/misc
# Database access
org.onap.dmaap.datarouter.db.driver = org.mariadb.jdbc.Driver
-org.onap.dmaap.datarouter.db.url = jdbc:mariadb://{{.Values.global.config.mariadb.name}}:{{.Values.global.config.mariadb.externalPort}}/datarouter
+org.onap.dmaap.datarouter.db.url = jdbc:mariadb://{{.Values.config.dmaapDrDb.mariadbServiceName}}:{{.Values.config.dmaapDrDb.mariadbServicePort}}/datarouter
org.onap.dmaap.datarouter.db.login = datarouter
org.onap.dmaap.datarouter.db.password = datarouter
+
+# PROV - DEFAULT ENABLED TLS PROTOCOLS
+org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2
+
+# AAF config
+org.onap.dmaap.datarouter.provserver.cadi.enabled = false
+
+org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234#
+org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.feed
+org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub
+org.onap.dmaap.datarouter.provserver.aaf.instance = legacy
+org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish
+org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe
+
+# AAF URL to connect to AAF server
+org.onap.dmaap.datarouter.provserver.cadi.aaf.url = https://aaf-onap-test.osaaf.org:8095
+
--- /dev/null
+{
+ "feedName": "bulk_pm_feed",
+ "feedVersion": "m1.1",
+ "feedDescription": "Default feed provisioned for PM File collector",
+ "asprClassification" : "unclassified",
+ "owner": "onap",
+ "pubs": [
+ {
+ "dcaeLocationName" : "san-francisco",
+ "username": "dradmin",
+ "userpwd": "dradmin"
+ }
+
+ ],
+ "subs": [
+ {
+ "dcaeLocationName": "san-francisco",
+ "deliveryURL": "https://dcae-pm-mapper:8443/delivery",
+ "feedId": "1",
+ "owner": "dcae-pm-mapper",
+ "status": "VALID",
+ "subId": "1",
+ "suspended": false,
+ "use100": true,
+ "username": "pmmapper",
+ "userpwd": "pmmapper",
+ "decompressData": true,
+ "privilegedSubscriber": true
+ }
+ ]
+}
\ No newline at end of file
{{- range .Values.ingress.hosts }}
http://{{ . }}
{{- end }}
-{{- else if contains "NodePort" .Values.global.config.dmaapDrProv.servicetype }}
+{{- else if contains "NodePort" .Values.config.dmaapDrProv.servicetype }}
export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.global.config.dmaapDrProv.servicetype }}
+{{- else if contains "LoadBalancer" .Values.config.dmaapDrProv.servicetype }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{.Values.global.config.dmaapDrProv.externalPort}}
-{{- else if contains "ClusterIP" .Values.global.config.dmaapDrProv.servicetype }}
+ echo http://$SERVICE_IP:{{.Values.config.dmaapDrProv.externalPort}}
+{{- else if contains "ClusterIP" .Values.config.dmaapDrProv.servicetype }}
export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{.Values.global.config.dmaapDrProv.internalPort}}
+ kubectl port-forward $POD_NAME 8080:{{.Values.config.dmaapDrProv.internalPort}}
{{- end }}
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright © 2018 Amdocs,Bell Canada
+# Copyright © 2017 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-config
+ name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-dmaap
+ name: {{ include "common.fullname" . }}-log
namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/dmaap/*.json").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }}
---
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-dcaelocations
+ name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap
namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/dcaeLocations/*.json").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }}
---
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-mrclusters
+ name: {{ include "common.fullname" . }}-dbc-feeds
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/mr_clusters/*.json").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/feeds/*.json").AsConfig . | indent 2 }}
---
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-topics
+ name: {{ include "common.fullname" . }}-dbc-drpubs
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/topics/*.json").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/dr_pubs/*.json").AsConfig . | indent 2 }}
---
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-feeds
+ name: {{ include "common.fullname" . }}-dbc-drsubs
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/feeds/*.json").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/dr_subs/*.json").AsConfig . | indent 2 }}
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
- hostname: {{.Values.global.config.dmaapDrProv.name}}
+ hostname: {{.Values.config.dmaapDrProv.name}}
initContainers:
- command:
- /root/ready.py
args:
- --container-name
- - {{.Values.global.config.mariadb.name}}
+ - {{.Values.config.dmaapDrDb.mariadbContName}}
env:
- name: NAMESPACE
valueFrom:
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- - containerPort: {{.Values.global.config.dmaapDrProv.externalPort}}
- - containerPort: {{.Values.global.config.dmaapDrProv.externalPort2}}
+ - containerPort: {{.Values.config.dmaapDrProv.externalPort}}
+ - containerPort: {{.Values.config.dmaapDrProv.externalPort2}}
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- port: {{.Values.global.config.dmaapDrProv.externalPort}}
+ port: {{.Values.config.dmaapDrProv.externalPort}}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end -}}
readinessProbe:
tcpSocket:
- port: {{.Values.global.config.dmaapDrProv.externalPort}}
+ port: {{.Values.config.dmaapDrProv.externalPort}}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
name: localtime
readOnly: false
- mountPath: /opt/app/datartr/etc/provserver.properties
+ name: {{ include "common.fullname" . }}-config
subPath: provserver.properties
- name: prov-props
+ - mountPath: /opt/app/datartr/etc/drProvCadi.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: drProvCadi.properties
+ - mountPath: {{ .Values.global.loggingDirectory }}
+ name: {{ include "common.fullname" . }}-logs
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ # Filebeat sidecar container
+ - name: {{ include "common.fullname" . }}-filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ mountPath: /usr/share/filebeat/data
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /var/log/onap/datarouter-prov
volumes:
- name: localtime
hostPath:
path: /etc/localtime
- - name: prov-props
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ items:
+ - key: provserver.properties
+ path: provserver.properties
+ - key: drProvCadi.properties
+ path: drProvCadi.properties
+ - name: {{ include "common.fullname" . }}-log-conf
configMap:
- name: {{ include "common.fullname" . }}-prov-props-configmap
- - name: dr-prov-data
- {{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
+ name: {{ include "common.fullname" . }}-log
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-logs
emptyDir: {}
- {{- end }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-post-install
+ labels:
+ app.kubernetes.io/managed-by: {{.Release.Service | quote }}
+ app.kubernetes.io/instance: {{.Release.Name | quote }}
+ helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}"
+ annotations:
+ # This is what defines this resource as a hook. Without this line, the
+ # job is considered part of the release.
+ "helm.sh/hook": post-install
+ "helm.sh/hook-weight": "-3"
+ "helm.sh/hook-delete-policy": hook-succeeded
+spec:
+ template:
+ metadata:
+ name: {{ include "common.fullname" . }}
+ labels:
+ app.kubernetes.io/managed-by: {{.Release.Service | quote }}
+ app.kubernetes.io/instance: {{.Release.Name | quote }}
+ helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}"
+ spec:
+ restartPolicy: Never
+ containers:
+ - name: post-install-job
+ image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: DELAY
+ value: "30"
+ - name: PROTO
+ value: "http"
+ - name: PORT
+ value: "8080"
+ - name: REQUESTID
+ value: "{{.Chart.Name}}-post-install"
+
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+
+# NOTE: on the following several configMaps, careful to include / at end
+# since there may be more than one file in each mountPath
+# NOTE: the basename of the subdirectory is important - it matches the DBCL API URI
+ - name: {{ include "common.fullname" . }}-dbc-feeds
+ mountPath: /opt/app/config/feeds/
+ - name: {{ include "common.fullname" . }}-dbc-drpubs
+ mountPath: /opt/app/config/dr_pubs/
+ - name: {{ include "common.fullname" . }}-dbc-drsubs
+ mountPath: /opt/app/config/dr_subs/
+ resources:
+{{ include "common.resources" . | indent 10 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-dbc-feeds
+ configMap:
+ name: {{ include "common.fullname" . }}-dbc-feeds
+ - name: {{ include "common.fullname" . }}-dbc-drpubs
+ configMap:
+ name: {{ include "common.fullname" . }}-dbc-drpubs
+ - name: {{ include "common.fullname" . }}-dbc-drsubs
+ configMap:
+ name: {{ include "common.fullname" . }}-dbc-drsubs
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
apiVersion: v1
kind: Service
metadata:
- name: {{.Values.global.config.dmaapDrProv.name}}
+ name: {{.Values.config.dmaapDrProv.name}}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
msb.onap.org/service-info: '[
{
- "serviceName": "{{.Values.global.config.dmaapDrProv.name}}",
+ "serviceName": "{{.Values.config.dmaapDrProv.name}}",
"version": "v1",
"url": "/",
"protocol": "REST",
- "port": "{{.Values.global.config.dmaapDrProv.externalPort}}",
+ "port": "{{.Values.config.dmaapDrProv.externalPort}}",
"visualRange":"1"
}
]'
spec:
- type: {{.Values.global.config.dmaapDrProv.servicetype}}
+ type: {{.Values.config.dmaapDrProv.servicetype}}
ports:
- {{if eq .Values.global.config.dmaapDrProv.servicetype "NodePort" -}}
- - port: {{.Values.global.config.dmaapDrProv.externalPort}}
- targetPort: {{.Values.global.config.dmaapDrProv.internalPort}}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.global.config.dmaapDrProv.nodePort}}
- name: {{.Values.global.config.dmaapDrProv.name}}
- - port: {{.Values.global.config.dmaapDrProv.externalPort2}}
- targetPort: {{.Values.global.config.dmaapDrProv.internalPort2}}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.global.config.dmaapDrProv.nodePort2}}
- name: {{.Values.global.config.dmaapDrProv.name}}2
+ {{if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}}
+ - port: {{.Values.config.dmaapDrProv.externalPort}}
+ targetPort: {{.Values.config.dmaapDrProv.internalPort}}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrProv.nodePort}}
+ name: {{.Values.config.dmaapDrProv.name}}
+ - port: {{.Values.config.dmaapDrProv.externalPort2}}
+ targetPort: {{.Values.config.dmaapDrProv.internalPort2}}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrProv.nodePort2}}
+ name: {{.Values.config.dmaapDrProv.name}}2
{{- else -}}
- - port: {{.Values.global.config.dmaapDrProv.externalPort}}
- targetPort: {{.Values.global.config.dmaapDrProv.internalPort}}
- name: {{.Values.global.config.dmaapDrProv.name}}
- - port: {{.Values.global.config.dmaapDrProv.externalPort2}}
- targetPort: {{.Values.global.config.dmaapDrProv.internalPort2}}
- name: {{.Values.global.config.dmaapDrProv.name}}2
+ - port: {{.Values.config.dmaapDrProv.externalPort}}
+ targetPort: {{.Values.config.dmaapDrProv.internalPort}}
+ name: {{.Values.config.dmaapDrProv.name}}
+ - port: {{.Values.config.dmaapDrProv.externalPort2}}
+ targetPort: {{.Values.config.dmaapDrProv.internalPort2}}
+ name: {{.Values.config.dmaapDrProv.name}}2
{{- end}}
selector:
app: {{ include "common.name" . }}
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ loggingDirectory: /opt/app/datartr/logs
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/dmaap/datarouter-prov:2.0.2
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration - see parent values chart
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+
+## Persist data to a persitent volume
+persistence:
+ enabled: false
+
+ingress:
+ enabled: false
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2000m
+ memory: 4Gi
+ requests:
+ cpu: 500m
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4000m
+ memory: 8Gi
+ requests:
+ cpu: 1000m
+ memory: 2Gi
+ unlimited: {}
+
+config:
+ # dr provisioning server configuration
+ dmaapDrProv:
+ servicetype: NodePort
+ name: dmaap-dr-prov
+ externalPort: 8080
+ externalPort2: 8443
+ internalPort: 8080
+ internalPort2: 8443
+ portName: dr-prov-port
+ portName2: dr-prov-port2
+ nodePort: 59
+ nodePort2: 69
+ # dr-prov db configuration
+ dmaapDrDb:
+ mariadbServiceName: dmaap-dr-db-svc
+ mariadbServicePort: 3306
+ mariadbContName: dmaap-dr-db
+
+# mariadb-galera configuration
+mariadb:
+ name: dmaap-dr-db
+ nameOverride: dmaap-dr-db
+ replicaCount: 2
+ config:
+ mariadbRootPassword: datarouter
+ userName: datarouter
+ userPassword: datarouter
+ mysqlDatabase: datarouter
+ service:
+ name: dmaap-dr-db-svc
+ portName: dmaap-dr-db-svc
+ nfsprovisionerPrefix: dmaap-dr-db
+ persistence:
+ size: 1Gi
+ mountSubPath: data-router/dr-db-data
+ disableNfsProvisioner: true
\ No newline at end of file
apiVersion: v1
description: ONAP Message Router
name: message-router
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Message Router Kafka Service
name: message-router-kafka
-version: 3.0.0
+version: 4.0.0
spec:
selector:
matchLabels:
- app: {{ include "common.fullname" . }}
+ app: {{ include "common.name" . }}
maxUnavailable: 1
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
- type: {{ .Values.service.type }}
ports:
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
+ - port: {{ .Values.service.internalPort }}
name: {{ .Values.service.portName }}
clusterIP: None
selector:
--- /dev/null
+# Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- $root := . -}}
+{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ $root.Values.service.name }}-{{ $i }}
+ namespace: {{ $root.Release.Namespace }}
+ labels:
+ app: {{ $root.Values.service.name }}
+ chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }}
+ release: {{ $root.Release.Name }}
+ heritage: {{ $root.Release.Service }}
+
+spec:
+ type: {{ $root.Values.service.type }}
+ externalTrafficPolicy: Local
+ selector:
+ statefulset.kubernetes.io/pod-name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }}
+ ports:
+ - port: {{ $root.Values.service.externalPort }}
+ targetPort: {{ $root.Values.service.externalPort }}
+ nodePort: {{ $root.Values.service.baseNodePort | add $i }}
+ name: {{ $root.Values.service.name }}-{{ $i }}
+{{ end }}
release: {{ .Release.Name }}
spec:
podAntiAffinity:
+ {{if eq .Values.podAntiAffinityType "hard" -}}
+ requiredDuringSchedulingIgnoredDuringExecution:
+ {{- else -}}
preferredDuringSchedulingIgnoredDuringExecution:
+ {{- end}}
- weight: 1
podAffinityTerm:
labelSelector:
values:
- {{ include "common.name" . }}
topologyKey: "kubernetes.io/hostname"
+ {{- if .Values.nodeAffinity }}
+ nodeAffinity:
+ {{ toYaml .Values.nodeAffinity | indent 10 }}
+ {{- end }}
initContainers:
- name: {{ include "common.name" . }}-initcontainer
image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}"
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - sh
+ - -exc
+ - |
+ export KAFKA_BROKER_ID=${HOSTNAME##*-} && \
+ export ENDPOINT_PORT=$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )) && \
+ export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_SASL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_SASL_PLAINTEXT://:{{ .Values.service.internalPort }} && \
+ exec start-kafka.sh
resources:
{{ include "common.resources" . | indent 12 }}
ports:
- containerPort: {{ .Values.service.internalPort }}
+ - containerPort: {{ .Values.service.externalPort }}
{{ if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- - name: HOST_NAME
+ - name: HOST_IP
valueFrom:
fieldRef:
apiVersion: v1
- fieldPath: metadata.name
- - name: HOST_NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
+ fieldPath: status.hostIP
- name: KAFKA_ZOOKEEPER_CONNECT
value: "{{.Values.zookeeper.name}}:{{.Values.zookeeper.port}}"
- name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP
- value: "INTERNAL_PLAINTEXT:PLAINTEXT,EXTERNAL_PLAINTEXT:PLAINTEXT"
- - name: KAFKA_ADVERTISED_LISTENERS
- value: "INTERNAL_PLAINTEXT://$(HOST_NAME).{{ .Values.service.name }}.$(HOST_NAMESPACE).svc.cluster.local:{{ .Values.service.internalPort}}"
+ value: "INTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT,EXTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT"
- name: KAFKA_LISTENERS
- value: "INTERNAL_PLAINTEXT://0.0.0.0:{{.Values.service.internalPort}}"
+ value: "EXTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.externalPort }},INTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.internalPort }}"
- name: KAFKA_INTER_BROKER_LISTENER_NAME
- value: "INTERNAL_PLAINTEXT"
+ value: "INTERNAL_SASL_PLAINTEXT"
+ - name: KAFKA_SASL_ENABLED_MECHANISMS
+ value: "PLAIN"
+ - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL
+ value: "PLAIN"
+ - name: KAFKA_AUTHORIZER_CLASS_NAME
+ value: "{{ .Values.kafkaCustomAuthorizer }}"
+ - name: KAFKA_DELETE_TOPIC_ENABLE
+ value: "{{ .Values.deleteTopicEnable }}"
+ - name: aaf_locate_url
+ value: "https://aaf-locate:8095"
- name: KAFKA_LOG_DIRS
value: "kafka/logs"
- - name: BROKER_ID_COMMAND
- value: "hostname | awk -F '-' '{print $NF}'"
- name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR
value: "{{ .Values.replicaCount }}"
- name: KAFKA_DEFAULT_REPLICATION_FACTOR
name: docker-socket
- mountPath: /kafka
name: kafka-data
+ {{- if .Values.tolerations }}
+ tolerations:
+ {{ toYaml .Values.tolerations | indent 10 }}
+ {{- end }}
volumes:
- name: localtime
hostPath:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dmaap/kafka01101:0.0.1
+image: onap/dmaap/kafka111:0.0.5
pullPolicy: Always
ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
# default number of instances
replicaCount: 3
+#Kafka custom authorizer class name
+kafkaCustomAuthorizer: org.onap.dmaap.kafkaAuthorize.KafkaCustomAuthorizer
+deleteTopicEnable: true
+
+# To access Kafka outside cluster, this value must be set to hard and the number of nodes in K8S cluster must be equal or greater then replica count
+podAntiAffinityType: soft
+
# defult partitions
defaultpartitions: 3
-
nodeSelector: {}
+nodeAffinity: {}
+
affinity: {}
+tolerations: {}
+
+
+
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 60
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 60
periodSeconds: 10
## Persist data to a persitent volume
mountSubPath: message-router/data-kafka
service:
- type: ClusterIP
+ type: NodePort
name: message-router-kafka
portName: message-router-kafka
internalPort: 9092
- externalPort: 9092
+ externalPort: 9093
+ baseNodePort: 30490
+
+
ingress:
enabled: false
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP Message Router Kafka Service
+name: message-router-mirrormaker
+version: 4.0.0
+
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ serviceName: {{ .Values.service.name }}
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-initcontainer
+ image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ - command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - {{ .Values.messagerouter.container }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - sh
+ - -exc
+ - |
+ exec start-mirrormaker.sh
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ {{ if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ exec:
+ command:
+ - sh
+ - -c
+ - "touch /tmp/lprobe.txt"
+ - "rm /tmp/lprobe.txt"
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ exec:
+ command:
+ - sh
+ - -c
+ - "touch /tmp/rprobe.txt"
+ - "rm /tmp/rprobe.txt"
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ env:
+ - name: KAFKA_HEAP_OPTS
+ value: "{{ .Values.kafkaHeapOptions }}"
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /var/run/docker.sock
+ name: docker-socket
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: docker-socket
+ hostPath:
+ path: /var/run/docker.sock
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
readinessImage: readiness-check:2.0.0
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ persistence: {}
+ ubuntuInitRepository: registry.hub.docker.com
#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dmaap/datarouter-prov:1.0.3
+image: onap/dmaap/kafka111:0.0.5
pullPolicy: Always
+ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+
+zookeeper:
+ name: message-router-zookeeper
+ port: 2181
+
+messagerouter:
+ container: message-router
# flag to enable debugging - application support required
debugEnabled: false
-# application configuration - see parent values chart
-
# default number of instances
replicaCount: 1
+kafkaHeapOptions: -Xmx4G -Xms2G
nodeSelector: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 30
- periodSeconds: 10
+ initialDelaySeconds: 60
+ periodSeconds: 20
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 30
- periodSeconds: 10
+ initialDelaySeconds: 60
+ periodSeconds: 20
-## Persist data to a persitent volume
-persistence:
- enabled: false
+
+service:
+ type: NodePort
+ name: message-router-mirrormaker
+ portName: message-router-mirrormaker
+ internalPort: 9092
+
+
ingress:
enabled: false
# Resource Limit flavor -By Default using small
-flavor: small
+flavor: large
# Segregation for Different environment (Small and Large)
resources:
small:
cpu: 1000m
memory: 2Gi
unlimited: {}
+
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
apiVersion: v1
description: ONAP Dmaap Message Router Zookeeper Service
name: message-router-zookeeper
-version: 3.0.0
+version: 4.0.0
--- /dev/null
+{{/*
+# Copyright © 2019 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- /*
+ Calculate the maximum number of zk server down in order to guarantee ZK quorum.
+ For guaranteeing ZK quorum we need half of the server + 1 up.
+
+ div in go template cast return an int64
+ so we need to know if it is an even number or an odd.
+ For this we are doing (n/2)*2=n?
+ if true it is even else it is even
+*/ -}}
+{{- define "zk.maxUnavailable" -}}
+{{- $halfReplica := div .Values.replicaCount 2 -}}
+ {{/* divide by 2 and multiply by 2 in order to know if it is an even number*/}}
+ {{if eq (mul $halfReplica 2) (int .Values.replicaCount) }}
+ {{- toYaml (sub $halfReplica 1) -}}
+ {{else}}
+ {{- toYaml $halfReplica -}}
+ {{end}}
+{{- end -}}
spec:
selector:
matchLabels:
- app: {{ include "common.fullname" . }}
- maxUnavailable: 1
+ app: {{ include "common.name" . }}
+ maxUnavailable: {{ include "zk.maxUnavailable" . }}
values:
- {{ include "common.name" . }}
topologyKey: "kubernetes.io/hostname"
+ {{- if .Values.nodeAffinity }}
+ nodeAffinity:
+ {{ toYaml .Values.nodeAffinity | indent 10 }}
+ {{- end }}
initContainers:
- name: {{ include "common.name" . }}-seed-topics-apikeys
command:
readOnly: true
- mountPath: /var/lib/zookeeper/data
name: zookeeper-data
+ {{- if .Values.tolerations }}
+ tolerations:
+ {{ toYaml .Values.tolerations | indent 10 }}
+ {{- end }}
volumes:
- name: localtime
hostPath:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dmaap/zookeeper:1.0.0
+image: onap/dmaap/zookeeper:3.0.0
pullPolicy: Always
ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
nodeSelector: {}
+nodeAffinity: {}
+
affinity: {}
+tolerations: {}
+
# probe configuration parameters
liveness:
initialDelaySeconds: 10
requests:
cpu: 1000m
memory: 2Gi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
#AAF Properties
msgRtr.namespace.aaf=org.onap.dmaap.mr.topic
msgRtr.topicfactory.aaf=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic:
-enforced.topic.name.AAF=org.onap
+enforced.topic.name.AAF=org.onap.dmaap.mr
forceAAF=false
transidUEBtopicreqd=false
defaultNSforUEB=org.onap.dmaap.mr
##############################################################################
#Mirror Maker Agent
-msgRtr.mirrormakeradmin.aaf=com.onap.dmaap.mr.dev.mirrormaker|*|admin
-msgRtr.mirrormakeruser.aaf=com.onap.dmaap.mr.dev.mirrormaker|*|user
-msgRtr.mirrormakeruser.aaf.create=com.onap.dmaap.mr.dev.topicFactory|:com.onap.dmaap.mr.dev.topic:
+
+msgRtr.mirrormakeradmin.aaf=org.onap.dmaap.mr.mirrormaker|*|admin
+msgRtr.mirrormakeruser.aaf=org.onap.dmaap.mr.mirrormaker|*|user
+msgRtr.mirrormakeruser.aaf.create=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic:
msgRtr.mirrormaker.timeout=15000
-msgRtr.mirrormaker.topic=com.onap.dmaap.mr.prod.mm.agent
+msgRtr.mirrormaker.topic=org.onap.dmaap.mr.mirrormakeragent
msgRtr.mirrormaker.consumergroup=mmagentserver
msgRtr.mirrormaker.consumerid=1
-aaf_locate_url=https://aaf-onap-test.osaaf.org:8095
+aaf_locate_url=https://aaf-locate:8095
aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
aaf_env=DEV
aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm
cadi_loglevel=INFO
cadi_protocols=TLSv1.1,TLSv1.2
cadi_latitude=37.78187
-cadi_longitude=-122.26147
\ No newline at end of file
+cadi_longitude=-122.26147
--- /dev/null
+{
+ "dcaeLocationName": "san-francisco",
+ "fqdn": "message-router",
+ "topicProtocol": "http",
+ "topicPort": "3904"
+}
--- /dev/null
+{
+ "topicName": "PM_MAPPER",
+ "topicDescription": "The PM Mapper will be publishing perf3gpp VES events to this topic",
+ "owner": "pm-mapper",
+ "txenabled": false,
+ "clients": [{
+ "dcaeLocationName": "san-francisco",
+ "clientIdentity": "dcae@dcae.onap.org",
+ "action": [
+ "pub",
+ "view"
+ ]
+ }]
+}
--- /dev/null
+{
+ "topicName": "mirrormakeragent",
+ "topicDescription": "the topic used to provision the MM agent whitelist",
+ "replicationCase": "REPLICATION_NONE",
+ "owner": "dmaap",
+ "txenabled": false,
+ "partitionCount": "1",
+ "clients": [
+ {
+ "dcaeLocationName": "san-francisco",
+ "clientIdentity": "dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org",
+ "action": [
+ "pub",
+ "sub",
+ "view"
+ ]
+
+ },
+ {
+ "dcaeLocationName": "san-francisco",
+ "clientIdentity": "dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org",
+ "action": [
+ "pub",
+ "sub",
+ "view"
+ ]
+
+ },
+ {
+ "dcaeLocationName": "san-francisco",
+ "clientIdentity": "demo@people.osaaf.org",
+ "action": [
+ "pub",
+ "sub",
+ "view"
+ ]
+
+ }
+
+ ]
+}
+
--- /dev/null
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/dmaap/cadi.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-dbc-mrclusters
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/mr_clusters/*.json").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-dbc-topics
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/topics/*.json").AsConfig . | indent 2 }}
+
--- /dev/null
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-post-install
+ labels:
+ app.kubernetes.io/managed-by: {{.Release.Service | quote }}
+ app.kubernetes.io/instance: {{.Release.Name | quote }}
+ helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}"
+ annotations:
+ # This is what defines this resource as a hook. Without this line, the
+ # job is considered part of the release.
+ "helm.sh/hook": post-install
+ "helm.sh/hook-weight": "-4"
+ "helm.sh/hook-delete-policy": hook-succeeded
+spec:
+ template:
+ metadata:
+ name: {{ include "common.fullname" . }}
+ labels:
+ app.kubernetes.io/managed-by: {{.Release.Service | quote }}
+ app.kubernetes.io/instance: {{.Release.Name | quote }}
+ helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}"
+ spec:
+ restartPolicy: Never
+ containers:
+ - name: post-install-job
+ image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}"
+ imagePullPolicy: "Always"
+ env:
+ - name: DELAY
+ value: "30"
+ - name: PROTO
+ value: "http"
+ - name: PORT
+ value: "8080"
+ - name: REQUESTID
+ value: "{{.Chart.Name}}-post-install"
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+
+# NOTE: on the following several configMaps, careful to include / at end
+# since there may be more than one file in each mountPath
+# NOTE: the basename of the subdirectory of mountPath is important - it matches the DBCL API URI
+ - name: {{ include "common.fullname" . }}-dbc-mrclusters
+ mountPath: /opt/app/config/mr_clusters/
+ - name: {{ include "common.fullname" . }}-dbc-topics
+ mountPath: /opt/app/config/topics/
+ resources:
+{{ include "common.resources" . | indent 10 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-dbc-mrclusters
+ configMap:
+ name: {{ include "common.fullname" . }}-dbc-mrclusters
+ - name: {{ include "common.fullname" . }}-dbc-topics
+ configMap:
+ name: {{ include "common.fullname" . }}-dbc-topics
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: enableCadi
- value: "false"
+ value: "true"
volumeMounts:
- mountPath: /etc/localtime
name: localtime
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dmaap/dmaap-mr:1.1.9
+image: onap/dmaap/dmaap-mr:1.1.11
pullPolicy: Always
kafka:
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
+ - name: message-router
+ version: ~4.x-0
+ repository: 'file://components/message-router'
+ condition: message-router.enabled
+ - name: dmaap-bc
+ version: ~4.x-0
+ repository: 'file://components/dmaap-bc'
+ condition: dmaap-bc.enabled
+ - name: dmaap-dr-node
+ version: ~4.x-0
+ repository: 'file://components/dmaap-dr-node'
+ condition: dmaap-dr-node.enabled
+ - name: dmaap-dr-prov
+ version: ~4.x-0
+ repository: 'file://components/dmaap-dr-prov'
+ condition: dmaap-dr-prov.enabled
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 The Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ - /opt/app/datartr/logs/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+ #If enable will do load balancing among available Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
\ No newline at end of file
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
#
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 Nordix Foundation.
+# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
-# http://www.apache.org/licenses/LICENSE-2.0
+# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+#
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-settings
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/ci/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-secret
+ name: {{ .Release.Name }}-dmaap-filebeat-configmap
namespace: {{ include "common.namespace" . }}
-type: Opaque
data:
- admin_password: "Y2lhZG1pbnBhc3M="
+{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }}
readinessImage: readiness-check:2.0.0
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ clientImage: onap/dmaap/dbc-client:1.0.5
+# application configuration
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+
+message-router:
+ enabled: true
+dmaap-bc:
+ enabled: true
+dmaap-dr-node:
+ enabled: true
+dmaap-dr-prov:
+ enabled: true
apiVersion: v1
description: ONAP External System Register
name: esr
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP External System Register GUI
name: esr-gui
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP External System Register GUI
name: esr-server
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
--set-string stringArray set STRING values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)
-f, --values valueFiles specify values in a YAML file or a URL(can specify multiple) (default [])
--verbose enables full helm install/upgrade output during deploy
+ --set-last-applied set the last-applied-configuration annotation on all objects.This annotation is required to restore services using Ark/Veloro backup restore.
EOF
}
fi
done
}
-
resolve_deploy_flags() {
flags=($1)
n=${#flags[*]}
if [[ $PARAM == "-f" || \
$PARAM == "--values" || \
$PARAM == "--set" || \
- $PARAM == "--set-string" ]]; then
+ $PARAM == "--set-string" || \
+ $PARAM == "--version" ]]; then
# skip param and its value
i=$((i + 1))
else
FLAGS="$(echo $FLAGS| sed -n 's/--verbose//p')"
VERBOSE="true"
fi
+ # determine if set-last-applied flag is enabled
+ SET_LAST_APPLIED="false"
+ if [[ $FLAGS = *"--set-last-applied"* ]]; then
+ FLAGS="$(echo $FLAGS| sed -n 's/--set-last-applied//p')"
+ SET_LAST_APPLIED="true"
+ fi
if [[ $FLAGS = *"--dry-run"* ]]; then
VERBOSE="true"
FLAGS="$FLAGS --debug"
# should pass all flags instead
NAMESPACE="$(echo $FLAGS | sed -n 's/.*\(namespace\).\s*/\1/p' | cut -c10- | cut -d' ' -f1)"
+ VERSION="$(echo $FLAGS | sed -n 's/.*\(version\).\s*/\1/p' | cut -c8- | cut -d' ' -f1)"
+
+ if [ ! -z $VERSION ]; then
+ VERSION="--version $VERSION"
+ fi
+
# Remove all override values passed in as arguments. These will be used during dry run
# to resolve computed override values. Remaining flags will be passed on during
# actual upgrade/install of parent and subcharts.
DEPLOY_FLAGS=$(resolve_deploy_flags "$FLAGS")
- # determine if upgrading individual subchart or entire parent + subcharts
+ # determine if upgrading individual subchart or entire parent + subcharts
SUBCHART_RELEASE="$(cut -d'-' -f2 <<<"$RELEASE")"
if [[ ! -d "$CACHE_SUBCHART_DIR/$SUBCHART_RELEASE" ]]; then
SUBCHART_RELEASE=
rm -rf $CHART_DIR/charts/*.tgz
else
echo "fetching $CHART_URL"
- helm fetch $CHART_URL --untar --untardir $CACHE_DIR
+ helm fetch $CHART_URL --untar --untardir $CACHE_DIR $VERSION
fi
# move out subcharts to process separately
else
echo "release \"$RELEASE\" deployed"
fi
+ # Add annotation last-applied-configuration if set-last-applied flag is set
+ if [[ $SET_LAST_APPLIED == "true" ]]; then
+ helm get manifest ${RELEASE} \
+ | kubectl apply set-last-applied --create-annotation -n onap -f - \
+ > $LOG_FILE.log 2>&1
+ fi
fi
# upgrade/install each "enabled" subchart
else
echo "release \"${RELEASE}-${subchart}\" deployed"
fi
+ # Add annotation last-applied-configuration if set-last-applied flag is set
+ if [[ $SET_LAST_APPLIED == "true" ]]; then
+ helm get manifest "${RELEASE}-${subchart}" \
+ | kubectl apply set-last-applied --create-annotation -n onap -f - \
+ > $LOG_FILE.log 2>&1
+ fi
fi
else
array=($(helm ls -q | grep "${RELEASE}-${subchart}"))
;;
esac
-exit 0
\ No newline at end of file
+exit 0
apiVersion: v1
description: <Short application description - this is visible via 'helm search'>
name: <onap-app>
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
apiVersion: v1
description: ONAP Logging ElasticStack
name: log
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Logging Elasticsearch
name: log-elasticsearch
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP Logging Kibana
name: log-kibana
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP Logging Logstash
name: log-logstash
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP MicroServices Bus
name: msb
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP MicroServices Bus Kube2MSB Registrator
name: kube2msb
-version: 3.0.0
+version: 4.0.0
# limitations under the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP MicroServices Bus Consul
name: msb-consul
-version: 3.0.0
+version: 4.0.0
# limitations under the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
#################################################################
# application image
dockerHubRepository: registry.hub.docker.com
-image: library/consul:0.9.3
+image: library/consul:1.4.3
pullPolicy: Always
istioSidecar: true
requests:
cpu: 20m
memory: 100Mi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
apiVersion: v1
description: ONAP MicroServices Bus Discovery
name: msb-discovery
-version: 3.0.0
+version: 4.0.0
# limitations under the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/msb/msb_discovery:1.2.1
+image: onap/msb/msb_discovery:1.2.3-STAGING-latest
pullPolicy: Always
istioSidecar: true
requests:
cpu: 400m
memory: 400Mi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
apiVersion: v1
description: ONAP MicroServices Bus Internal API Gateway
name: msb-eag
-version: 3.0.0
+version: 4.0.0
# limitations under the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/msb/msb_apigateway:1.2.1
+image: onap/msb/msb_apigateway:1.2.4-STAGING-latest
pullPolicy: Always
istioSidecar: true
requests:
cpu: 200m
memory: 400Mi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
apiVersion: v1
description: ONAP MicroServices Bus Internal API Gateway
name: msb-iag
-version: 3.0.0
+version: 4.0.0
# limitations under the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/msb/msb_apigateway:1.2.1
+image: onap/msb/msb_apigateway:1.2.4-STAGING-latest
pullPolicy: Always
istioSidecar: true
requests:
cpu: 100m
memory: 400Mi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
# limitations under the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP multicloud broker
name: multicloud
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP multicloud Azure plugin
name: multicloud-azure
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP multicloud OpenStack Ocata Plugin
name: multicloud-ocata
-version: 3.0.0
+version: 4.0.0
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/multicloud/openstack-ocata:1.2.2
+image: onap/multicloud/openstack-ocata:1.3.0-SNAPSHOT
pullPolicy: Always
#Istio sidecar injection policy
apiVersion: v1
description: ONAP multicloud OpenStack Pike Plugin
name: multicloud-pike
-version: 3.0.0
+version: 4.0.0
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/multicloud/openstack-pike:1.2.2
+image: onap/multicloud/openstack-pike:1.3.0-SNAPSHOT
pullPolicy: Always
#Istio sidecar injection policy
apiVersion: v1
description: ONAP Multicloud Prometheus
name: multicloud-prometheus
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Multicloud Prometheus Alert Manager
name: prometheus-alertmanager
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Multicloud Grafana for Prometheus
name: prometheus-grafana
-version: 3.0.0
+version: 4.0.0
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright (c) 2019 Intel Corporation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
apiVersion: v1
-description: holds all customers files in repos
-name: vvp-gitlab
+description: ONAP multicloud OpenStack Starlingx Plugin
+name: multicloud-starlingx
version: 3.0.0
--- /dev/null
+# Copyright (c) 2019 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+version: 1
+disable_existing_loggers: False
+
+loggers:
+ starlingx:
+ handlers: [starlingx_handler]
+ level: "DEBUG"
+ propagate: False
+ newton_base:
+ handlers: [starlingx_handler]
+ level: "DEBUG"
+ propagate: False
+ common:
+ handlers: [starlingx_handler]
+ level: "DEBUG"
+ propagate: False
+
+handlers:
+ starlingx_handler:
+ level: "DEBUG"
+ class: "logging.handlers.RotatingFileHandler"
+ filename: "/var/log/onap/multicloud/openstack/starlingx/starlingx.log"
+ formatter: "mdcFormat"
+ maxBytes: 1024*1024*50
+ backupCount: 10
+
+formatters:
+ standard:
+ format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s"
+ mdcFormat:
+ format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t"
+ mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}"
+ datefmt: "%Y-%m-%d %H:%M:%S"
+ (): onaplogging.mdcformatter.MDCFormatter
--- /dev/null
+# Copyright (c) 2019 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
--- /dev/null
+{{/*
+# Copyright (c) 2019 Intel Corporation.
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }}
--- /dev/null
+{{/*
+# Copyright (c) 2019 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ annotations:
+ sidecar.istio.io/inject: "{{.Values.istioSidecar}}"
+ spec:
+ containers:
+ - env:
+ - name: MSB_ADDR
+ value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}"
+ - name: MSB_PORT
+ value: "{{ .Values.config.msbPort }}"
+ - name: AAI_ADDR
+ value: aai.{{ include "common.namespace" . }}
+ - name: AAI_PORT
+ value: "{{ .Values.config.aai.port }}"
+ - name: AAI_SCHEMA_VERSION
+ value: "{{ .Values.config.aai.schemaVersion }}"
+ - name: AAI_USERNAME
+ value: "{{ .Values.config.aai.username }}"
+ - name: AAI_PASSWORD
+ value: "{{ .Values.config.aai.password }}"
+ name: {{ include "common.name" . }}
+ volumeMounts:
+ - mountPath: /var/log/onap
+ name: starlingx-log
+ - mountPath: /opt/starlingx/starlingx/pub/config/log.yml
+ name: starlingx-logconfig
+ subPath: log.yml
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ httpGet:
+ path: /api/multicloud-starlingx/v0/swagger.json
+ port: {{ .Values.service.internalPort }}
+ scheme: HTTP
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
+ {{ end }}
+ # side car containers
+ - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: filebeat-onap
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ name: filebeat-conf
+ subPath: filebeat.yml
+ - mountPath: /var/log/onap
+ name: starlingx-log
+ - mountPath: /usr/share/filebeat/data
+ name: starlingx-data-filebeat
+
+ volumes:
+ - name: starlingx-log
+ emptyDir: {}
+ - name: starlingx-data-filebeat
+ emptyDir: {}
+ - name: filebeat-conf
+ configMap:
+ name: multicloud-filebeat-configmap
+ - name: starlingx-logconfig
+ configMap:
+ name: {{ include "common.fullname" . }}-log-configmap
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ restartPolicy: Always
--- /dev/null
+{{/*
+# Copyright (c) 2019 Intel Corporation.
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+ msb.onap.org/service-info: '[
+ {
+ "serviceName": "multicloud-starlingx",
+ "version": "v0",
+ "url": "/api/multicloud-starlingx/v0",
+ "protocol": "REST",
+ "port": "{{ .Values.service.externalPort }}",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "multicloud-starlingx",
+ "version": "v1",
+ "url": "/api/multicloud-starlingx/v1",
+ "protocol": "REST",
+ "port": "{{ .Values.service.externalPort }}",
+ "visualRange": "1"
+ }
+ ]'
+spec:
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ type: {{ .Values.service.type }}
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright (c) 2019 Intel Corporation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# Global configuration defaults.
#################################################################
global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
+ nodePortPrefixExt: 304
#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/vvp/gitlab:1.0.0
+image: onap/multicloud/openstack-starlingx:1.3.0-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
+#Istio sidecar injection policy
+istioSidecar: false
+# application configuration
+config:
+ msbgateway: msb-iag
+ msbPort: 80
+ aai:
+ port: 8443
+ schemaVersion: v13
+ username: AAI
+ password: AAI
+
+# default number of instances
replicaCount: 1
nodeSelector: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
+ timeoutSeconds: 10
+ successThreshold: 1
+ failureThreshold: 5
enabled: true
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
service:
type: NodePort
- internalPort1: 80
- internalPort2: 22
- portName1: web
- portName2: ssh
+ name: multicloud-starlingx
+ portName: multicloud-starlingx
+ externalPort: 9009
+ internalPort: 9009
+ nodePort: 85
ingress:
enabled: false
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 1
+ memory: 4Gi
+ requests:
+ cpu: 10m
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 2
+ memory: 8Gi
+ requests:
+ cpu: 20m
+ memory: 2Gi
+ unlimited: {}
apiVersion: v1
description: ONAP multicloud VIO plugin
name: multicloud-vio
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP multicloud OpenStack WindRiver Plugin
name: multicloud-windriver
-version: 3.0.0
+version: 4.0.0
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/multicloud/openstack-windriver:1.2.2
+image: onap/multicloud/openstack-windriver:1.3.0-SNAPSHOT
pullPolicy: Always
#Istio sidecar injection policy
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
"extra_info_hint": "",
"provider_plugin": "multicloud-pike"
},
+ "starlingx": {
+ "version": "starlingx",
+ "extra_info_hint": "",
+ "provider_plugin": "multicloud-starlingx"
+ },
"ocata": {
"version": "ocata",
"extra_info_hint": "",
apiVersion: v1
description: ONAP Northbound Interface
name: nbi
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP NBI MariaDB Service
name: mariadb
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: mongo
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: SO_HEADER_AUTHORIZATION
value: {{ .Values.so_authorization }}
{{- end }}
+ - name: DMAAP_HOST
+ value: "http://message-router.{{ include "common.namespace" . }}:3904"
- name: LOGGING_LEVEL_ORG_ONAP_NBI
value: {{ .Values.config.loglevel }}
- name: MSB_ENABLED
# application image
repository: nexus3.onap.org:10001
-image: onap/externalapi/nbi:3.0.1
+image: onap/externalapi/nbi:3.0.2
pullPolicy: Always
sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU=
aai_authorization: Basic QUFJOkFBSQ==
# probe configuration parameters
liveness:
httpGet:
- path: /nbi/api/v3/status
+ path: /nbi/api/v4/status
port: 8080
initialDelaySeconds: 180
periodSeconds: 30
readiness:
httpGet:
- path: /nbi/api/v3/status
+ path: /nbi/api/v4/status
port: 8080
initialDelaySeconds: 185
periodSeconds: 30
apiVersion: v1
name: onap
-version: 3.0.0
-appVersion: Casablanca
+version: 4.0.0
+appVersion: Dublin
description: Open Network Automation Platform (ONAP)
home: https://www.onap.org/
sources:
- https://gerrit.onap.org/r/#/admin/projects/
-icon: https://wiki.onap.org/download/thumbnails/1015829/onap_704x271%20copy.png?version=1&modificationDate=1488326334000&api=v2
-tillerVersion: "~2.9.1"
+icon: https://wiki.onap.org/download/thumbnails/1015829/onap_704x271%20copy.png?version=1&modificationDate=1488326334000&api=v2
\ No newline at end of file
# > helm repo add local http://127.0.0.1:8879
dependencies:
- name: aaf
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: aaf.enabled
- name: aai
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: aai.enabled
- name: appc
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: appc.enabled
+ - name: cassandra
+ version: ~4.x-0
+ repository: '@local'
+ condition: cassandra.enabled
- name: clamp
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: clamp.enabled
- name: cli
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: cli.enabled
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: consul
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: consul.enabled
- name: contrib
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: contrib.enabled
- name: dcaegen2
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: dcaegen2.enabled
- name: dmaap
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: dmaap.enabled
- name: esr
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: esr.enabled
- name: log
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: log.enabled
- name: sniro-emulator
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: sniro-emulator.enabled
+ - name: mariadb-galera
+ version: ~4.x-0
+ repository: '@local'
+ condition: mariadb-galera.enabled
- name: msb
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: msb.enabled
- name: multicloud
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: multicloud.enabled
- name: nbi
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: nbi.enabled
- name: pnda
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: pnda.enabled
- name: policy
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: policy.enabled
- name: pomba
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: pomba.enabled
- name: portal
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: portal.enabled
- name: oof
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: oof.enabled
- name: robot
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: robot.enabled
- name: sdc
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: sdc.enabled
- name: sdnc
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: sdnc.enabled
- name: so
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: so.enabled
- name: uui
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: uui.enabled
- name: vfc
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: vfc.enabled
- name: vid
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: vid.enabled
- name: vnfsdk
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: vnfsdk.enabled
- - name: vvp
- version: ~3.0.0
- repository: '@local'
- condition: vvp.enabled
replicaCount: 1
appc:
enabled: false
+cassandra:
+ enabled: false
+ replicaCount: 1
clamp:
enabled: false
cli:
enabled: false
oof:
enabled: false
+mariadb-galera:
+ enabled: false
msb:
enabled: false
multicloud:
enabled: false
appc:
enabled: false
+cassandra:
+ enabled: false
clamp:
enabled: false
cli:
enabled: false
sniro-emulator:
enabled: false
+mariadb-galera:
+ enabled: false
msb:
enabled: false
multicloud:
enabled: false
vnfsdk:
enabled: false
-vvp:
- enabled: false
enabled: false
appc:
enabled: false
+cassandra:
+ enabled: false
+ replicaCount: 1
clamp:
enabled: false
cli:
enabled: false
log:
enabled: false
+mariadb-galera:
+ enabled: true
msb:
enabled: false
multicloud:
enabled: false
vnfsdk:
enabled: false
-vvp:
- enabled: false
initialDelaySeconds: 120
readiness:
initialDelaySeconds: 120
+cassandra:
+ liveness:
+ initialDelaySeconds: 120
+ readiness:
+ initialDelaySeconds: 120
clamp:
liveness:
initialDelaySeconds: 60
initialDelaySeconds: 120
readiness:
initialDelaySeconds: 120
+mariadb-galera:
+ mariadb-galera-server:
+ liveness:
+ initialDelaySeconds: 120
+ readiness:
+ initialDelaySeconds: 120
+
--- /dev/null
+# Copyright © 2019 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+###################################################################
+# This override file enables helm charts for all ONAP applications.
+###################################################################
+aaf:
+ enabled: true
+aai:
+ enabled: true
+appc:
+ enabled: true
+cassandra:
+ enabled: true
+clamp:
+ enabled: true
+cli:
+ enabled: true
+consul:
+ enabled: true
+contrib:
+ enabled: true
+dcaegen2:
+ enabled: true
+dmaap:
+ enabled: true
+esr:
+ enabled: true
+log:
+ enabled: true
+sniro-emulator:
+ enabled: true
+oof:
+ enabled: true
+msb:
+ enabled: true
+multicloud:
+ enabled: true
+nbi:
+ enabled: true
+policy:
+ enabled: true
+pomba:
+ enabled: true
+portal:
+ enabled: true
+robot:
+ enabled: true
+sdc:
+ enabled: true
+sdnc:
+ enabled: true
+so:
+ enabled: true
+uui:
+ enabled: true
+vfc:
+ enabled: true
+vid:
+ enabled: true
+vnfsdk:
+ enabled: true
# to customize the ONAP deployment.
#################################################################
aaf:
- enabled: true
+ enabled: false
aai:
- enabled: true
+ enabled: false
appc:
- enabled: true
+ enabled: false
config:
openStackType: OpenStackProvider
openStackName: OpenStack
openStackDomain: default
openStackUserName: admin
openStackEncryptedPassword: admin
+cassandra:
+ enabled: false
clamp:
- enabled: true
+ enabled: false
cli:
- enabled: true
+ enabled: false
consul:
- enabled: true
+ enabled: false
contrib:
- enabled: true
+ enabled: false
dcaegen2:
- enabled: true
+ enabled: false
pnda:
enabled: false
dmaap:
- enabled: true
+ enabled: false
esr:
- enabled: true
+ enabled: false
log:
- enabled: true
+ enabled: false
sniro-emulator:
- enabled: true
+ enabled: false
oof:
- enabled: true
+ enabled: false
+mariadb-galera:
+ enabled: false
msb:
- enabled: true
+ enabled: false
multicloud:
- enabled: true
+ enabled: false
nbi:
- enabled: true
+ enabled: false
config:
# openstack configuration
openStackRegion: "Yolo"
openStackVNFTenantId: "1234"
policy:
- enabled: true
+ enabled: false
pomba:
- enabled: true
+ enabled: false
portal:
- enabled: true
+ enabled: false
robot:
- enabled: true
+ enabled: false
config:
# openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment
openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
sdc:
- enabled: true
+ enabled: false
sdnc:
- enabled: true
+ enabled: false
replicaCount: 1
mysql:
replicaCount: 1
so:
- enabled: true
+ enabled: false
replicaCount: 1
liveness:
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
- enabled: true
+ enabled: false
# so server configuration
config:
config:
mariadbRootPassword: password
uui:
- enabled: true
+ enabled: false
vfc:
- enabled: true
+ enabled: false
vid:
- enabled: true
+ enabled: false
vnfsdk:
- enabled: true
-vvp:
enabled: false
apiVersion: v1
description: ONAP Optimization Framework
name: oof
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Chart for Change Management Service Orchestrator (CMSO)
name: oof-cmso
-version: 3.0.0
+version: 4.0.0
--- /dev/null
+# Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Chart for Change Management Service Orchestrator (CMSO) Optimizer
+name: oof-cmso-optimizer
+version: 4.0.0
--- /dev/null
+#-------------------------------------------------------------------------------
+# ============LICENSE_START==============================================
+# Copyright (c) 2019 AT&T Intellectual Property.
+# =======================================================================
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain a
+# copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+# or implied. See the License for the specific language governing
+# permissions and limitations under the License.
+# ============LICENSE_END=================================================
+#
+#-------------------------------------------------------------------------------
+cadi_loglevel=DEBUG
+cadi_prop_files=src/main/resources/aaf/org.onap.oof.props
+
--- /dev/null
+###
+# Copyright (c) 2019 AT&T Intellectual Property.
+# Modifications Copyright (c) 2018 IBM.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#
+# Unless otherwise specified, all documentation contained herein is licensed
+# under the Creative Commons License, Attribution 4.0 Intl. (the ââ?¬Å"Licenseââ?¬);
+# you may not use this documentation except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# https://creativecommons.org/licenses/by/4.0/
+#
+# Unless required by applicable law or agreed to in writing, documentation
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+###
+spring.datasource.jdbcUrl=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA}?createDatabaseIfNotExist=true
+spring.datasource.driver-class-name=org.mariadb.jdbc.Driver
+spring.datasource.username=${DB_USERNAME}
+spring.datasource.password=${DB_PASSWORD}
+
+spring.datasource.initialize=false
+spring.datasource.tomcat.max-wait=10000
+spring.datasource.tomcat.initialSize=5
+spring.datasource.tomcat.max-active=25
+spring.datasource.tomcat.test-on-borrow=true
+
+
+changeLogFile=optimizer-liquibase-changeLog.xml
--- /dev/null
+<?xml version = "1.0" encoding = "UTF-8" ?>
+<!--
+# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+-->
+<included>
+ <jmxConfigurator />
+ <!-- Example evaluator filter applied against console appender -->
+<property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/>
+ <property name="p_lvl" value="%level"/>
+ <property name="p_log" value="%logger"/>
+ <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/>
+ <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_thr" value="%thread"/>
+ <property name="defaultPattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/>
+ <property name="debugPattern" value="%nopexception${p_tim}|${p_lvl}|${p_mdc}|${p_exc}|%msg%n"/>
+
+ <!-- Example evaluator filter applied against console appender -->
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ <encoder>
+ <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="ERROR"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ <file>${logDirectory}/error2.log</file>
+ <append>true</append>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+ <fileNamePattern>${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern>
+ <maxFileSize>50MB</maxFileSize>
+ <maxHistory>30</maxHistory>
+ <totalSizeCap>10GB</totalSizeCap>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>10MB</maxFileSize>
+ </triggeringPolicy>
+ </appender>
+
+ <appender name="DEBUG"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/debug.log</file>
+ <append>true</append>
+ <encoder>
+ <pattern>${debugPattern}</pattern>
+ </encoder>
+ <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+ <fileNamePattern>${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern>
+ <maxFileSize>50MB</maxFileSize>
+ <maxHistory>30</maxHistory>
+ <totalSizeCap>10GB</totalSizeCap>
+ </rollingPolicy>
+ </appender>
+
+
+ <appender name="AUDIT"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/audit.log</file>
+ <append>true</append>
+ <encoder>
+ <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n
+ </pattern>
+ </encoder>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>10</maxIndex>
+ <FileNamePattern>${logDirectory}/audit.%i.log.zip
+ </FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>10MB</maxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="asyncEELFAudit"
+ class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="AUDIT" />
+ </appender>
+
+ <appender name="METRIC"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/metric.log</file>
+ <append>true</append>
+ <encoder>
+ <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|
+ %msg%n</pattern>
+ </encoder>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>10</maxIndex>
+ <FileNamePattern>${logDirectory}/metric.%i.log.zip
+ </FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>10MB</maxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="asyncEELFMetrics"
+ class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="METRIC" />
+ </appender>
+
+ <!-- SECURITY related loggers -->
+ <appender name="SECURITY"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/security.log</file>
+ <append>true</append>
+ <encoder>
+ <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n
+ </pattern>
+ </encoder>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>10</maxIndex>
+ <FileNamePattern>${logDirectory}/security.%i.log.zip
+ </FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>10MB</maxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="asyncEELFSecurity"
+ class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="SECURITY" />
+ </appender>
+ <!-- AAF related loggers -->
+ <logger name="org.onap.aaf" level="INFO" additivity="true">
+ <appender-ref ref="DEBUG" />
+ </logger>
+ <logger name="org.apache.catalina.core" level="INFO"
+ additivity="true">
+ <appender-ref ref="DEBUG" />
+ </logger>
+ <logger name="org.onap.cmso" level="INFO"
+ additivity="true">
+ <appender-ref ref="ERROR" />
+ </logger>
+
+ <!-- CLDS related loggers -->
+ <logger name="com.att.eelf.error" level="OFF" additivity="true">
+ <appender-ref ref="ERROR" />
+ </logger>
+ <!-- EELF related loggers -->
+ <logger name="com.att.eelf.audit" level="INFO"
+ additivity="false">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+ <logger name="com.att.eelf.metrics" level="DEBUG"
+ additivity="false">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+ <logger name="com.att.eelf.security" level="DEBUG"
+ additivity="false">
+ <appender-ref ref="asyncEELFSecurity" />
+ </logger>
+
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="DEBUG" />
+
+ <!-- Other Loggers that may help troubleshoot -->
+ <logger name="org.apache" level="DEBUG" />
+
+ <!-- logback internals logging -->
+ <logger name="ch.qos.logback.classic" level="INFO" />
+ <logger name="ch.qos.logback.core" level="INFO" />
+
+ <!-- logback jms appenders & loggers definition starts here -->
+ <appender name="auditLogs"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ </filter>
+ <file>${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
+ </encoder>
+ </appender>
+ <appender name="perfLogs"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ </filter>
+ <file>${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
+ </encoder>
+ </appender>
+ <logger name="AuditRecord" level="INFO" additivity="FALSE">
+ <appender-ref ref="auditLogs" />
+ </logger>
+ <logger name="AuditRecord_DirectCall" level="INFO"
+ additivity="FALSE">
+ <appender-ref ref="auditLogs" />
+ </logger>
+ <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE">
+ <appender-ref ref="perfLogs" />
+ </logger>
+ <!-- logback jms appenders & loggers definition ends here -->
+
+ <root level="DEBUG">
+ <appender-ref ref="DEBUG" />
+ <appender-ref ref="STDOUT" />
+ </root>
+</included>
+
--- /dev/null
+#-------------------------------------------------------------------------------
+# ============LICENSE_START==============================================
+# Copyright (c) 2019 AT&T Intellectual Property.
+# =======================================================================
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain a
+# copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+# or implied. See the License for the specific language governing
+# permissions and limitations under the License.
+# ============LICENSE_END=================================================
+#
+#-------------------------------------------------------------------------------
+spring.datasource.url=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA}
+spring.datasource.driver-class-name=org.mariadb.jdbc.Driver
+spring.datasource.username=${DB_USERNAME}
+spring.datasource.password=${DB_PASSWORD}
+cmso.database.password=${DB_PASSWORD}
+
+spring.datasource.initialize=false
+spring.datasource.tomcat.max-wait=10000
+spring.datasource.tomcat.initialSize=5
+spring.datasource.tomcat.max-active=25
+spring.datasource.tomcat.test-on-borrow=true
+
+spring.jpa.show-sql=false
+spring.jpa.hibernate.ddl-auto=none
+spring.jpa.hibernate.naming.strategy=org.hibernate.cfg.EJB3NamingStrategy
+spring.jpa.database-platform=org.hibernate.dialect.MySQL5InnoDBDialect
+spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
+spring.jpa.hibernate.id.new_generator_mappings=false
+hibernate.id.new_generator_mappings=false
+
+logging.level.org.hibernate.SQL=WARN
+logging.level.org.hibernate=WARN
+#-------------------------------------------------------------------------------
+
+
+cmso.topology.create.request.url=http://${TOPOLOGY_HOST}:${TOPOLOGY_PORT}/topology/v1/current
+cmso.ticket.create.request.url=http://${TICKETMGT_HOST}:${TICKETMGT_PORT}/ticketmgt/v1/activetickets
+cmso.local.policy.folder=data/policies
+
+cmso.minizinc.command.exe=/mz-dist/bin/minizinc
+cmso.minizinc.command.solver=OSICBC
+cmso.minizinc.command.timelimit=60000
+cmso.minizinc.command.mzn=scripts/minizinc/generic_attributes.mzn
+
+mechid.user=oof@oof.onap.org
+mechid.pass=changeit
--- /dev/null
+# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
--- /dev/null
+# Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
--- /dev/null
+# Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - {{ .Values.mariadb.nameOverride }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ - name: db-init
+ image: "{{ include "common.repository" . }}/{{ .Values.dbinit.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: DB_HOST
+ value: {{ .Values.config.db_host }}.{{.Release.Namespace}}
+ - name: DB_PORT
+ value: {{ .Values.config.db_port | quote}}
+ - name: DB_USERNAME
+ value: {{ .Values.config.db_root }}
+ - name: DB_SCHEMA
+ value: {{ .Values.config.mysqlDatabase }}
+ - name: DB_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-cmso-db
+ key: db-root-password
+ terminationMessagePolicy: File
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-config
+ mountPath: /share/etc/config
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /share/logs
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: TOPOLOGY_HOST
+ value: {{ .Values.config.topology_host }}.{{.Release.Namespace}}
+ - name: TOPOLOGY_PORT
+ value: {{ .Values.config.topology_port | quote}}
+ - name: TICKETMGT_HOST
+ value: {{ .Values.config.ticketmgt_host }}.{{.Release.Namespace}}
+ - name: TICKETMGT_PORT
+ value: {{ .Values.config.ticketmgt_port | quote}}
+ - name: DB_HOST
+ value: {{ .Values.config.db_host }}.{{.Release.Namespace}}
+ - name: DB_PORT
+ value: {{ .Values.config.db_port | quote}}
+ - name: DB_USERNAME
+ value: {{ .Values.config.db_root }}
+ - name: DB_SCHEMA
+ value: {{ .Values.config.mysqlDatabase }}
+ - name: DB_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-cmso-db
+ key: db-root-password
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /share/logs
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /share/debug-logs
+ - name: {{ include "common.fullname" . }}-config
+ mountPath: /share/etc/config
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}
+ items:
+ - key: logback.xml
+ path: logback.xml
+ - key: cadi.properties
+ path: cadi.properties
+ - key: optimizer.properties
+ path: optimizer.properties
+ - key: liquibase.properties
+ path: liquibase.properties
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright © 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
spec:
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
{{- end}}
- name: {{ .Values.service.portName | default "http" }}
selector:
app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
--- /dev/null
+# Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global: # global defaults
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+
+subChartsOnly:
+ enabled: true
+
+# application image
+repository: nexus3.onap.org:10001
+image: onap/optf-cmso-optimizer:latest
+pullPolicy: Always
+
+#init container image
+dbinit:
+ image: onap/optf-cmso-dbinit:latest
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 120
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+
+service:
+ type: ClusterIP
+ name: oof-cmso-optimizer
+ portName: cmso
+ internalPort: 7997
+ externalPort: 7997
+ #nodePort: 23
+ # as of 20181022 port 23 is reserved for cmso
+ # see https://wiki.onap.org/display/DW/OOM+NodePort+List
+
+
+config:
+ db_root: root
+ db_user: cmso-admin
+ mysqlDatabase: optimizer
+ db_host: oof-cmso-dbhost
+ db_port: 3306
+ topology_host: oof-cmso-topology
+ topology_port: 7998
+ ticketmgt_host: oof-cmso-ticketmgt
+ ticketmgt_port: 7999
+
+mariadb:
+ nameOverride: cmso-db
+
+ingress:
+ enabled: false
+
+#resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+resources:
+ small:
+ limits:
+ cpu: 1
+ memory: 1.2Gi
+ requests:
+ cpu: 10m
+ memory: 800Mi
+ large:
+ limits:
+ cpu: 1
+ memory: 1.2Gi
+ requests:
+ cpu: 10m
+ memory: 800Mi
+ unlimited: {}
apiVersion: v1
description: Chart for Change Management Service Orchestrator (CMSO) Service
name: oof-cmso-service
-version: 3.0.0
+version: 4.0.0
--- /dev/null
+#-------------------------------------------------------------------------------
+# ============LICENSE_START==============================================
+# Copyright (c) 2019 AT&T Intellectual Property.
+# =======================================================================
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain a
+# copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+# or implied. See the License for the specific language governing
+# permissions and limitations under the License.
+# ============LICENSE_END=================================================
+#
+#-------------------------------------------------------------------------------
+cadi_loglevel=DEBUG
+cadi_prop_files=src/main/resources/aaf/org.onap.oof.props
+
#-------------------------------------------------------------------------------
-# Copyright © 2017-2018 AT&T Intellectual Property.
-# Modifications Copyright © 2018 IBM.
+# Copyright (c) 2017-2018 AT&T Intellectual Property.
+# Modifications Copyright (c) 2018 IBM.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
#
#
# Unless otherwise specified, all documentation contained herein is licensed
-# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?\9d);
+# under the Creative Commons License, Attribution 4.0 Intl. (the ???License???);
# you may not use this documentation except in compliance with the License.
# You may obtain a copy of the License at
#
# See the License for the specific language governing permissions and
# limitations under the License.
#-------------------------------------------------------------------------------
-###
-### MySQL DB.
+#-------------------------------------------------------------------------------
spring.datasource.url=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA}
spring.datasource.driver-class-name=org.mariadb.jdbc.Driver
spring.datasource.username=${DB_USERNAME}
spring.datasource.tomcat.max-active=25
spring.datasource.tomcat.test-on-borrow=true
-spring.jpa.show-sql=true
+spring.jpa.show-sql=false
spring.jpa.hibernate.ddl-auto=none
spring.jpa.hibernate.naming.strategy=org.hibernate.cfg.EJB3NamingStrategy
spring.jpa.database-platform=org.hibernate.dialect.MySQL5InnoDBDialect
spring.jpa.hibernate.id.new_generator_mappings=false
hibernate.id.new_generator_mappings=false
-logging.level.org.hibernate.SQL=TRACE
-
-logging.level.org.hibernate=TRACE
+logging.level.org.hibernate.SQL=WARN
+logging.level.org.hibernate=WARN
+#-------------------------------------------------------------------------------
#
cmso.aaf.enabled=false
## loopback settings
so.url=http://localhost:8080/cmso/v1/loopbacktest/onap/so/infra/orchestrationRequests/v7
-so.user=cmso@onap.org
-so.pass=enc:bfodXf8qRfCqMvlxVBYNWQ==
+so.user=oof@oof.onap.org
+so.pass=changeit
-mechid.user=cmso@onap.org
-mechid.pass=enc:bfodXf8qRfCqMvlxVBYNWQ==
+mechid.user=oof@oof.onap.org
+mechid.pass=changeit
cmso.dispatch.url=http://localhost:8089
#-------------------------------------------------------------------------------
-# Copyright © 2017-2018 AT&T Intellectual Property.
-# Modifications Copyright © 2018 IBM.
+# Copyright (c) 2017-2018 AT&T Intellectual Property.
+# Modifications Copyright ? 2018 IBM.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
#
#
# Unless otherwise specified, all documentation contained herein is licensed
-# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?\9d);
+# under the Creative Commons License, Attribution 4.0 Intl. (the ???License???);
# you may not use this documentation except in compliance with the License.
# You may obtain a copy of the License at
#
# limitations under the License.
#-------------------------------------------------------------------------------
-cmso.optimizer.url=http://localhost:8080/cmso/v1/loopbacktest/optimizer
-cmso.optimizer.callbackurl=http://localhost:8080/cmso/v1/optimizerCallback
-
+cmso.optimizer.request.url=$http://${OPTIMIZER_HOST}:${OPTIMIZER_PORT}/optimizer/v1/optimize/schedule
+cmso.optimizer.status.url=http://${OPTIMIZER_HOST}:${OPTIMIZER_PORT}/optimizer/v1/optimize/schedule
+cmso.optimizer.health.url=http://${OPTIMIZER_HOST}:${OPTIMIZER_PORT}/optimizer/v1/health?checkInterfaces=true
\ No newline at end of file
-# Copyright © 2018 AT&T
+# Copyright (c) 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
secretKeyRef:
name: {{ .Release.Name}}-cmso-db
key: user-password
+ - name: OPTIMIZER_HOST
+ value: {{ .Values.config.optimizer_host }}.{{.Release.Namespace}}
+ - name: OPTIMIZER_PORT
+ value: {{ .Values.config.optimizer_port | quote}}
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
path: logback.xml
- key: cmso.properties
path: cmso.properties
+ - key: cadi.properties
+ path: cadi.properties
- key: optimizer.properties
path: optimizer.properties
- key: ticketmgt.properties
-# Copyright © 2018 AT&T
+# Copyright © 2018-2019 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# application image
repository: nexus3.onap.org:10001
-image: onap/optf-cmso-service:1.0.1
+image: onap/optf-cmso-service:latest
pullPolicy: Always
#init container image
dbinit:
- image: onap/optf-cmso-dbinit:1.0.1
+ image: onap/optf-cmso-dbinit:latest
# flag to enable debugging - application support required
debugEnabled: false
mysqlDatabase: cmso
db_host: oof-cmso-dbhost
db_port: 3306
+ optimizer_host: oof-cmso-optimizer
+ optimizer_port: 7997
mariadb:
nameOverride: cmso-db
--- /dev/null
+# Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Chart for Change Management Service Orchestrator (CMSO) Ticket Management
+name: oof-cmso-ticketmgt
+version: 4.0.0
--- /dev/null
+#-------------------------------------------------------------------------------
+# ============LICENSE_START==============================================
+# Copyright (c) 2019 AT&T Intellectual Property.
+# =======================================================================
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain a
+# copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+# or implied. See the License for the specific language governing
+# permissions and limitations under the License.
+# ============LICENSE_END=================================================
+#
+#-------------------------------------------------------------------------------
+cadi_loglevel=DEBUG
+cadi_prop_files=src/main/resources/aaf/org.onap.oof.props
+
--- /dev/null
+<?xml version = "1.0" encoding = "UTF-8" ?>
+<!--
+# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+-->
+<included>
+ <jmxConfigurator />
+ <!-- Example evaluator filter applied against console appender -->
+<property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/>
+ <property name="p_lvl" value="%level"/>
+ <property name="p_log" value="%logger"/>
+ <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/>
+ <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_thr" value="%thread"/>
+ <property name="defaultPattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/>
+ <property name="debugPattern" value="%nopexception${p_tim}|${p_lvl}|${p_mdc}|${p_exc}|%msg%n"/>
+
+ <!-- Example evaluator filter applied against console appender -->
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ <encoder>
+ <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="ERROR"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ <file>${logDirectory}/error2.log</file>
+ <append>true</append>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+ <fileNamePattern>${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern>
+ <maxFileSize>50MB</maxFileSize>
+ <maxHistory>30</maxHistory>
+ <totalSizeCap>10GB</totalSizeCap>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>10MB</maxFileSize>
+ </triggeringPolicy>
+ </appender>
+
+ <appender name="DEBUG"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/debug.log</file>
+ <append>true</append>
+ <encoder>
+ <pattern>${debugPattern}</pattern>
+ </encoder>
+ <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+ <fileNamePattern>${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern>
+ <maxFileSize>50MB</maxFileSize>
+ <maxHistory>30</maxHistory>
+ <totalSizeCap>10GB</totalSizeCap>
+ </rollingPolicy>
+ </appender>
+
+
+ <appender name="AUDIT"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/audit.log</file>
+ <append>true</append>
+ <encoder>
+ <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n
+ </pattern>
+ </encoder>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>10</maxIndex>
+ <FileNamePattern>${logDirectory}/audit.%i.log.zip
+ </FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>10MB</maxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="asyncEELFAudit"
+ class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="AUDIT" />
+ </appender>
+
+ <appender name="METRIC"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/metric.log</file>
+ <append>true</append>
+ <encoder>
+ <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|
+ %msg%n</pattern>
+ </encoder>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>10</maxIndex>
+ <FileNamePattern>${logDirectory}/metric.%i.log.zip
+ </FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>10MB</maxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="asyncEELFMetrics"
+ class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="METRIC" />
+ </appender>
+
+ <!-- SECURITY related loggers -->
+ <appender name="SECURITY"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/security.log</file>
+ <append>true</append>
+ <encoder>
+ <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n
+ </pattern>
+ </encoder>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>10</maxIndex>
+ <FileNamePattern>${logDirectory}/security.%i.log.zip
+ </FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>10MB</maxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="asyncEELFSecurity"
+ class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="SECURITY" />
+ </appender>
+ <!-- AAF related loggers -->
+ <logger name="org.onap.aaf" level="INFO" additivity="true">
+ <appender-ref ref="DEBUG" />
+ </logger>
+ <logger name="org.apache.catalina.core" level="INFO"
+ additivity="true">
+ <appender-ref ref="DEBUG" />
+ </logger>
+ <logger name="org.onap.cmso" level="INFO"
+ additivity="true">
+ <appender-ref ref="ERROR" />
+ </logger>
+
+ <!-- CLDS related loggers -->
+ <logger name="com.att.eelf.error" level="OFF" additivity="true">
+ <appender-ref ref="ERROR" />
+ </logger>
+ <!-- EELF related loggers -->
+ <logger name="com.att.eelf.audit" level="INFO"
+ additivity="false">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+ <logger name="com.att.eelf.metrics" level="DEBUG"
+ additivity="false">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+ <logger name="com.att.eelf.security" level="DEBUG"
+ additivity="false">
+ <appender-ref ref="asyncEELFSecurity" />
+ </logger>
+
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="DEBUG" />
+
+ <!-- Other Loggers that may help troubleshoot -->
+ <logger name="org.apache" level="DEBUG" />
+
+ <!-- logback internals logging -->
+ <logger name="ch.qos.logback.classic" level="INFO" />
+ <logger name="ch.qos.logback.core" level="INFO" />
+
+ <!-- logback jms appenders & loggers definition starts here -->
+ <appender name="auditLogs"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ </filter>
+ <file>${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
+ </encoder>
+ </appender>
+ <appender name="perfLogs"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ </filter>
+ <file>${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
+ </encoder>
+ </appender>
+ <logger name="AuditRecord" level="INFO" additivity="FALSE">
+ <appender-ref ref="auditLogs" />
+ </logger>
+ <logger name="AuditRecord_DirectCall" level="INFO"
+ additivity="FALSE">
+ <appender-ref ref="auditLogs" />
+ </logger>
+ <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE">
+ <appender-ref ref="perfLogs" />
+ </logger>
+ <!-- logback jms appenders & loggers definition ends here -->
+
+ <root level="DEBUG">
+ <appender-ref ref="DEBUG" />
+ <appender-ref ref="STDOUT" />
+ </root>
+</included>
+
--- /dev/null
+#-------------------------------------------------------------------------------
+# Copyright © 2017-2019 AT&T Intellectual Property.
+# Modifications Copyright © 2018 IBM.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#
+# Unless otherwise specified, all documentation contained herein is licensed
+# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?\9d);
+# you may not use this documentation except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# https://creativecommons.org/licenses/by/4.0/
+#
+# Unless required by applicable law or agreed to in writing, documentation
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#-------------------------------------------------------------------------------
--- /dev/null
+# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
--- /dev/null
+# Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
--- /dev/null
+# Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /share/logs
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /share/debug-logs
+ - name: {{ include "common.fullname" . }}-config
+ mountPath: /share/etc/config
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}
+ items:
+ - key: logback.xml
+ path: logback.xml
+ - key: ticketmgt.properties
+ path: ticketmgt.properties
+ - key: cadi.properties
+ path: cadi.properties
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright © 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
spec:
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
- targetPort: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
{{- end}}
- name: {{ .Values.service.portName | default "http" }}
selector:
app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
--- /dev/null
+# Copyright (c) 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global: # global defaults
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+
+subChartsOnly:
+ enabled: true
+
+# application image
+repository: nexus3.onap.org:10001
+image: onap/optf-cmso-ticketmgt:latest
+pullPolicy: Always
+
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 120
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+
+service:
+ type: ClusterIP
+ name: oof-cmso-ticketmgt
+ portName: cmso-ticketmgt
+ internalPort: 7999
+ externalPort: 7999
+ #nodePort: 23
+ # as of 20181022 port 23 is reserved for cmso
+ # see https://wiki.onap.org/display/DW/OOM+NodePort+List
+
+
+config:
+
+
+ingress:
+ enabled: false
+
+#resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+resources:
+ small:
+ limits:
+ cpu: 1
+ memory: 1.2Gi
+ requests:
+ cpu: 10m
+ memory: 800Mi
+ large:
+ limits:
+ cpu: 1
+ memory: 1.2Gi
+ requests:
+ cpu: 10m
+ memory: 800Mi
+ unlimited: {}
--- /dev/null
+# Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Chart for Change Management Service Orchestrator (CMSO) Service
+name: oof-cmso-topology
+version: 4.0.0
--- /dev/null
+#-------------------------------------------------------------------------------
+# ============LICENSE_START==============================================
+# Copyright (c) 2019 AT&T Intellectual Property.
+# =======================================================================
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain a
+# copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+# or implied. See the License for the specific language governing
+# permissions and limitations under the License.
+# ============LICENSE_END=================================================
+#
+#-------------------------------------------------------------------------------
+cadi_loglevel=DEBUG
+cadi_prop_files=src/main/resources/aaf/org.onap.oof.props
+
--- /dev/null
+<?xml version = "1.0" encoding = "UTF-8" ?>
+<!--
+# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+-->
+<included>
+ <jmxConfigurator />
+ <!-- Example evaluator filter applied against console appender -->
+<property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/>
+ <property name="p_lvl" value="%level"/>
+ <property name="p_log" value="%logger"/>
+ <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/>
+ <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_thr" value="%thread"/>
+ <property name="defaultPattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/>
+ <property name="debugPattern" value="%nopexception${p_tim}|${p_lvl}|${p_mdc}|${p_exc}|%msg%n"/>
+
+ <!-- Example evaluator filter applied against console appender -->
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ <encoder>
+ <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="ERROR"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ <file>${logDirectory}/error2.log</file>
+ <append>true</append>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+ <fileNamePattern>${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern>
+ <maxFileSize>50MB</maxFileSize>
+ <maxHistory>30</maxHistory>
+ <totalSizeCap>10GB</totalSizeCap>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>10MB</maxFileSize>
+ </triggeringPolicy>
+ </appender>
+
+ <appender name="DEBUG"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/debug.log</file>
+ <append>true</append>
+ <encoder>
+ <pattern>${debugPattern}</pattern>
+ </encoder>
+ <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+ <fileNamePattern>${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern>
+ <maxFileSize>50MB</maxFileSize>
+ <maxHistory>30</maxHistory>
+ <totalSizeCap>10GB</totalSizeCap>
+ </rollingPolicy>
+ </appender>
+
+
+ <appender name="AUDIT"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/audit.log</file>
+ <append>true</append>
+ <encoder>
+ <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n
+ </pattern>
+ </encoder>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>10</maxIndex>
+ <FileNamePattern>${logDirectory}/audit.%i.log.zip
+ </FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>10MB</maxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="asyncEELFAudit"
+ class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="AUDIT" />
+ </appender>
+
+ <appender name="METRIC"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/metric.log</file>
+ <append>true</append>
+ <encoder>
+ <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|
+ %msg%n</pattern>
+ </encoder>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>10</maxIndex>
+ <FileNamePattern>${logDirectory}/metric.%i.log.zip
+ </FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>10MB</maxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="asyncEELFMetrics"
+ class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="METRIC" />
+ </appender>
+
+ <!-- SECURITY related loggers -->
+ <appender name="SECURITY"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/security.log</file>
+ <append>true</append>
+ <encoder>
+ <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n
+ </pattern>
+ </encoder>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>10</maxIndex>
+ <FileNamePattern>${logDirectory}/security.%i.log.zip
+ </FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>10MB</maxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="asyncEELFSecurity"
+ class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="SECURITY" />
+ </appender>
+ <!-- AAF related loggers -->
+ <logger name="org.onap.aaf" level="INFO" additivity="true">
+ <appender-ref ref="DEBUG" />
+ </logger>
+ <logger name="org.apache.catalina.core" level="INFO"
+ additivity="true">
+ <appender-ref ref="DEBUG" />
+ </logger>
+ <logger name="org.onap.cmso" level="INFO"
+ additivity="true">
+ <appender-ref ref="ERROR" />
+ </logger>
+
+ <!-- CLDS related loggers -->
+ <logger name="com.att.eelf.error" level="OFF" additivity="true">
+ <appender-ref ref="ERROR" />
+ </logger>
+ <!-- EELF related loggers -->
+ <logger name="com.att.eelf.audit" level="INFO"
+ additivity="false">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+ <logger name="com.att.eelf.metrics" level="DEBUG"
+ additivity="false">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+ <logger name="com.att.eelf.security" level="DEBUG"
+ additivity="false">
+ <appender-ref ref="asyncEELFSecurity" />
+ </logger>
+
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="DEBUG" />
+
+ <!-- Other Loggers that may help troubleshoot -->
+ <logger name="org.apache" level="DEBUG" />
+
+ <!-- logback internals logging -->
+ <logger name="ch.qos.logback.classic" level="INFO" />
+ <logger name="ch.qos.logback.core" level="INFO" />
+
+ <!-- logback jms appenders & loggers definition starts here -->
+ <appender name="auditLogs"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ </filter>
+ <file>${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
+ </encoder>
+ </appender>
+ <appender name="perfLogs"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ </filter>
+ <file>${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
+ </encoder>
+ </appender>
+ <logger name="AuditRecord" level="INFO" additivity="FALSE">
+ <appender-ref ref="auditLogs" />
+ </logger>
+ <logger name="AuditRecord_DirectCall" level="INFO"
+ additivity="FALSE">
+ <appender-ref ref="auditLogs" />
+ </logger>
+ <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE">
+ <appender-ref ref="perfLogs" />
+ </logger>
+ <!-- logback jms appenders & loggers definition ends here -->
+
+ <root level="DEBUG">
+ <appender-ref ref="DEBUG" />
+ <appender-ref ref="STDOUT" />
+ </root>
+</included>
+
--- /dev/null
+#-------------------------------------------------------------------------------
+# Copyright © 2017-2019 AT&T Intellectual Property.
+# Modifications Copyright © 2018 IBM.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#
+# Unless otherwise specified, all documentation contained herein is licensed
+# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?\9d);
+# you may not use this documentation except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# https://creativecommons.org/licenses/by/4.0/
+#
+# Unless required by applicable law or agreed to in writing, documentation
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#-------------------------------------------------------------------------------
--- /dev/null
+# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
--- /dev/null
+# Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
--- /dev/null
+# Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /share/logs
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /share/debug-logs
+ - name: {{ include "common.fullname" . }}-config
+ mountPath: /share/etc/config
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}
+ items:
+ - key: logback.xml
+ path: logback.xml
+ - key: cadi.properties
+ path: cadi.properties
+ - key: topology.properties
+ path: topology.properties
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+# Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
--- /dev/null
+# Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global: # global defaults
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+
+subChartsOnly:
+ enabled: true
+
+# application image
+repository: nexus3.onap.org:10001
+image: onap/optf-cmso-topology:latest
+pullPolicy: Always
+
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 120
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+
+service:
+ type: ClusterIP
+ name: oof-cmso-topology
+ portName: cmso-topology
+ internalPort: 7998
+ externalPort: 7998
+ #nodePort: 23
+ # as of 20181022 port 23 is reserved for cmso
+ # see https://wiki.onap.org/display/DW/OOM+NodePort+List
+
+
+config:
+
+ingress:
+ enabled: false
+
+#resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+resources:
+ small:
+ limits:
+ cpu: 1
+ memory: 1.2Gi
+ requests:
+ cpu: 10m
+ memory: 800Mi
+ large:
+ limits:
+ cpu: 1
+ memory: 1.2Gi
+ requests:
+ cpu: 10m
+ memory: 800Mi
+ unlimited: {}
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: mariadb-galera
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP Homing and Allocation Service
name: oof-has
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Homing and Allocation Servicei - API
name: oof-has-api
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Homing and Allocation Sservice - Controller
name: oof-has-controller
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Homing and Allocation Service - Data Component
name: oof-has-data
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Homing and Allocation Sevice - Reservation Component
name: oof-has-reservation
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Homing and Allocation Service - Solver Component
name: oof-has-solver
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: music
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP DCAE PNDA
name: pnda
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP DCAE PNDA Bootstrap
name: dcae-pnda-bootstrap
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
osUser: centos
nameserver: 8.8.8.8
ntp: pool.ntp.org
- mirrorNodePort: 88
apps:
fsType: local
networkCidr: 10.0.0.0/16
apiVersion: v1
description: ONAP DCAE PNDA Mirror
name: dcae-pnda-mirror
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: ONAP Policy Administration Point
name: policy
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Policy BRMS GW
name: brmsgw
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-pe:1.3.4
+image: onap/policy-pe:1.4-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP Drools Policy Engine
name: drools
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Policy Nexus
name: nexus
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-# Copyright © 2017 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
--->
-
-<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
-
-<!--
- <proxies>
- <proxy>
- <id>http-proxy</id>
- <active>true</active>
- <protocol>http</protocol>
- <host>your-proxy-host-or-ip</host>
- <port>your-proxy-port</port>
- <nonProxyHosts>localhost|127.0.0.1|*.svc.cluster.local|nexus</nonProxyHosts>
- </proxy>
- <proxy>
- <id>https-proxy</id>
- <active>true</active>
- <protocol>https</protocol>
- <host>your-proxy-host-or-ip</host>
- <port>your-proxy-port</port>
- <nonProxyHosts>localhost|127.0.0.1|*.svc.cluster.local|nexus</nonProxyHosts>
- </proxy>
- </proxies>
--->
- <profiles>
- <profile>
- <id>policy-profile</id>
- <activation>
- <activeByDefault>true</activeByDefault>
- </activation>
-
- <repositories>
- <repository>
- <id>policy-nexus-snapshots</id>
- <url>http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/snapshots/</url>
- <releases>
- <enabled>false</enabled>
- <updatePolicy>always</updatePolicy>
- </releases>
- <snapshots>
- <enabled>true</enabled>
- <updatePolicy>always</updatePolicy>
- </snapshots>
- </repository>
-
- <repository>
- <id>policy-nexus-releases</id>
- <url>http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/releases/</url>
- <releases>
- <enabled>true</enabled>
- <updatePolicy>always</updatePolicy>
- </releases>
- <snapshots>
- <enabled>false</enabled>
- <updatePolicy>always</updatePolicy>
- </snapshots>
- </repository>
- </repositories>
-
- </profile>
- </profiles>
-
- <activeProfiles>
- <activeProfile>policy-profile</activeProfile>
- </activeProfiles>
-
- <servers>
- <server>
- <id>policy-nexus-snapshots</id>
- <username>admin</username>
- <password>admin123</password>
- </server>
- <server>
- <id>policy-nexus-releases</id>
- <username>admin</username>
- <password>admin123</password>
- </server>
- </servers>
-
-</settings>
+++ /dev/null
-<!--
-# Copyright © 2017 Amdocs, Bell Canada,AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
--->
-
-<configuration scan="true" scanPeriod="30 seconds" debug="false">
-
- <property name="logDir" value="/var/log/onap" />
-
- <property name="errorLog" value="error" />
- <property name="debugLog" value="debug" />
- <property name="networkLog" value="network" />
-
- <property name="debugPattern" value="[%date|%level|%logger{0}|%thread] %msg%n" />
- <property name="errorPattern" value="${debugPattern}" />
- <property name="networkPattern" value="[%d|%t]%m%n" />
-
- <appender name="ErrorOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDir}/${errorLog}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDir}/${errorLog}.%i.log.zip</fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>5</maxIndex>
- </rollingPolicy>
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>15MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>${errorPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncErrorOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="ErrorOut" />
- </appender>
-
- <appender name="DebugOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDir}/${debugLog}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDir}/${debugLog}.%i.log.zip</fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>20MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>${debugPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncDebugOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="DebugOut" />
- </appender>
-
- <appender name="NetworkOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDir}/${networkLog}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDir}/${networkLog}.%i.log.zip</fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>15MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>${networkPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncNetworkOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="NetworkOut" />
- </appender>
-
- <logger name="network" level="INFO" additivity="false">
- <appender-ref ref="AsyncNetworkOut" />
- </logger>
-
- <logger name="org.eclipse.jetty.server.RequestLog" level="info" additivity="false">
- <appender-ref ref="AsyncNetworkOut" />
- </logger>
-
- <root level="INFO">
- <appender-ref ref="AsyncDebugOut" />
- <appender-ref ref="AsyncErrorOut" />
- </root>
-
-</configuration>
+++ /dev/null
-#!/bin/bash
-#
-# ============LICENSE_START=======================================================
-# ONAP
-# ================================================================================
-# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright © 2018 Amdocs, Bell Canada
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-#
-
-# #################################
-# Usage
-# #################################
-
-function usage {
- echo
- echo "Usage: $(basename $0) <application-name> <zipped-application-version> <download-directory>"
- echo "Example: $(basename $0) controlloop 1.2.0 /opt/policy/config/drools"
- echo
-}
-
-# #################################
-# snapshot url computation
-# #################################
-
-function url_snapshot {
- if [[ $DEBUG == y ]]; then
- echo "-- ${FUNCNAME[0]} --"
- set -x
- fi
-
- APP_URL="${APP_URL}/snapshots/org/onap/policy/drools-applications/${APP_NAME}/packages/apps-${APP_NAME}/${APP_VERSION}"
-
- local APP_METADATA_URL="${APP_URL}/maven-metadata.xml"
- local APP_SNAPSHOT_VERSION=$(curl --silent "${APP_METADATA_URL}" | grep -Po "(?<=<value>).*(?=</value>)" | sort -V | tail -1)
-
- if [[ -z ${APP_SNAPSHOT_VERSION} ]]; then
- echo "ERROR: cannot compute SNAPSHOT version"
- usage
- exit 1
- fi
-
- APP_URL="${APP_URL}/apps-${APP_NAME}-${APP_SNAPSHOT_VERSION}.zip"
-}
-
-# #################################
-# release url computation
-# #################################
-
-function url_release {
- if [[ $DEBUG == y ]]; then
- echo "-- ${FUNCNAME[0]} --"
- set -x
- fi
-
- APP_URL="${APP_URL}/releases/org/onap/policy/drools-applications/${APP_NAME}/packages/apps-${APP_NAME}/${APP_VERSION}/apps-${APP_NAME}-${APP_VERSION}.zip"
-}
-
-# #################################
-# Main
-# #################################
-
-if [[ $DEBUG == y ]]; then
- set -x
-fi
-
-APP_NAME=$1
-if [[ -z ${APP_NAME} ]]; then
- echo "ERROR: no APPLICATION NAME provided (ie. controlloop)"
- usage
- exit 1
-fi
-
-APP_VERSION=$2
-if [[ -z ${APP_VERSION} ]]; then
- echo "ERROR: no APPLICATION VERSION provided"
- usage
- exit 1
-fi
-
-DOWNLOAD_DIR=$3
-if [[ -z ${DOWNLOAD_DIR} ]]; then
- echo "ERROR: no DOWNLOAD DIRECTORY provided"
- usage
- exit 1
-fi
-
-if [[ ! -d ${DOWNLOAD_DIR} ]]; then
- echo "ERROR: ${DOWNLOAD_DIR} is not a directory"
- usage
- exit 1
-fi
-
-APP_GROUP_ID="org.onap.policy.drools-applications.${APP_NAME}.packages"
-APP_ARTIFACT_ID="apps-${APP_NAME}"
-APP_BASE_URL="https://nexus.onap.org/content/repositories"
-
-APP_URL="${APP_BASE_URL}"
-
-if [[ ${APP_VERSION} =~ \-SNAPSHOT$ ]]; then
- url_snapshot
-else
- url_release
-fi
-
-wget "${APP_URL}" -O "${DOWNLOAD_DIR}"/apps-"${APP_NAME}".zip
-if [[ $? != 0 ]]; then
- echo "ERROR: cannot download ${DOWNLOAD_DIR}/apps-${APP_NAME}.zip"
- exit 1
-fi
-
-echo "APP ${APP_NAME} stored at ${DOWNLOAD_DIR}/apps-${APP_NAME}.zip"
-ls -l "${DOWNLOAD_DIR}"/apps-"${APP_NAME}".zip
# See the License for the specific language governing permissions and
# limitations under the License.
+# JVM options
+
+JVM_OPTIONS=-server -Xms1024m -Xmx2048m
+
# SYSTEM software configuration
POLICY_HOME=/opt/app/policy
POLICY_LOGS=/var/log/onap/policy/pdpd
-JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
+JAVA_HOME=/usr/lib/jvm/java-1.8-openjdk
KEYSTORE_PASSWD=Pol1cy_0nap
TRUSTSTORE_PASSWD=Pol1cy_0nap
PDPD_CONFIGURATION_CONSUMER_INSTANCE=
PDPD_CONFIGURATION_PARTITION_KEY=
+# PAP-PDP configuration channel
+
+POLICY_PDP_PAP_TOPIC=POLICY-PDP-PAP
+POLICY_PDP_PAP_API_KEY=
+POLICY_PDP_PAP_API_SECRET=
+
# PAP
PAP_HOST={{.Values.global.pap.nameOverride}}
+++ /dev/null
-#!/bin/bash
-#
-# ============LICENSE_START=======================================================
-# ONAP
-# ================================================================================
-# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright © 2018 Amdocs, Bell Canada
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-#
-
-# #################################
-# Usage
-# #################################
-
-function usage {
- echo
- echo "Usage: $(basename $0)"
- echo
-}
-
-if [[ ${DEBUG} == y ]]; then
- set -x
-fi
-
-if [[ -z ${BUILD_VERSION} ]]; then
- echo "no BUILD_VERSION available as environment variable""
- usage
- exit 1
-fi
-
-if [[ -z ${POLICY_INSTALL} ]]; then
- echo "no POLICY_INSTALL available as environment variable""
- usage
- exit 2
-fi
-
-CONFIG_DIR=$(dirname "$0")
-echo "invoking ${CONFIG_DIR}/apps-install.sh for controlloop ${BUILD_VERSION} at ${POLICY_INSTALL}"
-export DEBUG=y
-bash ${CONFIG_DIR}/apps-install.sh controlloop ${BUILD_VERSION} ${POLICY_INSTALL}
-unzip -o ${POLICY_INSTALL}/app*.zip -d ${POLICY_INSTALL}
+++ /dev/null
-#! /bin/bash -xv
-
-# Copyright © 2017-2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-"${POLICY_HOME}"/bin/features enable healthcheck
-"${POLICY_HOME}"/bin/features enable distributed-locking
-
-"${POLICY_HOME}"/bin/db-migrator -s pooling -o upgrade
-
-# make sure the PDPD-CONFIGURATION anonymous topic is created
-# so not to lose any configuration updates
-
-echo
-echo "testing publish to PDPD-CONFIGURATION topic"
-echo
-
-curl --silent --connect-timeout 15 -X POST --header "Content-Type: application/json" -d "{}" http://message-router:3904/events/PDPD-CONFIGURATION
-
-echo
-echo "testing subscribe to PDPD-CONFIGURATION topic "
-echo
-
-curl --silent --connect-timeout 15 -X GET http://message-router:3904/events/PDPD-CONFIGURATION/1/1?timeout=5000
-
-# for resiliency/scalability scenarios, check to see
-# if there's an amsterdam artifact already deployed
-# by brmsgw. If so, update the amsterdam controller
-# coordinates. In the future, a more sophisticated
-# solution will be put in place, that will required
-# coordination among policy components.
-
-echo
-echo "checking if there are amsterdam policies already deployed .."
-echo
-
-AMSTERDAM_VERSION=$(curl --silent --connect-timeout 20 -X GET "http://nexus:8081/nexus/service/local/artifact/maven/resolve?r=releases&g=org.onap.policy-engine.drools.amsterdam&a=policy-amsterdam-rules&v=RELEASE" | grep -Po "(?<=<version>).*(?=</version>)")
-
-if [[ -z ${AMSTERDAM_VERSION} ]]; then
- echo "no amsterdam policies have been found .."
- exit 0
-fi
-
-echo
-echo "The latest deployed amsterdam artifact in nexus has version ${AMSTERDAM_VERSION}"
-echo
-
-sed -i.INSTALL -e "s/^rules.artifactId=.*/rules.artifactId=policy-amsterdam-rules/g" \
- -e "s/^rules.groupId=.*/rules.groupId=org.onap.policy-engine.drools.amsterdam/g" \
- -e "s/^rules.version=.*/rules.version=${AMSTERDAM_VERSION}/g" "${POLICY_HOME}"/config/amsterdam-controller.properties
-
-echo
-echo "amsterdam controller will be started brained with maven coordinates:"
-echo
-
-grep "^rules" "${POLICY_HOME}"/config/amsterdam-controller.properties
-
-echo
-echo
# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Modifications Copyright © 2018-2019 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-settings-configmap
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/drools/settings.xml").AsConfig . | indent 2 }}
----
apiVersion: v1
kind: ConfigMap
metadata:
namespace: {{ include "common.namespace" . }}
data:
{{ tpl (.Files.Glob "resources/config/opt/policy/config/drools/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-log-configmap
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/log/drools/logback.xml").AsConfig . | indent 2 }}
-
# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Modifications Copyright © 2018-2019 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
ports:
- containerPort: {{ .Values.service.externalPort }}
- containerPort: {{ .Values.service.externalPort2 }}
- command:
- - /bin/bash
- - -c
- - ./do-start.sh
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- mountPath: /tmp/policy-install/config/base.conf
name: drools-config
subPath: base.conf
- - mountPath: /tmp/policy-install/config/policy-management.conf
- name: drools-config
- subPath: policy-management.conf
- - mountPath: /tmp/policy-install/config/drools-tweaks.sh
- name: drools-config
- subPath: drools-tweaks.sh
- - mountPath: /tmp/policy-install/config/apps-install.sh
- name: drools-config
- subPath: apps-install.sh
- - mountPath: /tmp/policy-install/config/drools-preinstall.sh
- name: drools-config
- subPath: drools-preinstall.sh
- - mountPath: /usr/share/maven/conf/settings.xml
- name: drools-settingsxml
- subPath: settings.xml
- mountPath: /var/log/onap
name: policy-logs
- - mountPath: /tmp/logback.xml
- name: policy-logback
- subPath: logback.xml
- lifecycle:
- postStart:
- exec:
- command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/config/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
emptyDir: {}
- name: policy-data-filebeat
emptyDir: {}
- - name: policy-logback
- configMap:
- name: {{ include "common.fullname" . }}-log-configmap
- - name: drools-settingsxml
- configMap:
- name: {{ include "common.fullname" . }}-settings-configmap
- name: drools-config
configMap:
name: {{ include "common.fullname" . }}-configmap
- key: feature-pooling-dmaap.conf
path: feature-pooling-dmaap.conf
mode: 0755
- - key: policy-management.conf
- path: policy-management.conf
- mode: 0755
- - key: drools-tweaks.sh
- path: drools-tweaks.sh
- mode: 0755
- - key: apps-install.sh
- path: apps-install.sh
- mode: 0755
- - key: drools-preinstall.sh
- path: drools-preinstall.sh
- mode: 0755
- name: drools-secret
secret:
secretName: {{ include "common.fullname" . }}-secret
# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Modifications Copyright © 2018-2019 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-drools:1.3.4
+image: onap/policy-pdpd-cl:1.4-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP Policy MariaDB Service
name: mariadb
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
apiVersion: v1
description: ONAP Policy PDP
name: pdp
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-pe:1.3.4
+image: onap/policy-pe:1.4-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP Policy APEX PDP
name: policy-apex-pdp
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-apex-pdp:2.0.3
+image: onap/policy-apex-pdp:2.1-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+description: ONAP Policy Design API
+name: policy-api
+version: 4.0.0
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: common
+ version: ~4.x-0
+ repository: '@local'
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+{
+ "name":"ApiGroup",
+ "restServerParameters":{
+ "host":"0.0.0.0",
+ "port":6969,
+ "userName":"healthcheck",
+ "password":"zb!XztG34"
+ }
+}
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }}
--- /dev/null
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["/opt/app/policy/api/bin/policy-api.sh"]
+ args: ["/opt/app/policy/api/etc/mounted/config.json"]
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/policy/api/etc/mounted
+ name: apiconfig
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: apiconfig
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ defaultMode: 0755
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.internalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 304
+ persistence: {}
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/policy-api:2.0.0-SNAPSHOT-latest
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 20
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 20
+ periodSeconds: 10
+
+service:
+ type: ClusterIP
+ name: policy-api
+ portName: policy-api
+ internalPort: 6969
+ nodePort: 40
+
+ingress:
+ enabled: false
+
+resources: {}
apiVersion: v1
description: ONAP Policy Common
name: policy-common
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
# See the License for the specific language governing permissions and
# limitations under the License.
-JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
+JAVA_HOME=/usr/lib/jvm/java-1.8-openjdk
POLICY_HOME=/opt/app/policy
POLICY_LOGS=/var/log/onap
KEYSTORE_PASSWD=Pol1cy_0nap
apiVersion: v1
description: ONAP Policy Distribution
name: policy-distribution
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-distribution:2.0.3
+image: onap/policy-distribution:2.1.0-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+description: ONAP Policy Administration (PAP)
+name: policy-pap
+version: 4.0.0
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: common
+ version: ~4.x-0
+ repository: '@local'
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+{
+ "name":"PapGroup",
+ "restServerParameters":{
+ "host":"0.0.0.0",
+ "port":6969,
+ "userName":"healthcheck",
+ "password":"zb!XztG34"
+ }
+}
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }}
+
--- /dev/null
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["/opt/app/policy/pap/bin/policy-pap.sh"]
+ args: ["/opt/app/policy/pap/etc/mounted/config.json"]
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/policy/pap/etc/mounted
+ name: papconfig
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: papconfig
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ defaultMode: 0755
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ ports:
+ - port: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ clusterIP: None
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ persistence: {}
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/policy-pap:2.0.0-SNAPSHOT-latest
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 20
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 20
+ periodSeconds: 10
+
+service:
+ type: ClusterIP
+ name: policy-pap
+ portName: policy-pap
+ internalPort: 6969
+
+ingress:
+ enabled: false
+
+resources: {}
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+description: ONAP Policy XACML PDP
+name: policy-xacml-pdp
+version: 4.0.0
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: common
+ version: ~4.x-0
+ repository: '@local'
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+{
+ "name":"XacmlPdpGroup",
+ "restServerParameters":{
+ "host":"0.0.0.0",
+ "port":6969,
+ "userName":"healthcheck",
+ "password":"zb!XztG34"
+ }
+}
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }}
--- /dev/null
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["/opt/app/policy/pdpx/bin/policy-pdpx.sh"]
+ args: ["/opt/app/policy/pdpx/etc/mounted/config.json"]
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/policy/pdpx/etc/mounted
+ name: pdpxconfig
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: pdpxconfig
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ defaultMode: 0755
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
--- /dev/null
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ persistence: {}
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/policy-xacml-pdp:2.0.0-SNAPSHOT-latest
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 20
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 20
+ periodSeconds: 10
+
+service:
+ type: ClusterIP
+ name: policy-xacml-pdp
+ portName: policy-xacml-pdp
+ externalPort: 6969
+ internalPort: 6969
+
+ingress:
+ enabled: false
+
+resources: {}
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
# Copyright © 2017 Amdocs, Bell Canada, AT&T
-# Modifications Copyright © 2018 AT&T. All rights reserved.
+# Modifications Copyright © 2018-2019 AT&T. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
sleep 2
-wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-applications/plain/controlloop/templates/archetype-cl-amsterdam/src/main/resources/archetype-resources/src/main/resources/__closedLoopControlName__.drl?h=casablanca
+wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-applications/plain/controlloop/templates/archetype-cl-amsterdam/src/main/resources/archetype-resources/src/main/resources/__closedLoopControlName__.drl
sleep 2
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-pe:1.3.4
+image: onap/policy-pe:1.4-SNAPSHOT-latest
pullPolicy: Always
subChartsOnly:
requests:
cpu: 20m
memory: 2Gi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
apiVersion: v1
description: ONAP Post Orchestration Model Based Audit
name: pomba
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP POMBA AAI Context Builder
name: pomba-aaictxbuilder
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
http.userId={{ .Values.config.httpUserId }}
http.password={{ .Values.config.httpPassword }}
-aai.searchNodeQuery=/aai/v11/search/nodes-query?search-node-type=service-instance&filter=service-instance-id:EQUALS:
+aai.searchNodeQuery=/aai/v13/nodes/service-instance/{0}
#Servlet context parameters
server.context_parameters.p-name=value #context parameter with p-name as key and value as value.
-<configuration scan="true" scanPeriod="10 seconds" debug="false">
- <jmxConfigurator />
- <property name="logDirectory" value="/var/log/onap/pomba-aaictxbuilder" />
- <!-- Example evaluator filter applied against console appender -->
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <!-- filter class="ch.qos.logback.classic.filter.LevelFilter"> <level>ERROR</level>
- <onMatch>ACCEPT</onMatch> <onMismatch>DENY</onMismatch> </filter -->
- <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>INFO</level>
- </filter>
- <encoder>
- <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
- </pattern>
- </encoder>
- </appender>
-
- <appender name="ERROR"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>INFO</level>
- </filter>
- <file>${logDirectory}/error.log</file>
- <append>true</append>
- <encoder>
- <pattern>%date{"yyyy-MM-dd'T'HH:mm:ss,SSSXXX", UTC}|%X{RequestId}|%.20thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%.-5level|%X{ErrorCode}|%X{ErrorDescription}|%msg%n</pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/error.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
-
- <appender name="DEBUG"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/debug.log</file>
- <append>true</append>
- <encoder>
- <pattern>%date{"yyyy-MM-dd'T'HH:mm:ss,SSSXXX",UTC}|%X{RequestId}|%.20thread|%.-5level|%logger{36}|%msg%n</pattern>
- </encoder>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/debug.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>10MB</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>5</maxHistory>
- </rollingPolicy>
- </appender>
-
- <appender name="AUDIT"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/audit.log</file>
- <append>true</append>
- <encoder>
- <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n
- </pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/audit.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="AUDIT" />
- </appender>
-
- <appender name="METRIC"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/metric.log</file>
- <append>true</append>
- <encoder>
- <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|
- %msg%n</pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/metric.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="METRIC" />
- </appender>
-
- <!-- SECURITY related loggers -->
- <appender name="SECURITY"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/security.log</file>
- <append>true</append>
- <encoder>
- <pattern>%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n
- </pattern>
- </encoder>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>10</maxIndex>
- <FileNamePattern>${logDirectory}/security.%i.log.zip
- </FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>10MB</maxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="SECURITY" />
- </appender>
-
- <!-- CLDS related loggers -->
- <logger name="org.onap.pomba.clds" level="INFO" additivity="true">
- <appender-ref ref="ERROR" />
- </logger>
-
- <!-- CLDS related loggers -->
- <logger name="com.att.eelf.error" level="OFF" additivity="true">
- <appender-ref ref="ERROR" />
- </logger>
- <!-- EELF related loggers -->
- <logger name="com.att.eelf.audit" level="INFO" additivity="false">
- <appender-ref ref="asyncEELFAudit" />
- </logger>
- <logger name="com.att.eelf.metrics" level="DEBUG" additivity="false">
- <appender-ref ref="asyncEELFMetrics" />
- </logger>
- <logger name="com.att.eelf.security" level="DEBUG" additivity="false">
- <appender-ref ref="asyncEELFSecurity" />
- </logger>
-
-
- <!-- Spring related loggers -->
- <logger name="org.springframework" level="WARN" />
- <logger name="org.springframework.beans" level="WARN" />
- <logger name="org.springframework.web" level="WARN" />
- <logger name="com.blog.spring.jms" level="WARN" />
-
- <!-- Other Loggers that may help troubleshoot -->
- <logger name="net.sf" level="WARN" />
- <logger name="org.apache.commons.httpclient" level="WARN" />
- <logger name="org.apache.commons" level="WARN" />
- <logger name="org.apache.coyote" level="WARN" />
- <logger name="org.apache.jasper" level="WARN" />
-
- <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
- May aid in troubleshooting) -->
- <logger name="org.apache.camel" level="WARN" />
- <logger name="org.apache.cxf" level="WARN" />
- <logger name="org.apache.camel.processor.interceptor" level="WARN" />
- <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
- <logger name="org.apache.cxf.service" level="WARN" />
- <logger name="org.restlet" level="DEBUG" />
- <logger name="org.apache.camel.component.restlet" level="DEBUG" />
-
- <!-- logback internals logging -->
- <logger name="ch.qos.logback.classic" level="INFO" />
- <logger name="ch.qos.logback.core" level="INFO" />
-
- <!-- logback jms appenders & loggers definition starts here -->
- <!-- logback jms appenders & loggers definition starts here -->
- <appender name="auditLogs"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- </filter>
- <file>${logDirectory}/Audit.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/Audit.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
- </encoder>
- </appender>
- <appender name="perfLogs"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- </filter>
- <file>${logDirectory}/Perform.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/Perform.%i.log.zip
- </fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
- </encoder>
- </appender>
- <logger name="AuditRecord" level="INFO" additivity="FALSE">
- <appender-ref ref="auditLogs" />
- </logger>
- <logger name="AuditRecord_DirectCall" level="INFO" additivity="FALSE">
- <appender-ref ref="auditLogs" />
- </logger>
- <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE">
- <appender-ref ref="perfLogs" />
- </logger>
- <!-- logback jms appenders & loggers definition ends here -->
-
- <root level="WARN">
- <appender-ref ref="DEBUG" />
- <appender-ref ref="STDOUT" />
- </root>
-
+<configuration >
+ <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/>
+ <property name="p_lvl" value="%level"/>
+ <property name="p_log" value="%logger"/>
+ <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/>
+ <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <!-- tabs -->
+ <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_thr" value="%thread"/>
+ <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/>
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="FILE" class="ch.qos.logback.core.FileAppender">
+ <file>/opt/app/logs/EELF/output.log</file>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
+ </logger>
+ <root level="info">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
+ </root>
</configuration>
name: localtime
readOnly: true
- name: {{ include "common.fullname" . }}-logs
- mountPath: /var/log/onap
+ mountPath: /opt/app/logs
+ readOnly: false
- mountPath: /opt/app/config/logback.xml
name: {{ include "common.fullname" . }}-log-conf
subPath: logback.xml
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ mountPath: /opt/app/logs/EELF
+ readOnly: false
- mountPath: /opt/app/config/application.properties
name: {{ include "common.fullname" . }}-config
subPath: application.properties
readOnly: true
+
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
- name: {{ include "common.fullname" . }}-data-filebeat
mountPath: /usr/share/filebeat/data
- name: {{ include "common.fullname" . }}-logs
- mountPath: /var/log/onap
+ mountPath: /opt/app/logs
volumes:
- name: localtime
emptyDir: {}
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
-
+ - name: {{ include "common.fullname" . }}-logs-eelf
+ emptyDir: {}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
#Example service definition with external, internal and node ports.
apiVersion: v1
description: ONAP POMBA Context Aggregator
name: pomba-contextaggregator
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
+++ /dev/null
-#!/bin/sh
-
-# Get the list of topic from curl ressult
-dmaap_mr_host=message-router
-dmaap_mr_port=3904
-temp_output_file=".tmpoutput"
-curl -X GET http://$dmaap_mr_host:$dmaap_mr_port/topics > $temp_output_file
-
-# Test topic POA-AUDIT-INIT, POA-AUDIT-RESULT, POA-RULE-VALIDATION
-TOPICS="POA-AUDIT-INIT POA-RULE-VALIDATION POA-AUDIT-RESULT"
-for i_topic in $TOPICS
-do
- echo "Looping ... topic: $i_topic"
- if grep -iFq "$i_topic" $temp_output_file
- then
- # code if found
- echo "$i_topic found."
- else
- # code if not found
- echo "$i_topic NOT found."
- curl -X POST -H "content-type: application/json" --data '{"event":"create topic"}' http://$dmaap_mr_host:$dmaap_mr_port/events/$i_topic
- fi
-done
-
-# remove the temp file
-rm -f $temp_output_file
-# Copyright © 2018 Amdocs
+# Copyright © 2018 Amdocs
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
security.protocol=TLS
connection.timeout.ms=60000
read.timeout.ms=60000
-base.uri=/sdccontextbuilder/service/context
+base.uri=/sdccontextbuilder/v2/service/context
---
apiVersion: v1
kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-pre-start-configmap
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/bin/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
metadata:
name: {{ include "common.fullname" . }}-log
namespace: {{ include "common.namespace" . }}
data:
-{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }}
\ No newline at end of file
+{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }}
- mountPath: /opt/app/config/builders
name: {{ include "common.fullname" . }}-config-builders
readOnly: true
- - mountPath: /opt/app/bin/pre_start.sh
- name: {{ include "common.fullname" . }}-pre-start
- subPath: pre_start.sh
- readOnly: false
- name: {{ include "common.fullname" . }}-logs
mountPath: /opt/app/logs
readOnly: false
affinity:
{{- toYaml .Values.affinity | indent 10 }}
{{- end }}
+
+ # Filebeat sidecar container
+ - name: {{ include "common.name" . }}-filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ mountPath: /usr/share/filebeat/data
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /opt/app/logs
+
volumes:
- name: localtime
hostPath:
- name: {{ include "common.fullname" . }}-config-builders
configMap:
name: {{ include "common.fullname" . }}-configmap-builders
- - name: {{ include "common.fullname" . }}-pre-start
+ - name: {{ include "common.fullname" . }}-filebeat-conf
configMap:
- name: {{ include "common.fullname" . }}-pre-start-configmap
- defaultMode: 0777
+ name: {{ .Release.Name }}-pomba-filebeat-configmap
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ emptyDir: {}
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
- name: {{ include "common.fullname" . }}-log-conf
-# Copyright (c) 2018 Amdocs, Bell Canada
+# Copyright © 2018 Amdocs
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
- annotations:
-# Example MSB registration annotation
-# msb.onap.org/service-info: '[
-# {
-# "serviceName": "controller-blueprints",
-# "version": "v1",
-# "url": "/ecomp/mso/infra",
-# "protocol": "REST"
-# "port": "8080",
-# "visualRange":"1"
-# }
-# ]'
spec:
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
+ #Example internal target port if required
+ #targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
name: {{ .Values.service.portName | default "http" }}
{{- else -}}
{{- end}}
selector:
app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
\ No newline at end of file
+ release: {{ .Release.Name }}
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
enabled: false
#Services may use any combination of ports depending on the 'type' of
#service being defined.
- #type: ClusterIP
- #externalPort: 9529
+ type: ClusterIP
+ externalPort: 9529
internalPort: 9529
#nodePort: <replace with unused node port suffix eg. 23>
# optional port name override - default can be defined in service.yaml
apiVersion: v1
description: ONAP POMBA Data-Router
name: pomba-data-router
-version: 3.0.0
+version: 4.0.0
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+
+ # Filebeat sidecar container
+ - name: {{ include "common.name" . }}-filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ mountPath: /usr/share/filebeat/data
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /opt/app/logs
+
volumes:
- name: localtime
hostPath:
path: data-router.properties
- key: schemaIngest.properties
path: schemaIngest.properties
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ configMap:
+ name: {{ .Release.Name }}-pomba-filebeat-configmap
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ emptyDir: {}
- name: {{ include "common.fullname" . }}-dynamic-route
configMap:
name: {{ include "common.fullname" . }}-dynamic
# application image
repository: nexus3.onap.org:10001
-image: onap/data-router:1.3.1
+image: onap/data-router:1.3.3
pullPolicy: Always
restartPolicy: Always
apiVersion: v1
description: ONAP POMBA Elasticsearch
name: pomba-elasticsearch
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
# application image
loggingRepository: docker.elastic.co
-image: elasticsearch/elasticsearch:6.3.1
+image: elasticsearch/elasticsearch:6.6.2
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP POMBA Kibana
name: pomba-kibana
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
+++ /dev/null
-{
- "service-validations": {
- "mappings": {
- "default": {
- "properties": {
- "modelInvariantId": {
- "type": "text"
- },
- "modelName": {
- "type": "text"
- },
- "modelVersionId": {
- "type": "text"
- },
- "result": {
- "type": "text"
- },
- "serviceInstanceId": {
- "type": "text"
- },
- "validationId": {
- "type": "text"
- },
- "validationTimestamp": {
- "type": "date",
- "format": "MMM d y HH:m:s||dd-MM-yyyy HH:mm:ss||yyyy-MM-dd'T'HH:mm:ss.SSSZZ||MM/dd/yyyy||yyyyMMdd'T'HHmmssZ"
- },
- "violations": {
- "type": "nested",
- "properties": {
- "category": {
- "type": "text"
- },
- "errorMessage": {
- "type": "text"
- },
- "modelName": {
- "type": "text"
- },
- "severity": {
- "type": "text"
- },
- "validationRule": {
- "type": "text"
- },
- "violationDetails": {
- "properties": {
- "context-list-aai-vf-list[*]": {
- "properties": {
- "invariant-id": {
- "type": "text"
- },
- "name": {
- "type": "text"
- },
- "nf-naming-code": {
- "type": "text"
- },
- "type": {
- "type": "text"
- },
- "uuid": {
- "type": "text"
- },
- "vf-module-list": {
- "properties": {
- "invariant-id": {
- "type": "text"
- },
- "max-instances": {
- "type": "long"
- },
- "min-instances": {
- "type": "long"
- },
- "uuid": {
- "type": "text"
- }
- }
- },
- "vnfc-list": {
- "properties": {
- "name": {
- "type": "text"
- },
- "nfc-naming-code": {
- "type": "text"
- }
- }
- }
- }
- },
- "context-list-aai-vf-list[*]-name": {
- "type": "text"
- },
- "context-list-aai-vf-list[*]-type": {
- "type": "text"
- },
- "context-list-aai-vf[*]-name": {
- "type": "text"
- },
- "context-list-aai-vf[*]-type": {
- "type": "text"
- },
- "context-list-sdc-service-name": {
- "type": "text"
- },
- "context-list-sdc-vf-list[*]": {
- "properties": {
- "invariant-id": {
- "type": "text"
- },
- "name": {
- "type": "text"
- },
- "type": {
- "type": "text"
- },
- "uuid": {
- "type": "text"
- },
- "vf-module-list": {
- "properties": {
- "invariant-id": {
- "type": "text"
- },
- "max-instances": {
- "type": "long"
- },
- "min-instances": {
- "type": "long"
- },
- "uuid": {
- "type": "text"
- }
- }
- },
- "vnfc-list": {
- "properties": {
- "invariant-id": {
- "type": "text"
- },
- "name": {
- "type": "text"
- },
- "nfc-naming-code": {
- "type": "text"
- },
- "uuid": {
- "type": "text"
- }
- }
- }
- }
- },
- "context-list-sdnc-vf-list[*]-name": {
- "type": "text"
- },
- "context-list-sdnc-vf-list[*]-type": {
- "type": "text"
- },
- "context-list-sdnc-vf[*]-name": {
- "type": "text"
- },
- "context-list-sdnc-vf[*]-type": {
- "type": "text"
- }
- }
- },
- "violationId": {
- "type": "text"
- },
- "violationTimestamp": {
- "type": "date",
- "format": "MMM d y HH:m:s||dd-MM-yyyy HH:mm:ss||yyyy-MM-dd'T'HH:mm:ss.SSSZZ||MM/dd/yyyy||yyyyMMdd'T'HHmmssZ"
- },
- "violationType": {
- "type": "text"
- }
- }
- },
- "client": {
- "type": "text"
- },
- "requestId": {
- "type": "text"
- }
- }
- }
- }
- }
-}
+++ /dev/null
-{
- "service-violations": {
- "mappings": {
- "default": {
- "properties": {
- "category": {
- "type": "text"
- },
- "message": {
- "type": "text"
- },
- "modelInvariantId": {
- "type": "text"
- },
- "modelVersionId": {
- "type": "text"
- },
- "serviceInstanceId": {
- "type": "text"
- },
- "severity": {
- "type": "text"
- },
- "validationId": {
- "type": "text"
- },
- "validationRule": {
- "type": "text"
- },
- "validationTimestamp": {
- "type": "date",
- "format": "MMM d y HH:m:s||dd-MM-yyyy HH:mm:ss||yyyy-MM-dd'T'HH:mm:ss.SSSZZ||MM/dd/yyyy||yyyyMMdd'T'HHmmssZ"
- },
- "violationId": {
- "type": "text"
- },
- "violationTimestamp": {
- "type": "date",
- "format": "MMM d y HH:m:s||dd-MM-yyyy HH:mm:ss||yyyy-MM-dd'T'HH:mm:ss.SSSZZ||MM/dd/yyyy||yyyyMMdd'T'HHmmssZ"
- },
- "violationType": {
- "type": "text"
- }
- }
- }
- }
- }
-}
\ No newline at end of file
- mountPath: /config/default.json
name: {{ include "common.fullname" . }}
subPath: default.json
- - args:
- - --output=http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}/service-validations
- - --input=/config/validationsDump.json
- - --type=mapping
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ .Values.configRepository }}/{{ .Values.configImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-config-validation
- volumeMounts:
- - mountPath: /config/validationsDump.json
- name: {{ include "common.fullname" . }}
- subPath: validationsDump.json
- - args:
- - --output=http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}/service-violations
- - --input=/config/violationsDump.json
- - --type=mapping
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ .Values.configRepository }}/{{ .Values.configImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-config-violation
- volumeMounts:
- - mountPath: /config/violationsDump.json
- name: {{ include "common.fullname" . }}
- subPath: violationsDump.json
containers:
- name: {{ include "common.name" . }}
image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.image }}"
path: kibana.yml
- key: default.json
path: default.json
- - key: validationsDump.json
- path: validationsDump.json
- - key: violationsDump.json
- path: violationsDump.json
- key: default-mapping.json
path: default-mapping.json
- name: {{ include "common.fullname" . }}-auth
# application image
loggingRepository: docker.elastic.co
-image: kibana/kibana:6.3.1
+image: kibana/kibana:6.6.2
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1\r
description: ONAP POMBA Network Discovery\r
name: pomba-networkdiscovery\r
-version: 3.0.0\r
+version: 4.0.0\r
\r
dependencies:\r
- name: common\r
- version: ~3.0.0\r
+ version: ~4.x-0\r
repository: '@local'\r
openstack.identity.user ={{ .Values.config.openstackUserId }}
openstack.identity.password ={{ .Values.config.openstackPassword }}
-openstack.types = vserver, l3-network
+openstack.types = vserver, l3-network, port
openstack.type.vserver.url = {{ .Values.config.openstackTypeVserverUrl }}
openstack.type.l3-network.url = {{ .Values.config.openstackTypeL3NetworkUrl }}
+openstack.type.port.url = {{ .Values.config.openstackTypePortUrl }}
openstack.api.microversion = 2.42
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/network-discovery:1.4.1-latest
+image: onap/network-discovery:1.5.0-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
# Openstack Rest API URLs:
openstackTypeVserverUrl: http://10.69.36.11:8774/v2.1/servers/{0}
openstackTypeL3NetworkUrl: http://10.69.36.11:9696/v2.0/networks/{0}
+ openstackTypePortUrl: http://10.69.36.11:9696/v2.0/ports/{0}
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
#Example service definition with external, internal and node ports.
apiVersion: v1
description: ONAP POMBA Network Discovery Context Builder
name: pomba-networkdiscoveryctxbuilder
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
#Example service definition with external, internal and node ports.
apiVersion: v1
description: ONAP POMBA SDC Context Builder
name: pomba-sdcctxbuilder
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ # Filebeat sidecar container
+ - name: {{ include "common.name" . }}-filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ mountPath: /usr/share/filebeat/data
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /opt/app/logs
+
volumes:
- name: localtime
hostPath:
- name: {{ include "common.fullname" . }}-log-conf
configMap:
name: {{ include "common.fullname" . }}-log
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ configMap:
+ name: {{ .Release.Name }}-pomba-filebeat-configmap
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ emptyDir: {}
- name: {{ include "common.fullname" . }}-logs-eelf
emptyDir: {}
imagePullSecrets:
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
#Example service definition with external, internal and node ports.
apiVersion: v1
description: ONAP POMBA SDNC Context Builder
name: pomba-sdncctxbuilder
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
camel.springboot.xmlRoutes = file:config/dynamic/routes/*.route
service.xml.beans = config/dynamic/conf/*.xml
-server.contextPath=/sdnccontextbuilder/v1
+server.contextPath=/sdnccontextbuilder
spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
#This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma
aai.http.userId={{ .Values.config.aaiHttpUserId }}
aai.http.password={{ .Values.config.aaiHttpPassword }}
-aai.searchNodeQuery=/aai/v11/search/nodes-query?search-node-type=service-instance&filter=service-instance-id:EQUALS:
-aai.customerQuery=/aai/v11/business/customers/customer/
-aai.serviceInstancePath=/aai/v11/business/customers/customer/{0}/service-subscriptions/service-subscription/{1}/service-instances/service-instance/{2}
+aai.serviceInstanceQuery=/aai/v13/nodes/service-instance/{0}
# SDNC REST Client Configuration
sdnc.serviceName={{ .Values.config.sdncServiceName }}.{{.Release.Namespace}}
sdnc.connectionTimeout={{ .Values.config.sdncConnectionTimeout }}
sdnc.readTimeout={{ .Values.config.sdncReadTimeout }}
sdnc.genericResourcePath=/restconf/config/GENERIC-RESOURCE-API:services/service/{0}
+sdnc.portMirrorResourcePath=/restconf/config/GENERIC-RESOURCE-API:port-mirror-configurations/port-mirror-configuration/{0}/configuration-data/configuration-operation-information/port-mirror-configuration-request-input
sdnc.vnfPath=/restconf/config/VNF-API:vnfs/vnf-list/{0}
#Servlet context parameters
apiVersion: v1
description: ONAP POMBA search-data
name: pomba-search-data
-version: 3.0.0
+version: 4.0.0
{
- "attr-translations": [{
- "from": "\"type\":\"string\",\"index\":\"analyzed\"",
- "to": "\"type\":\"text\",\"index\":\"true\""
- },
+ "attr-translations": [
{
- "from": "\"type\":\"string\",\"index\":\"not_analyzed\"",
- "to": "\"type\":\"keyword\",\"index\":\"true\""
+ "query": "$..[?(@.type=='string' && @.index=='analyzed')]",
+ "update": {"type": "text", "index": true, "fielddata": true}
},
{
- "from": "\"type\":\"string\"",
- "to": "\"type\":\"text\""
+ "query": "$..[?(@.type=='string' && @.index=='not_analyzed')]",
+ "update": {"type": "keyword", "index": true}
},
{
- "from": "searchable",
- "to": "index"
+ "query": "$..[?(@.type=='string' && !@.index)]",
+ "update": {"type": "text", "fielddata": true}
}
]
}
\ No newline at end of file
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
apiVersion: v1\r
description: ONAP POMBA Network Discovery Service Decomposition\r
name: pomba-servicedecomposition\r
-version: 3.0.0\r
+version: 4.0.0\r
\r
dependencies:\r
- name: common\r
- version: ~3.0.0\r
+ version: ~4.x-0\r
repository: '@local'\r
aai.securityProtocol=TLS
aai.connectionTimeout=60000
aai.readTimeout=60000
-aai.resourceList=vnfc,vserver,l3-network
+aai.resourceList=vnfc,vserver,l3-network,pserver
aai.serviceInstancePath=/aai/v13/nodes/service-instance/{0}
+aai.urlDepth=2
#Servlet context parameters
server.context_parameters.p-name=value #context parameter with p-name as key and value as value.
-<configuration>\r
- <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/>\r
- <property name="p_lvl" value="%level"/>\r
- <property name="p_log" value="%logger"/>\r
- <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/>\r
- <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/>\r
- <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/>\r
- <!-- tabs -->\r
- <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/>\r
- <property name="p_thr" value="%thread"/>\r
- <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/>\r
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">\r
- <encoder>\r
- <pattern>${pattern}</pattern>\r
- </encoder>\r
- </appender>\r
- <appender name="FILE" class="ch.qos.logback.core.FileAppender">\r
- <file>output.log</file>\r
- <encoder>\r
- <pattern>${pattern}</pattern>\r
- </encoder>\r
- </appender>\r
- <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false">\r
- <appender-ref ref="STDOUT" />\r
- <appender-ref ref="FILE" />\r
- </logger>\r
- <root level="INFO">\r
- <appender-ref ref="STDOUT" />\r
- </root>\r
-</configuration>\r
+<configuration>
+ <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/>
+ <property name="p_lvl" value="%level"/>
+ <property name="p_log" value="%logger"/>
+ <property name="p_mdc" value="%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}"/>
+ <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <!-- tabs -->
+ <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/>
+ <property name="p_thr" value="%thread"/>
+ <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/>
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="FILE" class="ch.qos.logback.core.FileAppender">
+ <file>logs/EELF/output.log</file>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <logger level="INFO" name="org.onap.logging.ref.slf4j" additivity="false">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
+ </logger>
+ <root level="INFO">
+ <appender-ref ref="STDOUT" />
+ <appender-ref ref="FILE" />
+ </root>
+</configuration>
\ No newline at end of file
-# Copyright © 2018 Amdocs
+# Copyright © 2018 Amdocs
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/service-decomposition:1.4.2
+image: onap/service-decomposition:1.5.0-SNAPSHOT-latest
pullPolicy: Always
# flag to enable debugging - application support required
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
#Example service definition with external, internal and node ports.
apiVersion: v1
description: POMBA Validaton-Service
name: pomba-validation-service
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
// NDCB-AAI comparison: Context level
useRule {
- name 'NDCB-AAI-attribute-comparison'
+ name 'Attribute-comparison'
attributes 'context-list.ndcb', 'context-list.aai'
}
// NDCB-AAI comparison: Service entity
useRule {
- name 'NDCB-AAI-attribute-comparison'
+ name 'Attribute-comparison'
attributes 'context-list.ndcb.service', 'context-list.aai.service'
}
- // NDCB-AAI comparison: VF list
+ // NDCB-AAI comparison: Context level network list
useRule {
- name 'NDCB-AAI-attribute-comparison'
+ name 'Attribute-comparison'
+ attributes 'context-list.ndcb.networkList[*]', 'context-list.aai.networkList[*]'
+ }
+
+ // NDCB-AAI comparison: VNF list
+ useRule {
+ name 'Attribute-comparison'
attributes 'context-list.ndcb.vnfList[*]', 'context-list.aai.vnfList[*]'
}
+ // NDCB-AAI comparison: VNF network list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.ndcb.vnfList[*].networkList[*]', 'context-list.aai.vnfList[*].networkList[*]'
+ }
+
// NDCB-AAI comparison: VF-Module list
useRule {
- name 'NDCB-AAI-attribute-comparison'
+ name 'Attribute-comparison'
attributes 'context-list.ndcb.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]'
}
+ // NDCB-AAI comparison: VF-Module network list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]'
+ }
+
// NDCB-AAI comparison: VNFC list
useRule {
- name 'NDCB-AAI-attribute-comparison'
+ name 'Attribute-comparison'
attributes 'context-list.ndcb.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]'
}
// NDCB-AAI comparison: VM list
useRule {
- name 'NDCB-AAI-attribute-comparison'
+ name 'Attribute-comparison'
attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].vmList[*]'
}
- // NDCB-AAI comparison: Network list
+ // NDCB-AAI comparison: P-Interface list
useRule {
- name 'NDCB-AAI-attribute-comparison'
- attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]'
+ name 'Attribute-comparison'
+ attributes 'context-list.ndcb.pnfList[*].pInterfaceList[*]', 'context-list.aai.pnfList[*].pInterfaceList[*]'
}
-
+
+
// SDNC-AAI comparison: Context level
useRule {
- name 'SDNC-AAI-attribute-comparison'
+ name 'Attribute-comparison'
attributes 'context-list.sdnc', 'context-list.aai'
}
// SDNC-AAI comparison: Service entity
useRule {
- name 'SDNC-AAI-attribute-comparison'
+ name 'Attribute-comparison'
attributes 'context-list.sdnc.service', 'context-list.aai.service'
}
- // SDNC-AAI comparison: VF list
+ // SDNC-AAI comparison: Context level network list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.networkList[*]', 'context-list.aai.networkList[*]'
+ }
+
+ // SDNC-AAI comparison: VNF list
useRule {
- name 'SDNC-AAI-attribute-comparison'
+ name 'Attribute-comparison'
attributes 'context-list.sdnc.vnfList[*]', 'context-list.aai.vnfList[*]'
}
+ // SDNC-AAI comparison: VNF network list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.vnfList[*].networkList[*]', 'context-list.aai.vnfList[*].networkList[*]'
+ }
+
// SDNC-AAI comparison: VF-Module list
useRule {
- name 'SDNC-AAI-attribute-comparison'
+ name 'Attribute-comparison'
attributes 'context-list.sdnc.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]'
}
+ // SDNC-AAI comparison: VF-Module network list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]'
+ }
+
// SDNC-AAI comparison: VNFC list
useRule {
- name 'SDNC-AAI-attribute-comparison'
+ name 'Attribute-comparison'
attributes 'context-list.sdnc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]'
}
// SDNC-AAI comparison: VM list
useRule {
- name 'SDNC-AAI-attribute-comparison'
+ name 'Attribute-comparison'
attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].vmList[*]'
}
- // SDNC-AAI comparison: Network list
+ // AAI-SDNC PNF name validation
useRule {
- name 'SDNC-AAI-attribute-comparison'
- attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]'
+ name 'AAI-SDNC-pnf-name-check'
+ attributes 'context-list.aai.pnfList[*].name', 'context-list.sdnc.pnfList[*].name'
}
+
// SDNC-NDCB comparison: Context level
useRule {
- name 'SDNC-NDCB-attribute-comparison'
+ name 'Attribute-comparison'
attributes 'context-list.sdnc', 'context-list.ndcb'
}
// SDNC-NDCB comparison: Service entity
useRule {
- name 'SDNC-NDCB-attribute-comparison'
+ name 'Attribute-comparison'
attributes 'context-list.sdnc.service', 'context-list.ndcb.service'
}
- // SDNC-NDCB comparison: VF list
+ // SDNC-NDCB comparison: Context level network list
useRule {
- name 'SDNC-NDCB-attribute-comparison'
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.networkList[*]', 'context-list.ndcb.networkList[*]'
+ }
+
+ // SDNC-NDCB comparison: VNF list
+ useRule {
+ name 'Attribute-comparison'
attributes 'context-list.sdnc.vnfList[*]', 'context-list.ndcb.vnfList[*]'
}
+ // SDNC-NDCB comparison: VNF network list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.vnfList[*].networkList[*]', 'context-list.ndcb.vnfList[*].networkList[*]'
+ }
+
// SDNC-NDCB comparison: VF-Module list
useRule {
- name 'SDNC-NDCB-attribute-comparison'
+ name 'Attribute-comparison'
attributes 'context-list.sdnc.vnfList[*].vfModuleList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*]'
}
+ // SDNC-NDCB comparison: VF-Module network list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]'
+ }
+
// SDNC-NDCB comparison: VNFC list
useRule {
- name 'SDNC-NDCB-attribute-comparison'
+ name 'Attribute-comparison'
attributes 'context-list.sdnc.vnfList[*].vnfcList[*]', 'context-list.ndcb.vnfList[*].vnfcList[*]'
}
// SDNC-NDCB comparison: VM list
useRule {
- name 'SDNC-NDCB-attribute-comparison'
+ name 'Attribute-comparison'
attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*].vmList[*]'
}
- // SDNC-NDCB comparison: Network list
- useRule {
- name 'SDNC-NDCB-attribute-comparison'
- attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]'
- }
-
+
+
// SDC-AAI VNFC type
useRule {
name 'SDC-AAI-vnfc-type'
}
rule {
- name 'NDCB-AAI-attribute-comparison'
- category 'Attribute Mismatch'
- description 'Verify that all attributes in Network-Discovery are the same as in AAI'
- errorText 'Error found with attribute "{0}"; Network-Discovery value does not match AAI value "{1}"'
- severity 'ERROR'
- attributes 'ndcbItems', 'aaiItems'
- validate '''
- Closure<java.util.Map> getAttributes = { parsedData ->
- java.util.Map attributeMap = new java.util.HashMap()
-
- def isAttributeDataQualityOk = { attribute ->
- attribute.findResult{ k, v -> if(k.equals("dataQuality") ) {return v.get("status")}}.equals("ok")
- }
-
- def addToMap = { attrKey, attrValue ->
- java.util.Set values = attributeMap.get("$attrKey")
- if(values == null) {
- values = new java.util.HashSet()
- attributeMap.put("$attrKey", values)
- }
- values.add("$attrValue")
- }
-
- def addAttributeToMap = { attribute ->
- if(isAttributeDataQualityOk(attribute)) {
- String key, value
- attribute.each { k, v ->
- if(k.equals("name")) {key = "$v"}
- if(k.equals("value")) {value = "$v"}
- }
- addToMap("$key", "$value")
- }
- }
-
- def processKeyValue = { key, value ->
- if(value instanceof java.util.ArrayList) {
- if(key.equals("attributeList")) {
- value.each {
- addAttributeToMap(it)
- }
- }
- } else if(!(value instanceof groovy.json.internal.LazyMap)) {
- // only add key-value attributes, skip the rest
- addToMap("$key", "$value")
- }
- }
-
- if(parsedData instanceof java.util.ArrayList) {
- parsedData.each {
- it.each { key, value -> processKeyValue(key, value) }
- }
- } else {
- parsedData.each { key, value -> processKeyValue(key, value) }
- }
- return attributeMap
- }
-
- def slurper = new groovy.json.JsonSlurper()
- java.util.Map ndcb = getAttributes(slurper.parseText(ndcbItems.toString()))
- java.util.Map aai = getAttributes(slurper.parseText(aaiItems.toString()))
-
- boolean result = true
- List<String> details = new ArrayList<>();
- ndcb.any{ ndcbKey, ndcbValueList ->
- def aaiValueList = aai.get("$ndcbKey")
- aaiValueList.each{ aaiValue ->
- if(!ndcbValueList.any{ it == "$aaiValue" }) {
- result = false
- details.add("$ndcbKey")
- details.add("$aaiValue")
- }
- }
- if(result == false) {
- // break out of 'any' loop
- return true
- }
- }
- return new Tuple2(result, details)
- '''
-}
-
-rule {
- name 'SDNC-AAI-attribute-comparison'
- category 'Attribute Mismatch'
- description 'Verify that all attributes in SDN-C are the same as in AAI'
- errorText 'Error found with attribute "{0}"; SDN-C value does not match AAI value "{1}"'
- severity 'ERROR'
- attributes 'sdncItems', 'aaiItems'
- validate '''
- Closure<java.util.Map> getAttributes = { parsedData ->
- java.util.Map attributeMap = new java.util.HashMap()
-
- def isAttributeDataQualityOk = { attribute ->
- attribute.findResult{ k, v -> if(k.equals("dataQuality") ) {return v.get("status")}}.equals("ok")
- }
-
- def addToMap = { attrKey, attrValue ->
- java.util.Set values = attributeMap.get("$attrKey")
- if(values == null) {
- values = new java.util.HashSet()
- attributeMap.put("$attrKey", values)
- }
- values.add("$attrValue")
- }
-
- def addAttributeToMap = { attribute ->
- if(isAttributeDataQualityOk(attribute)) {
- String key, value
- attribute.each { k, v ->
- if(k.equals("name")) {key = "$v"}
- if(k.equals("value")) {value = "$v"}
- }
- addToMap("$key", "$value")
- }
- }
-
- def processKeyValue = { key, value ->
- if(value instanceof java.util.ArrayList) {
- if(key.equals("attributeList")) {
- value.each {
- addAttributeToMap(it)
- }
- }
- } else if(!(value instanceof groovy.json.internal.LazyMap)) {
- // only add key-value attributes, skip the rest
- addToMap("$key", "$value")
- }
- }
-
- if(parsedData instanceof java.util.ArrayList) {
- parsedData.each {
- it.each { key, value -> processKeyValue(key, value) }
- }
- } else {
- parsedData.each { key, value -> processKeyValue(key, value) }
- }
- return attributeMap
- }
-
- def slurper = new groovy.json.JsonSlurper()
- java.util.Map sdnc = getAttributes(slurper.parseText(sdncItems.toString()))
- java.util.Map aai = getAttributes(slurper.parseText(aaiItems.toString()))
-
- boolean result = true
- List<String> details = new ArrayList<>();
- sdnc.any{ sdncKey, sdncValueList ->
- def aaiValueList = aai.get("$sdncKey")
- aaiValueList.each{ aaiValue ->
- if(!sdncValueList.any{ it == "$aaiValue" }) {
- result = false
- details.add("$sdncKey")
- details.add("$aaiValue")
- }
- }
- if(result == false) {
- // break out of 'any' loop
- return true
- }
- }
- return new Tuple2(result, details)
- '''
-}
-
-
-rule {
- name 'SDNC-NDCB-attribute-comparison'
+ name 'Attribute-comparison'
category 'Attribute Mismatch'
- description 'Verify that all attributes in SDN-C are the same as in Network Discovery'
- errorText 'Error found with attribute "{0}"; SDN-C value does not match Network-Discovery value "{1}"'
+ description 'Determine all discrepancies between values for attributes with matching names from each model'
+ errorText 'Error found with attribute(s) and values: {0}'
severity 'ERROR'
- attributes 'sdncItems', 'ndcbItems'
+ attributes 'lhsObject', 'rhsObject'
validate '''
- Closure<java.util.Map> getAttributes = { parsedData ->
- java.util.Map attributeMap = new java.util.HashMap()
-
- def isAttributeDataQualityOk = { attribute ->
- attribute.findResult{ k, v -> if(k.equals("dataQuality") ) {return v.get("status")}}.equals("ok")
- }
-
- def addToMap = { attrKey, attrValue ->
- java.util.Set values = attributeMap.get("$attrKey")
- if(values == null) {
- values = new java.util.HashSet()
- attributeMap.put("$attrKey", values)
- }
- values.add("$attrValue")
- }
-
- def addAttributeToMap = { attribute ->
- if(isAttributeDataQualityOk(attribute)) {
- String key, value
- attribute.each { k, v ->
- if(k.equals("name")) {key = "$v"}
- if(k.equals("value")) {value = "$v"}
- }
- addToMap("$key", "$value")
- }
- }
-
- def processKeyValue = { key, value ->
- if(value instanceof java.util.ArrayList) {
- if(key.equals("attributeList")) {
- value.each {
- addAttributeToMap(it)
- }
- }
- } else if(!(value instanceof groovy.json.internal.LazyMap)) {
- // only add key-value attributes, skip the rest
- addToMap("$key", "$value")
- }
- }
-
- if(parsedData instanceof java.util.ArrayList) {
- parsedData.each {
- it.each { key, value -> processKeyValue(key, value) }
- }
- } else {
- parsedData.each { key, value -> processKeyValue(key, value) }
- }
- return attributeMap
- }
-
- def slurper = new groovy.json.JsonSlurper()
- java.util.Map sdnc = getAttributes(slurper.parseText(sdncItems.toString()))
- java.util.Map ndcb = getAttributes(slurper.parseText(ndcbItems.toString()))
-
- boolean result = true
- List<String> details = new ArrayList<>();
- sdnc.any{ sdncKey, sdncValueList ->
- def ndcbValueList = ndcb.get("$sdncKey")
- ndcbValueList.each{ ndcbValue ->
- if(!sdncValueList.any{ it == "$ndcbValue" }) {
- result = false
- details.add("$sdncKey")
- details.add("$ndcbValue")
- }
- }
- if(result == false) {
- // break out of 'any' loop
- return true
- }
- }
- return new Tuple2(result, details)
+ // This closure extracts the given object's root level attributes and contents of the attribute list.
+ // Complex items like lists are excluded.
+ // Returns a map containing attribute names as keys, mapping to a list of values for each attribute.
+ Closure<java.util.Map> getAttributes = { parsedData ->
+ java.util.Map attributeMap = new java.util.HashMap()
+
+ def isAttributeDataQualityOk = { attribute ->
+ attribute.findResult{ k, v -> if(k.equals("dataQuality") ) {return v.get("status")}}.equals("ok")
+ }
+
+ def addToMap = { attrKey, attrValue ->
+ java.util.Set values = attributeMap.get("$attrKey")
+ if(values == null) {
+ values = new java.util.HashSet()
+ attributeMap.put("$attrKey", values)
+ }
+ values.add("$attrValue")
+ }
+
+ def addAttributeToMap = { attribute ->
+ if(isAttributeDataQualityOk(attribute)) {
+ String key, value
+ attribute.each { k, v ->
+ if(k.equals("name")) {key = "$v"}
+ if(k.equals("value")) {value = "$v"}
+ }
+ addToMap("$key", "$value")
+ }
+ }
+
+ def processKeyValue = { key, value ->
+ if(value instanceof java.util.ArrayList) {
+ if(key.equals("attributeList")) {
+ value.each {
+ addAttributeToMap(it)
+ }
+ }
+ } else if(!(value instanceof groovy.json.internal.LazyMap)) {
+ // only add key-value attributes, skip the rest
+ addToMap("$key", "$value")
+ }
+ }
+
+ if(parsedData instanceof java.util.ArrayList) {
+ parsedData.each {
+ it.each { key, value -> processKeyValue(key, value) }
+ }
+ } else {
+ parsedData.each { key, value -> processKeyValue(key, value) }
+ }
+ return attributeMap
+ }
+
+ // This closure compares all values for each key from the left map, to values of the same key from the right map.
+ // Returns a map of attributes with mismatched or missing values (i.e. attribute name mapped to list of failed values).
+ Closure<java.util.Map> compareAttributes = { java.util.Map left, java.util.Map right ->
+ java.util.Map violationMap = new java.util.HashMap()
+ left.each{ leftKey, leftValueList ->
+ def rightValueList = right.get("$leftKey")
+ rightValueList.each{ rightValue ->
+ if(!leftValueList.any{ it == "$rightValue" }) {
+ def existingValues = violationMap.get(leftKey)
+ if(existingValues) {
+ existingValues.add("$rightValue")
+ } else {
+ java.util.Set newValues = new HashSet()
+ newValues.add("$rightValue")
+ violationMap.put("$leftKey", newValues)
+ }
+ }
+ }
+ }
+ return violationMap
+ }
+
+ // This closure merges the given maps into a new map.
+ // Returns a map containing all keys and their values from both maps.
+ Closure<java.util.Map> mergeMaps = { java.util.Map left, java.util.Map right ->
+ if(left.isEmpty() && right.isEmpty()) {
+ return [:]
+ } else if(left.isEmpty()) {
+ return right
+ } else if(right.isEmpty()) {
+ return left
+ }
+ java.util.Map merged = new java.util.HashMap()
+ merged.putAll(left)
+ right.each{ rightKey, rightValues ->
+ java.util.Set mergedValues = merged.get(rightKey)
+ if(mergedValues == null) {
+ merged.put(rightKey, rightValues)
+ } else {
+ mergedValues.addAll(rightValues)
+ }
+ }
+ return merged
+ }
+
+ def slurper = new groovy.json.JsonSlurper()
+ java.util.Map lhsAttributes = getAttributes(slurper.parseText(lhsObject.toString()))
+ java.util.Map rhsAttributes = getAttributes(slurper.parseText(rhsObject.toString()))
+
+ def leftToRight = compareAttributes(lhsAttributes, rhsAttributes)
+ def rightToLeft = compareAttributes(rhsAttributes, lhsAttributes)
+ def mergedResults = mergeMaps(leftToRight, rightToLeft)
+
+ boolean success = true
+ List<String> details = new ArrayList<>()
+ if(!mergedResults.isEmpty()) {
+ success = false
+ details.add(mergedResults.toString())
+ }
+ return new Tuple2(success, details)
'''
}
return new Tuple2(success, details)
'''
}
+
+rule {
+ name 'AAI-SDNC-pnf-name-check'
+ category 'PNF Consistency'
+ description 'Validate that each PNF name in AAI matches a PNF name in the SDNC model'
+ errorText 'AAI PNF names do not match SDNC - {0}'
+ severity 'ERROR'
+ attributes 'aaiNames', 'sdncNames'
+ validate '''
+ def addName = { values, key ->
+ values.add("$key")
+ }
+
+ List<String> errorReasons = new ArrayList();
+
+ if (aaiNames.size() != sdncNames.size()) {
+ errorReasons.add("Number of PNFs don't match; aai has ${aaiNames.size()}, sdnc has ${sdncNames.size()}")
+ return new Tuple2(false, errorReasons)
+ }
+
+ // collect all the "name" values from AAI and SDNC into two Sets.
+ Set aaiNameSet = new java.util.HashSet()
+ aaiNames.each {
+ aValue -> addName(aaiNameSet, aValue)
+ }
+
+ Set sdncNameSet = new java.util.HashSet()
+ sdncNames.each {
+ aValue -> addName(sdncNameSet, aValue)
+ }
+
+ // Validate that the names match by comparing the size of the two Sets.
+ if (aaiNameSet.size() != sdncNameSet.size()) {
+ errorReasons.add("Number of distinct PNF names don't match; aai: ${aaiNameSet}, sdnc: ${sdncNameSet}")
+ return new Tuple2(false, errorReasons)
+ }
+
+ Set combinedSet = new HashSet();
+ combinedSet.addAll(aaiNameSet);
+ combinedSet.addAll(sdncNameSet);
+ if (combinedSet.size() != aaiNameSet.size()) {
+ errorReasons.add("PNF names don't match; aai names: ${aaiNameSet}, sdnc names: ${sdncNameSet}")
+ return new Tuple2(false, errorReasons)
+ }
+
+ return true
+
+ '''
+}
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ # Filebeat sidecar container
+ - name: {{ include "common.name" . }}-filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ mountPath: /usr/share/filebeat/data
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /opt/app/logs
+
volumes:
- name: localtime
hostPath:
path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ configMap:
+ name: {{ .Release.Name }}-pomba-filebeat-configmap
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ emptyDir: {}
- name: root-config-app-prop
configMap:
name: {{ include "common.fullname" . }}-root-config
defaultMode: 0644
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
- name: properties
configMap:
name: {{ include "common.fullname" . }}-config-properties
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: false
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
enabled: false
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
- input_type: log
#This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
paths:
+ - /opt/app/logs/EELF/*/*.log
+ - /opt/app/logs/EELF/*.log
- /var/log/onap/*/*/*/*.log
- /var/log/onap/*/*/*.log
- /var/log/onap/*/*.log
+ - /var/log/onap/*.log
+ - /logs/*/*.log
+ - /logs/*.log
+
#Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
ignore_older: 48h
# Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
apiVersion: v1
description: ONAP Web Portal
name: portal
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Portal application
name: portal-app
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: Portal cassandra
name: portal-cassandra
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: MariaDB Service
name: portal-mariadb
-version: 3.0.0
+version: 4.0.0
-- vid
update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', ueb_key='2Re7Pvdkgw5aeAUD', auth_central = 'Y' , auth_namespace = 'org.onap.vid' where app_id = 6;
-- aai sparky
-update fn_app set app_username='aaiui', app_password='4LK69amiIFtuzcl6Gsv97Tt7MLhzo03aoOx7dTvdjKQ=', ueb_key='ueb_key' where app_id = 7;
\ No newline at end of file
+update fn_app set app_username='aaiui', app_password='4LK69amiIFtuzcl6Gsv97Tt7MLhzo03aoOx7dTvdjKQ=', ueb_key='ueb_key_7' where app_id = 7;
\ No newline at end of file
apiVersion: v1
description: Portal software development kit
name: portal-sdk
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Portal widgets micro service application
name: portal-widget
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: Zookeeper for ONAP Portal
name: portal-zookeeper
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
apiVersion: v1
description: A helm Chart for kubernetes-ONAP Robot
name: robot
-version: 3.0.0
+version: 4.0.0
TAG="distributeVFWNG"
shift
;;
+ distributeDemoVFWDT)
+ TAG="DistributeDemoVFWDT"
+ shift
+ ;;
+ instantiateDemoVFWDT)
+ TAG="instantiateVFWDT"
+ shift
+ ;;
vfwclosedloop)
TAG="vfwclosedloop"
shift
POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot)
-ETEHOME=/var/opt/OpenECOMP_ETE
+ETEHOME=/var/opt/ONAP
export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l")
OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_demo_$key
TAGS="-i $2"
-ETEHOME=/var/opt/OpenECOMP_ETE
+ETEHOME=/var/opt/ONAP
export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l")
OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_$2
DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90))
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
"cloud_env" : "${GLOBAL_INJECTED_CLOUD_ENV}",
"install_script_version" : "${GLOBAL_INJECTED_SCRIPT_VERSION}",
},
-
-# ##
+ # ##
# heat template parameter values for heat template instances created during Vnf-Orchestration test cases
# ##
"Vnf-Orchestration" : {
"unprotected_private_net_cidr" : "192.168.10.0/24",
"protected_private_net_id" : "vofwl01_protected${hostid}",
"protected_private_net_cidr" : "192.168.20.0/24",
- "vfw_private_ip_0" : "192.168.10.100",
- "vfw_private_ip_1" : "192.168.20.100",
- "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.1",
- "vpg_private_ip_0" : "192.168.10.200",
- "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.2",
- "vsn_private_ip_0" : "192.168.20.250",
- "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.3",
+ "vfw_int_unprotected_private_ip_0" : "192.168.10.100",
+ "vfw_int_protected_private_ip_0" : "192.168.20.100",
+ "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.1",
+ "vfw_int_protected_private_floating_ip" : "192.168.10.200",
+ "vpg_int_unprotected_private_ip_0" : "192.168.10.200",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.2",
+ "vsn_int_protected_private_ip_0" : "192.168.20.250",
+ "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.3",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
'vfw_name_0':'vofwl01fwl${hostid}',
'vpg_name_0':'vofwl01pgn${hostid}',
"vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
"vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
'vsn_name_0':'vofwl01snk${hostid}'
},
"vfwsnk_preload.template": {
+ "int_unprotected_private_net_id" : "vofwlsnk_unprotected${hostid}",
+ "int_unprotected_private_subnet_id" : "vofwlsnk_unprotected_sub${hostid}",
+ "unprotected_private_net_cidr" : "192.168.10.0/24",
+ "int_protected_private_net_id" : "vofwlsnk_protected${hostid}",
+ "int_protected_private_subnet_id" : "vofwlsnk_protected_sub${hostid}",
+ "protected_private_net_cidr" : "192.168.20.0/24",
+ "vfw_int_unprotected_private_ip_0" : "192.168.10.100",
+ # this should be the same value as vpg_private_ip_0
+ "vfw_int_protected_private_floating_ip" : "192.168.10.200",
+ "vfw_int_protected_private_ip_0" : "192.168.20.100",
+ "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.101",
+ "vsn_int_protected_private_ip_0" : "192.168.20.250",
+ "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.102",
+ "sec_group" : "{{ .Values.openStackSecurityGroup }}",
+ 'vfw_name_0':'vofwl01fwl${hostid}',
+ 'vsn_name_0':'vofwl01snk${hostid}',
+ "vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ },
+ "vpkg_preload.template": {
+ "unprotected_private_net_id" : "vofwlsnk_unprotected${hostid}",
+ "unprotected_private_subnet_id" : "vofwlsnk_unprotected_sub${hostid}",
+ "unprotected_private_net_cidr" : "192.168.10.0/24",
+ "protected_private_net_cidr" : "192.168.20.0/24",
+ "vfw_private_ip_0" : "192.168.10.100",
+ "vpg_unprotected_private_ip_0" : "192.168.10.200",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.103",
+ "vsn_private_ip_0" : "192.168.20.250",
+ "sec_group" : "{{ .Values.openStackSecurityGroup }}",
+ 'vpg_name_0':'vofwl01pgn${hostid}',
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ },
+ # vFWDT preload data
+ "vfwdt_vpkg_preload.template": {
"unprotected_private_net_id" : "vofwlsnk_unprotected${hostid}",
"unprotected_private_subnet_id" : "vofwlsnk_unprotected_sub${hostid}",
"unprotected_private_net_cidr" : "192.168.10.0/24",
- "protected_private_net_id" : "vofwlsnk_protected${hostid}",
- "protected_private_subnet_id" : "vofwlsnk_protected_sub${hostid}",
"protected_private_net_cidr" : "192.168.20.0/24",
"vfw_private_ip_0" : "192.168.10.100",
- "vfw_private_ip_1" : "192.168.20.100",
- "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.101",
"vpg_private_ip_0" : "192.168.10.200",
+ "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.103",
"vsn_private_ip_0" : "192.168.20.250",
- "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.102",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
- 'vfw_name_0':'vofwl01fwl${hostid}',
- 'vsn_name_0':'vofwl01snk${hostid}',
+ 'vpg_name_0':'vofwl01pgn${hostid}',
+ "vfw_name_0": "vofwl01vfw${hostid}",
+ "vsn_name_0": "vofwl01snk${hostid}",
"image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
"flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "protected_private_net_id" : "vofwlsnk01_protected${hostid}",
+ "protected_private_subnet_id" : "vofwlsnk01_protected_sub${hostid}",
+ "ext_private_net_id": "onap_oam_ext",
+ "ext_private_subnet_id": "onap_oam_ext_sub",
+ "ext_private_net_cidr": "10.100.0.0/16",
+ "vfw_private_ip_1": "192.168.20.100",
+ "vfw_private_ip_2": "10.0.110.1",
+ "vfw_private_ip_3": "10.100.100.1",
+ "vsn_private_ip_1": "10.0.110.3",
+ "vsn_private_ip_0": "192.168.20.250",
+ "vsn_private_ip_2": "10.100.100.3",
},
- "vpkg_preload.template": {
+ "vfwdt_vfwsnk0_preload.template": {
"unprotected_private_net_id" : "vofwlsnk_unprotected${hostid}",
"unprotected_private_subnet_id" : "vofwlsnk_unprotected_sub${hostid}",
"unprotected_private_net_cidr" : "192.168.10.0/24",
"vsn_private_ip_0" : "192.168.20.250",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
'vpg_name_0':'vofwl01pgn${hostid}',
+ "vsn_name_0": "vofwl01snk${hostid}",
+ "vfw_name_0": "vofwl01vfw${hostid}",
+ "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "protected_private_net_id" : "vofwlsnk01_protected${hostid}",
+ "protected_private_subnet_id" : "vofwlsnk01_protected_sub${hostid}",
+ "ext_private_net_id": "onap_oam_ext",
+ "ext_private_subnet_id": "onap_oam_ext_sub",
+ "ext_private_net_cidr": "10.100.0.0/16",
+ "vfw_private_ip_1": "192.168.20.100",
+ "vfw_private_ip_2": "10.0.110.1",
+ "vfw_private_ip_3": "10.100.100.1",
+ "vsn_private_ip_1": "10.0.110.3",
+ "vsn_private_ip_0": "192.168.20.250",
+ "vpg_private_ip_2": "10.100.100.2",
+ "vsn_private_ip_1": "10.0.110.3",
+ "vsn_private_ip_0": "192.168.20.250",
+ "vsn_private_ip_2": "10.100.100.3"
+ },
+ "vfwdt_vfwsnk1_preload.template": {
+ "unprotected_private_net_id" : "vofwlsnk_unprotected${hostid}",
+ "unprotected_private_subnet_id" : "vofwlsnk_unprotected_sub${hostid}",
+ "unprotected_private_net_cidr" : "192.168.10.0/24",
+ "protected_private_net_cidr" : "192.168.20.0/24",
+ "vfw_private_ip_0" : "192.168.10.110",
+ "vpg_private_ip_0" : "192.168.10.200",
+ "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.103",
+ "vsn_private_ip_0" : "192.168.20.250",
+ "sec_group" : "{{ .Values.openStackSecurityGroup }}",
+ 'vpg_name_0':'vofwl01pgn${hostid}',
+ "vsn_name_0": "vofwl01snk${hostid}",
+ "vfw_name_0": "vofwl01vfw${hostid}",
"image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
"flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "protected_private_net_id" : "vofwlsnk01_protected${hostid}",
+ "protected_private_subnet_id" : "vofwlsnk01_protected_sub${hostid}",
+ "ext_private_net_id": "onap_oam_ext",
+ "ext_private_subnet_id": "onap_oam_ext_sub",
+ "ext_private_net_cidr": "10.100.0.0/16",
+ "vfw_private_ip_1": "192.168.20.110",
+ "vfw_private_ip_2": "10.0.110.4",
+ "vfw_private_ip_3": "10.100.100.4",
+ "vpg_private_ip_0": "192.168.10.200",
+ "vpg_private_ip_1": "10.0.110.2",
+ "vpg_private_ip_2": "10.100.100.2",
+ "vsn_private_ip_0": "192.168.20.240",
+ "vsn_private_ip_1": "10.0.110.5",
+ "vsn_private_ip_2": "10.100.100.5"
},
"vlb_preload.template" : {
"vlb_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
"vlb_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
- "vlb_private_net_id" : "volb01_private${hostid}",
- "pktgen_private_net_id" : "volb01_pktgen${hostid}",
- "vlb_private_net_cidr" : "192.168.30.0/24",
- "vlb_private_ip_0" : "192.168.30.100",
- "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.4",
- "vdns_private_ip_0" : "192.168.30.110",
- "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.5",
- "sec_group" : "{{ .Values.openStackSecurityGroup }}",
+ "vdns_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
+ "vdns_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
'vlb_name_0':'vovlblb${hostid}',
'vdns_name_0':'vovlbdns${hostid}',
+ "vpg_name_0" : "vovlbpgn${hostid}",
+ "vlb_private_net_id" : "volb01_private${hostid}",
+ "vlb_private_net_cidr" : "192.168.30.0/24",
+ "pktgen_private_net_id" : "volb01_pktgen${hostid}",
"pktgen_private_net_cidr" : "192.168.9.0/24",
- "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.7",
+ "vlb_int_private_ip_0" : "192.168.30.100",
+ "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.4",
+ "vlb_int_pktgen_private_ip_0" : "192.168.9.111",
+ "vdns_int_private_ip_0" : "192.168.30.110",
+ "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.5",
+ "vpg_int_pktgen_private_ip_0" : "192.168.9.110",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.7",
+ "sec_group" : "{{ .Values.openStackSecurityGroup }}",
"pg_int" : "192.168.9.109",
- "vpg_private_ip_0" : "192.168.9.110",
- "vlb_private_ip_2" : "192.168.9.111",
"vip" : "192.168.9.112",
"gre_ipaddr" : "192.168.30.112",
- "vpg_name_0" : "vovlbpgn${hostid}",
"vnf_id" : "vLoadBalancer_${hostid}",
"vf_module_id" : "vLoadBalancer"
},
"dnsscaling_preload.template" : {
- "vlb_private_net_id" : "volb01_private${hostid}",
- "vlb_private_ip_0" : "192.168.30.100",
- "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.4",
- "vdns_private_ip_0" : "192.168.30.222",
- "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.6",
+ "int_private_net_id" : "vLBMS_volb01_private${hostid}",
+ "int_private_subnet_id" : "vLBMS_volb01_private${hostid}_subnet",
+ "vlb_int_private_ip_0" : "192.168.30.100",
+ "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.4",
+ "vlb_int_pktgen_private_ip_0" : "192.168.9.111",
+ "vdns_int_private_ip_0" : "192.168.30.222",
+ "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.6",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
- 'scaling_vdns_name_0':'vovlbscaling${hostid}',
- "vlb_private_net_cidr" : "192.168.10.0/24"
+ 'vdns_name_0':'vovlbscaling${hostid}',
+ "vlb_private_net_cidr" : "192.168.30.0/24"
},
"vims_preload.template" : {
"bono_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
},
# heat template parameter values for heat template instances created during Closed-Loop test cases
"Closed-Loop" : {
- "vfw_preload.template": {
+ "vfw_preload.template": {
"unprotected_private_net_id" : "clfwl01_unprotected${hostid}",
"unprotected_private_net_cidr" : "192.168.110.0/24",
"protected_private_net_id" : "clfwl01_protected${hostid}",
"protected_private_net_cidr" : "192.168.120.0/24",
- "vfw_private_ip_0" : "192.168.110.100",
- "vfw_private_ip_1" : "192.168.120.100",
- "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.11",
- "vpg_private_ip_0" : "192.168.110.200",
- "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.12",
- "vsn_private_ip_0" : "192.168.120.250",
- "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.13",
+ "vfw_int_unprotected_private_ip_0" : "192.168.110.100",
+ "vfw_int_protected_private_ip_0" : "192.168.120.100",
+ "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.11",
+ "vfw_int_protected_private_floating_ip" : "192.168.110.200",
+ "vpg_int_unprotected_private_ip_0" : "192.168.110.200",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.12",
+ "vsn_int_protected_private_ip_0" : "192.168.120.250",
+ "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.13",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
'vfw_name_0':'clfwl01fwl${hostid}',
'vpg_name_0':'clfwl01pgn${hostid}',
"vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
"vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
'vsn_name_0':'clfwl01snk${hostid}'
},
"vfwsnk_preload.template": {
- "unprotected_private_net_id" : "clfwlsnk_unprotected${hostid}",
- "unprotected_private_subnet_id" : "clfwlsnk_unprotected_sub${hostid}",
+ "int_unprotected_private_net_id" : "clfwlsnk_unprotected${hostid}",
+ "int_unprotected_private_subnet_id" : "clfwlsnk_unprotected_sub${hostid}",
"unprotected_private_net_cidr" : "192.168.10.0/24",
- "protected_private_net_id" : "clfwlsnk_protected${hostid}",
- "protected_private_subnet_id" : "clfwlsnk_protected_sub${hostid}",
+ "int_protected_private_net_id" : "clfwlsnk_protected${hostid}",
+ "int_protected_private_subnet_id" : "clfwlsnk_protected_sub${hostid}",
"protected_private_net_cidr" : "192.168.20.0/24",
- "vfw_private_ip_0" : "192.168.10.100",
- "vfw_private_ip_1" : "192.168.20.100",
- "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.111",
- "vpg_private_ip_0" : "192.168.10.200",
- "vsn_private_ip_0" : "192.168.20.250",
- "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.112",
+ "vfw_int_unprotected_private_ip_0" : "192.168.10.100",
+ # this should be the same value as vpg_private_ip_0
+ "vfw_int_protected_private_floating_ip" : "192.168.10.200",
+ "vfw_int_protected_private_ip_0" : "192.168.20.100",
+ "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.111",
+ "vsn_int_protected_private_ip_0" : "192.168.20.250",
+ "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.112",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
'vfw_name_0':'clfwl01fwl${hostid}',
'vsn_name_0':'clfwl01snk${hostid}',
- "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
- "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
},
"vpkg_preload.template": {
- "unprotected_private_net_id" : "clfwlsnk_unprotected${hostid}",
- "unprotected_private_subnet_id" : "clfwlsnk_unprotected_sub${hostid}",
+ "unprotected_private_net_id" : "vFWSNK_clfwlsnk_unprotected${hostid}",
+ "unprotected_private_subnet_id" : "vFWSNK_clfwlsnk_unprotected_sub${hostid}",
"unprotected_private_net_cidr" : "192.168.10.0/24",
"protected_private_net_cidr" : "192.168.20.0/24",
"vfw_private_ip_0" : "192.168.10.100",
- "vpg_private_ip_0" : "192.168.10.200",
- "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.113",
+ "vpg_unprotected_private_ip_0" : "192.168.10.200",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.113",
"vsn_private_ip_0" : "192.168.20.250",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
'vpg_name_0':'clfwl01pgn${hostid}',
- "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
- "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
},
+ # vLBMS
"vlb_preload.template" : {
"vlb_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
"vlb_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
- "vlb_private_net_id" : "cllb01_private${hostid}",
- "pktgen_private_net_id" : "cllb01_pktgen${hostid}",
- "vlb_private_net_cidr" : "192.168.30.0/24",
- "vlb_private_ip_0" : "192.168.30.100",
- "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.14",
- "vdns_private_ip_0" : "192.168.30.110",
- "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.15",
- "sec_group" : "{{ .Values.openStackSecurityGroup }}",
+ "vdns_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
+ "vdns_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
'vlb_name_0':'clvlblb${hostid}',
'vdns_name_0':'clvlbdns${hostid}',
+ "vpg_name_0" : "clvlbpgn${hostid}",
+ "vlb_private_net_id" : "cllb01_private${hostid}",
+ "vlb_private_net_cidr" : "192.168.30.0/24",
+ "pktgen_private_net_id" : "cllb01_pktgen${hostid}",
"pktgen_private_net_cidr" : "192.168.9.0/24",
- "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.17",
+ "vlb_int_private_ip_0" : "192.168.30.100",
+ "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.14",
+ "vlb_int_pktgen_private_ip_0" : "192.168.9.111",
+ "vdns_int_private_ip_0" : "192.168.30.110",
+ "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.15",
+ "vpg_int_pktgen_private_ip_0" : "192.168.9.110",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.17",
+ "sec_group" : "{{ .Values.openStackSecurityGroup }}",
"pg_int" : "192.168.9.109",
- "vpg_private_ip_0" : "192.168.9.110",
- "vlb_private_ip_2" : "192.168.9.111",
"vip" : "192.168.9.112",
"gre_ipaddr" : "192.168.30.112",
- "vpg_name_0" : "clvlbpgn${hostid}",
"vnf_id" : "vLoadBalancer_${hostid}",
"vf_module_id" : "vLoadBalancer"
},
"dnsscaling_preload.template" : {
- "vlb_private_net_id" : "cllb01_private${hostid}",
- "vlb_private_ip_0" : "192.168.130.100",
- "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.14",
- "vdns_private_ip_0" : "192.168.130.222",
- "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.16",
+ "int_private_net_id" : "vLBMS_cllb01_private${hostid}",
+ "int_private_subnet_id" : "vLBMS_cllb01_private${hostid}_subnet",
+ "vlb_int_private_ip_0" : "192.168.30.100",
+ "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.14",
+ "vlb_int_pktgen_private_ip_0" : "192.168.9.111",
+ "vdns_int_private_ip_0" : "192.168.30.222",
+ "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.16",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
- 'scaling_vdns_name_0':'clvlbscaling${hostid}',
+ 'vdns_name_0':'clvlbscaling${hostid}',
"vlb_private_net_cidr" : "192.168.10.0/24"
},
"vims_preload.template" : {
"unprotected_private_net_cidr" : "192.168.110.0/24",
"protected_private_net_id" : "demofwl_protected",
"protected_private_net_cidr" : "192.168.120.0/24",
- "vfw_private_ip_0" : "192.168.110.100",
- "vfw_private_ip_1" : "192.168.120.100",
- "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.11",
- "vpg_private_ip_0" : "192.168.110.200",
- "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.12",
- "vsn_private_ip_0" : "192.168.120.250",
- "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.13",
+ "vfw_int_unprotected_private_ip_0" : "192.168.110.100",
+ "vfw_int_protected_private_ip_0" : "192.168.120.100",
+ "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.11",
+ "vpg_int_unprotected_private_ip_0" : "192.168.110.200",
+ "vfw_int_protected_private_floating_ip" : "192.168.110.200",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.12",
+ "vsn_int_protected_private_ip_0" : "192.168.120.250",
+ "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.13",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
'vfw_name_0':'demofwl01fwl',
'vpg_name_0':'demofwl01pgn',
"vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
"vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
'vsn_name_0':'demofwl01snk'
},
"vfwsnk_preload.template": {
- "unprotected_private_net_id" : "demofwlsnk_unprotected${hostid}",
- "unprotected_private_subnet_id" : "demofwlsnk_unprotected_sub${hostid}",
+ "int_unprotected_private_net_id" : "demofwlsnk_unprotected${hostid}",
+ "int_unprotected_private_subnet_id" : "demofwlsnk_unprotected_sub${hostid}",
"unprotected_private_net_cidr" : "192.168.10.0/24",
- "protected_private_net_id" : "demofwlsnk_protected${hostid}",
- "protected_private_subnet_id" : "vofwlsnk_protected_sub${hostid}",
+ "int_protected_private_net_id" : "demofwlsnk_protected${hostid}",
+ "int_protected_private_subnet_id" : "vofwlsnk_protected_sub${hostid}",
"protected_private_net_cidr" : "192.168.20.0/24",
- "vfw_private_ip_0" : "192.168.10.100",
- "vfw_private_ip_1" : "192.168.20.100",
- "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.121",
- "vpg_private_ip_0" : "192.168.10.200",
- "vsn_private_ip_0" : "192.168.20.250",
- "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.122",
+ "vfw_int_unprotected_private_ip_0" : "192.168.10.100",
+ # this should be the same value as vpg_private_ip_0
+ "vfw_int_protected_private_floating_ip" : "192.168.10.200",
+ "vfw_int_protected_private_ip_0" : "192.168.20.100",
+ "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.121",
+ "vsn_int_protected_private_ip_0" : "192.168.20.250",
+ "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.122",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
'vfw_name_0':'${generic_vnf_name}',
'vsn_name_0':'demofwl01snk${hostid}',
- "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
- "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
},
"vpkg_preload.template": {
- "unprotected_private_net_id" : "demofwlsnk_unprotected${hostid}",
- "unprotected_private_subnet_id" : "demofwlsnk_unprotected_sub${hostid}",
+ "unprotected_private_net_id" : "vFWSNK_demofwlsnk_unprotected${hostid}",
+ "unprotected_private_subnet_id" : "vFWSNK_demofwlsnk_unprotected_sub${hostid}",
"unprotected_private_net_cidr" : "192.168.10.0/24",
"protected_private_net_cidr" : "192.168.20.0/24",
"vfw_private_ip_0" : "192.168.10.100",
- "vpg_private_ip_0" : "192.168.10.200",
- "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.123",
+ "vpg_unprotected_private_ip_0" : "192.168.10.200",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.123",
"vsn_private_ip_0" : "192.168.20.250",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
'vpg_name_0':'demofwl01pgn${hostid}',
- "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
- "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}"
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}"
},
+ # vLBMS
"vlb_preload.template" : {
"vlb_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
"vlb_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
- "vlb_private_net_id" : "demolb_private${hostid}",
- "pktgen_private_net_id" : "demolb_pktgen${hostid}",
- "vlb_private_net_cidr" : "192.168.30.0/24",
- "vlb_private_ip_0" : "192.168.30.100",
- "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.24",
- "vdns_private_ip_0" : "192.168.30.110",
- "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.25",
- "sec_group" : "{{ .Values.openStackSecurityGroup }}",
+ "vdns_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
+ "vdns_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
+ "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}",
+ "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}",
'vlb_name_0':'demovlblb${hostid}',
'vdns_name_0':'demovlbdns${hostid}',
+ "vpg_name_0" : "clvlbpgn${hostid}",
+ "vlb_private_net_id" : "demolb_private${hostid}",
+ "vlb_private_net_cidr" : "192.168.30.0/24",
+ "pktgen_private_net_id" : "demolb_pktgen${hostid}",
"pktgen_private_net_cidr" : "192.168.9.0/24",
- "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.27",
+ "vlb_int_private_ip_0" : "192.168.30.100",
+ "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.24",
+ "vlb_int_pktgen_private_ip_0" : "192.168.9.111",
+ "vdns_int_private_ip_0" : "192.168.30.110",
+ "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.25",
+ "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.27",
+ "vpg_int_pktgen_private_ip_0" : "192.168.9.110",
"pg_int" : "192.168.9.109",
- "vpg_private_ip_0" : "192.168.9.110",
- "vlb_private_ip_2" : "192.168.9.111",
"vip" : "192.168.9.112",
"gre_ipaddr" : "192.168.30.112",
- "vpg_name_0" : "clvlbpgn${hostid}",
"vnf_id" : "vLoadBalancer_${hostid}",
- "vf_module_id" : "vLoadBalancer"
+ "vf_module_id" : "vLoadBalancer",
+ "sec_group" : "{{ .Values.openStackSecurityGroup }}"
},
"dnsscaling_preload.template" : {
- "vlb_private_net_id" : "demolb_private${hostid}",
- "vlb_private_ip_0" : "192.168.130.100",
- "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.24",
- "vdns_private_ip_0" : "192.168.130.222",
- "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.26",
+ "int_private_net_id" : "vLBMS_demolb_private${hostid}",
+ "int_private_subnet_id" : "vLBMS_demolb_private${hostid}_subnet",
+ "vlb_int_private_ip_0" : "192.168.30.100",
+ "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.24",
+ "vlb_int_pktgen_private_ip_0" : "192.168.9.111",
+ "vdns_int_private_ip_0" : "192.168.30.222",
+ "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.26",
"sec_group" : "{{ .Values.openStackSecurityGroup }}",
- 'scaling_vdns_name_0':'demovlbscaling${hostid}',
- "vlb_private_net_cidr" : "192.168.10.0/24"
+ 'vdns_name_0':'demovlbscaling${hostid}',
+ "vlb_private_net_cidr" : "192.168.30.0/24"
},
"vims_preload.template" : {
"bono_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}",
GLOBAL_APPC_USERNAME = "{{ .Values.appcUsername }}"
GLOBAL_APPC_PASSWORD = "{{ .Values.appcPassword }}"
GLOBAL_APPC_CDT_SERVER_PROTOCOL = "http"
-GLOBAL_APPC_CDT_SERVER_PORT = "80"
+GLOBAL_APPC_CDT_SERVER_PORT = "18080"
GLOBAL_APPC_CDT_USERNAME = "demo"
# sdc info - everything is from the private oam network (also called onap private network)
GLOBAL_ASDC_SERVER_PROTOCOL = "http"
GLOBAL_LOG_LOGSTASH_PORT = "9600"
GLOBAL_LOG_KIBANA_PORT = "5601"
# pomba info - NOTE: no pomba is run in HEAT; only on OOM
-GLOBAL_POMBA_SERVER_PROTOCOL = "http"
+GLOBAL_POMBA_SERVER_PROTOCOL_HTTP = "http"
+GLOBAL_POMBA_SERVER_PROTOCOL_HTTPS = "https"
GLOBAL_POMBA_AAICONTEXTBUILDER_PORT = "9530"
GLOBAL_POMBA_SDCCONTEXTBUILDER_PORT = "9530"
GLOBAL_POMBA_NETWORKDISCCONTEXTBUILDER_PORT = "9530"
-# vvp info
-GLOBAL_VVP_SERVER_PROTOCOL = "http"
-GLOBAL_VVP_CI_UWSGI_PORT = "8282"
-GLOBAL_VVP_CMS_UWSGI_PORT1 = "80"
-GLOBAL_VVP_EM_UWSGI_PORT = "80"
-GLOBAL_VVP_EXT_HAPROXY_PORT1 = "80"
-GLOBAL_VVP_GITLAB_PORT1 = "80"
-GLOBAL_VVP_IMAGESCANNER_PORT = "80"
-GLOBAL_VVP_INT_HAPROXY_PORT1 = "80"
-GLOBAL_VVP_JENKINS_PORT = "8080"
-GLOBAL_VVP_POSTGRES_PORT = "5432"
-GLOBAL_VVP_REDIS_PORT = "6379"
+GLOBAL_POMBA_SERVICEDECOMPOSITION_PORT = "9532"
+GLOBAL_POMBA_SDNCCXTBUILDER_PORT = "9530"
+GLOBAL_POMBA_NETWORKDISCOVERY_MICROSERVICE_PORT = "9531"
+GLOBAL_POMBA_VALIDATIONSERVICE_PORT = "9529"
+GLOBAL_POMBA_KIBANA_PORT = "5601"
+GLOBAL_POMBA_ELASTICSEARCH_PORT = "9200"
+GLOBAL_POMBA_CONTEXTAGGREGATOR_PORT = "9529"
+
# microservice bus info - everything is from the private oam network (also called onap private network)
GLOBAL_MSB_SERVER_PROTOCOL = "http"
GLOBAL_MSB_SERVER_PORT = "80"
GLOBAL_MSO_REQDB_SERVER_PORT = "8083"
GLOBAL_MSO_SDNC_SERVER_PORT = "8086"
GLOBAL_MSO_VFC_SERVER_PORT = "8084"
-
+GLOBAL_MSO_VNFM_SERVER_PORT = "9092"
GLOBAL_MSO_USERNAME = "{{ .Values.soUsername }}"
GLOBAL_MSO_CATDB_USERNAME = "{{ .Values.soCatdbUsername }}"
GLOBAL_MSO_PASSWORD = "{{ .Values.soPassword }}"
# dns info
GLOBAL_DNS_TRAFFIC_DURATION = "600"
# location where heat templates are loaded from
-GLOBAL_HEAT_TEMPLATES_FOLDER = "/var/opt/OpenECOMP_ETE/demo/heat"
+GLOBAL_HEAT_TEMPLATES_FOLDER = "/var/opt/ONAP/demo/heat"
GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR = "pomba-aaictxbuilder.{{include "common.namespace" .}}"
GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR = "pomba-sdcctxbuilder.{{include "common.namespace" .}}"
GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR = "pomba-networkdiscoveryctxbuilder.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_CI_UWSGI_IP_ADDR = "vvp-ci-uwsgi.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_CMS_UWSGI_IP_ADDR = "vvp-cms-uwsgi.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_EM_UWSGI_IP_ADDR = "vvp-em-uwsgi.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_EXT_HAPROXY_IP_ADDR = "vvp-ext-haproxy.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_GITLAB_IP_ADDR = "vvp-gitlab.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_IMAGESCANNER_IP_ADDR = "vvp-imagescanner.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_INT_HAPROXY_IP_ADDR = "vvp-int-haproxy.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_JENKINS_IP_ADDR = "vvp-jenkins.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_POSTGRES_IP_ADDR = "vvp-postgres.{{include "common.namespace" .}}"
-GLOBAL_INJECTED_VVP_REDIS_IP_ADDR = "vvp-redis.{{include "common.namespace" .}}"
+GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR = "pomba-servicedecomposition.{{include "common.namespace" .}}"
+GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR = "pomba-sdncctxbuilder.{{include "common.namespace" .}}"
+GLOBAL_INJECTED_POMBA_NETWORKDISCOVERY_MICROSERVICE_IP_ADDR = "pomba-networkdiscovery.{{include "common.namespace" .}}"
+GLOBAL_INJECTED_POMBA_VALIDATION_SERVICE_IP_ADDR = "pomba-validation-service.{{include "common.namespace" .}}"
+GLOBAL_INJECTED_POMBA_KIBANA_IP_ADDR = "pomba-kibana.{{include "common.namespace" .}}"
+GLOBAL_INJECTED_POMBA_ELASTIC_SEARCH_IP_ADDR = "pomba-es.{{include "common.namespace" .}}"
+GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR = "pomba-contextaggregator.{{include "common.namespace" .}}"
GLOBAL_INJECTED_KEYSTONE = "{{ .Values.openStackKeyStoneUrl }}"
GLOBAL_INJECTED_MR_IP_ADDR = "message-router.{{include "common.namespace" .}}"
GLOBAL_INJECTED_MUSIC_IP_ADDR = "music.{{include "common.namespace" .}}"
GLOBAL_INJECTED_SO_REQDB_IP_ADDR = "so-request-db-adapter.{{include "common.namespace" .}}"
GLOBAL_INJECTED_SO_SDNC_IP_ADDR = "so-sdnc-adapter.{{include "common.namespace" .}}"
GLOBAL_INJECTED_SO_VFC_IP_ADDR = "so-vfc-adapter.{{include "common.namespace" .}}"
+GLOBAL_INJECTED_SO_VNFM_IP_ADDR = "so-vnfm-adapter.{{include "common.namespace" .}}"
GLOBAL_INJECTED_UBUNTU_1404_IMAGE = "{{ .Values.ubuntu14Image }}"
GLOBAL_INJECTED_UBUNTU_1604_IMAGE = "{{ .Values.ubuntu16Image }}"
GLOBAL_INJECTED_VM_IMAGE_NAME = "{{ .Values.ubuntu14Image }}"
"GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR" : "pomba-aaictxbuilder.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR" : "pomba-sdcctxbuilder.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR" : "pomba-networkdiscovery.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_CI_UWSGI_IP_ADDR" : "vvp-ci-uwsgi.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_CMS_UWSGI_IP_ADDR" : "vvp-cms-uwsgi.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_EM_UWSGI_IP_ADDR" : "vvp-em-uwsgi.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_EXT_HAPROXY_IP_ADDR" : "vvp-ext-haproxy.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_GITLAB_IP_ADDR" : "vvp-gitlab.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_IMAGESCANNER_IP_ADDR" : "vvp-imagescanner.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_INT_HAPROXY_IP_ADDR" : "vvp-int-haproxy.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_JENKINS_IP_ADDR" : "vvp-jenkins.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_POSTGRES_IP_ADDR" : "vvp-postgres.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_VVP_REDIS_IP_ADDR" : "vvp-redis.{{include "common.namespace" .}}",
+ "GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR" : "pomba-servicedecomposition.{{include "common.namespace" .}}",
+ "GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR" : "pomba-sdncctxbuilder.{{include "common.namespace" .}}",
+ "GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR" : "pomba-contextaggregator.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_MUSIC_IP_ADDR" : "music.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_NBI_IP_ADDR" : "nbi.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_NETWORK" : "{{ .Values.openStackPrivateNetId }}",
"GLOBAL_INJECTED_SO_REQDB_IP_ADDR" : "so-request-db-adapter.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_SO_SDNC_IP_ADDR" : "so-sdnc-adapter.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_SO_VFC_IP_ADDR" : "so-vfc-adapter.{{include "common.namespace" .}}",
+ "GLOBAL_INJECTED_SO_VNFM_IP_ADDR" : "so-vnfm-adapter.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_UBUNTU_1404_IMAGE" : "{{.Values.ubuntu14Image}}",
"GLOBAL_INJECTED_UBUNTU_1604_IMAGE" : "{{.Values.ubuntu16Image}}",
"GLOBAL_INJECTED_VM_IMAGE_NAME" : "{{ .Values.ubuntu14Image }}",
# application image
repository: nexus3.onap.org:10001
-image: onap/testsuite:1.3.2
+image: onap/testsuite:1.4.0-STAGING-latest
pullPolicy: Always
ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
apiVersion: v1
description: Service Design and Creation Umbrella Helm charts
name: sdc
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Service Design and Creation Backend API
name: sdc-be
-version: 3.0.0
+version: 4.0.0
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-backend:1.3.5
-backendInitImage: onap/sdc-backend-init:1.3.5
+image: onap/sdc-backend:1.4-STAGING-latest
+backendInitImage: onap/sdc-backend-init:1.4-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP Service Design and Creation Cassandra
name: sdc-cs
-version: 3.0.0
+version: 4.0.0
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-cassandra:1.3.5
-cassandraInitImage: onap/sdc-cassandra-init:1.3.5
+image: onap/sdc-cassandra:1.4-STAGING-latest
+cassandraInitImage: onap/sdc-cassandra-init:1.4-STAGING-latest
pullPolicy: Always
apiVersion: v1
description: ONAP SDC DCAE Backend client of TOSCALAB and SDC
name: sdc-dcae-be
-version: 3.0.0
+version: 4.0.0
metadata:
name: {{ include "common.fullname" . }}-logging-configmap
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }}
\ No newline at end of file
apiVersion: v1
description: ONAP DCAE desiner composition tool for creating customized templates
name: sdc-dcae-dt
-version: 3.0.0
+version: 4.0.0
metadata:
name: {{ include "common.fullname" . }}-logging-configmap
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }}
apiVersion: v1
description: ONAP SDC DCAE UI for service monitoring and MC create and configure
name: sdc-dcae-fe
-version: 3.0.0
+version: 4.0.0
metadata:
name: {{ include "common.fullname" . }}-logging-configmap
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }}
apiVersion: v1
description: ONAP Tosca model for component monitoring and descriptors deployment
name: sdc-dcae-tosca-lab
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP Service Design and Creation Elasticsearch
name: sdc-es
-version: 3.0.0
+version: 4.0.0
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-elasticsearch:1.3.5
-elasticInitImage: onap/sdc-init-elasticsearch:1.3.5
+image: onap/sdc-elasticsearch:1.4-STAGING-latest
+elasticInitImage: onap/sdc-init-elasticsearch:1.4-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP Service Design and Creation Front End
name: sdc-fe
-version: 3.0.0
+version: 4.0.0
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-frontend:1.3.5
+image: onap/sdc-frontend:1.4-STAGING-latest
pullPolicy: Always
config:
dcae_source_url: "http://sdc.dcae.plugin.simpledemo.onap.org:30263/dcaed/#/home"
dcae_dt_discovery_url: "http://sdc-dcae-dt:8186/dcae/#/dcae/home"
dcae_dt_source_url: "http://sdc.dcae.plugin.simpledemo.onap.org:30265/dcae/#/dcae/home"
- workflow_discovery_url: "http://sdc-wfd-fe:8080"
- workflow_source_url: "http://sdc.workflow.plugin.simpledemo.onap.org:30256"
+ workflow_discovery_url: "http://sdc-wfd-fe:8080/workflows"
+ workflow_source_url: "http://sdc.workflow.plugin.simpledemo.onap.org:30256/workflows/"
# default number of instances
replicaCount: 1
apiVersion: v1
description: ONAP Service Design and Creation Kibana
name: sdc-kb
-version: 3.0.0
+version: 4.0.0
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-kibana:1.3.5
+image: onap/sdc-kibana:1.4-STAGING-latest
pullPolicy: Always
config:
apiVersion: v1
description: ONAP Service Design and Creation Onboarding API
name: sdc-onboarding-be
-version: 3.0.0
+version: 4.0.0
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-onboard-backend:1.3.5
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.3.5
+image: onap/sdc-onboard-backend:1.4-STAGING-latest
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.4-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: ONAP Service Design and Creation Workflow Designer backend
name: sdc-wfd-be
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
--- /dev/null
+{{- define "sdc-wfd-be.volumes" }}
+ {{ if .Values.config.cassandraSSLEnabled }}
+ - name: {{ include "common.fullname" . }}-cassandra-client-truststore
+ hostPath:
+ path: /etc/cassandra-client-truststore/truststore
+ type: File
+ {{- end }}
+ {{ if .Values.config.serverSSLEnabled }}
+ - name: {{ include "common.fullname" . }}-server-https-keystore
+ hostPath:
+ path: /config/server-https-keystore/keystore
+ type: File
+ {{- end }}
+{{- end }}
+
+{{- define "sdc-wfd-be.volumeMounts" }}
+ {{ if .Values.config.cassandraSSLEnabled }}
+ - name: {{ include "common.fullname" . }}-cassandra-client-truststore
+ mountPath: /etc/cassandra-client-truststore/truststore
+ subPath: truststore
+ readOnly: true
+ {{- end }}
+ {{ if .Values.config.serverSSLEnabled }}
+ - name: {{ include "common.fullname" . }}-server-https-keystore
+ mountPath: /etc/server-https-keystore/keystore
+ subPath: keystore
+ readOnly: true
+ {{- end }}
+{{- end }}
\ No newline at end of file
release: {{ .Release.Name }}
spec:
initContainers:
+ {{- if .Values.initJob.enabled }}
- name: {{ include "common.name" . }}-job-completion
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}"
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ {{ end }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- containerPort: {{ .Values.service.internalPort }}
+ - containerPort: {{ .Values.service.internalPort2 }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{ if .Values.liveness.enabled }}
value: "{{ .Values.config.cassandraHosts }}"
- name: CS_PORT
value: "{{ .Values.config.cassandraClientPort }}"
+ - name: CS_AUTHENTICATE
+ value: "{{ .Values.config.cassandraAuthenticationEnabled }}"
- name: CS_USER
valueFrom:
secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_user}
- name: CS_PASSWORD
valueFrom:
secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password}
+ - name: CS_SSL_ENABLED
+ value: "{{ .Values.config.cassandraSSLEnabled }}"
+ - name: CS_TRUST_STORE_PATH
+ value: "{{ .Values.config.cassandraTrustStorePath }}"
+ - name: CS_TRUST_STORE_PASSWORD
+ value: "{{ .Values.config.cassandraTrustStorePassword }}"
- name: SDC_PROTOCOL
value: "{{ .Values.config.sdcProtocol }}"
- name: SDC_ENDPOINT
value: "{{ .Values.config.sdcExternalUser }}"
- name: SDC_PASSWORD
value: "{{ .Values.config.sdcExternalUserPassword }}"
+ - name: SERVER_SSL_ENABLED
+ value: "{{ .Values.config.serverSSLEnabled }}"
+ - name: SERVER_SSL_KEYSTORE_TYPE
+ value: "{{ .Values.config.serverSSLKeyStoreType }}"
+ - name: SERVER_SSL_KEYSTORE_PATH
+ value: "{{ .Values.config.serverSSLKeyStorePath }}"
+ - name: SERVER_SSL_KEY_PASSWORD
+ value: "{{ .Values.config.serverSSLKeyPassword }}"
+ volumeMounts:
+ {{- template "sdc-wfd-be.volumeMounts" . }}
+ volumes:
+ {{- template "sdc-wfd-be.volumes" . }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
# See the License for the specific language governing permissions and
# limitations under the License.
+{{ if .Values.initJob.enabled }}
apiVersion: batch/v1
kind: Job
metadata:
- name: CS_PORT
value: "{{ .Values.config.cassandraThriftClientPort }}"
- name: CS_AUTHENTICATE
- value: "{{ .Values.config.cassandaAuthenticationEnabled }}"
+ value: "{{ .Values.config.cassandraAuthenticationEnabled }}"
- name: CS_USER
valueFrom:
secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_user}
secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
+{{ end }}
\ No newline at end of file
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/workflow-backend:1.3.2
-configInitImage: onap/workflow-init:1.3.2
+image: onap/workflow-backend:1.4.0-SNAPSHOT
+configInitImage: onap/workflow-init:1.4.0-SNAPSHOT
pullPolicy: Always
# flag to enable debugging - application support required
debugEnabled: false
+initJob:
+ enabled: true
+
config:
javaOptions: "-Xdebug -agentlib:jdwp=transport=dt_socket,address=7001,server=y,suspend=n -Xmx1536m -Xms1536m"
- cassandaAuthenticationEnabled: true
+ cassandraAuthenticationEnabled: true
cassandraHosts: sdc-cs
cassandraThriftClientPort: 9160
cassandraClientPort: 9042
sdcEndpoint: sdc-be:8080
sdcExternalUser: workflow
sdcExternalUserPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+ serverSSLEnabled: false
+ serverSSLKeyStoreType: jks
+ serverSSLKeyStorePath: /etc/server-https-keystore/keystore
+ serverSSLKeyPassword: password
+ cassandraSSLEnabled: false
+ cassandraTrustStorePath: /etc/cassandra-client-truststore/truststore
+ cassandraTrustStorePassword: password
# default number of instances
replicaCount: 1
type: NodePort
internalPort: 8080
externalPort: 8080
+ internalPort2: 8443
+ externalPort2: 8443
portName: sdc-wfd-be
nodePort: "57"
apiVersion: v1
description: ONAP Service Design and Creation Workflow Designer frontend
name: sdc-wfd-fe
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
--- /dev/null
+# Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.ingress.enabled }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ include "common.fullname" . }}-ingress
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+{{- with .Values.ingress.annotations }}
+ annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
+spec:
+ rules:
+ - http:
+ paths:
+ - path: /workflows/
+ backend:
+ serviceName: {{.Values.service.name}}
+ servicePort: {{.Values.service.internalPort}}
+{{ end }}
+
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/workflow-frontend:1.3.2
+image: onap/workflow-frontend:1.4.0-SNAPSHOT
pullPolicy: Always
# flag to enable debugging - application support required
ingress:
enabled: false
+ annotations:
+ ingress.kubernetes.io/secure-backends: "false"
+ nginx.ingress.kubernetes.io/secure-backends: "false"
+ nginx.ingress.kubernetes.io/proxy-body-size: "0"
+ nginx.ingress.kubernetes.io/ssl-redirect: "true"
+ nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
+ nginx.ingress.kubernetes.io/rewrite-target: /workflows/
+ nginx.ingress.kubernetes.io/server-snippet: |
+ underscores_in_headers on;
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
},
"cassandra": {
+ "cassandra_port": 9042,
"concurrent_reads": "32",
"num_tokens": "256",
"data_dir": "/var/lib/cassandra/data",
apiVersion: v1
description: SDN Controller
name: sdnc
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: SDNC DMaaP Listener
name: dmaap-listener
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-dmaap-listener-image:1.4.3
+image: onap/sdnc-dmaap-listener-image:1.5-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
requests:
cpu: 1
memory: 2Gi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
apiVersion: v1
description: SDN-C Ansible Server
name: sdnc-ansible-server
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
- name: {{ include "common.name" . }}
command: ["/bin/bash"]
args: ["-c", "cd /opt/onap/ccsdk && ./startAnsibleServer.sh"]
+
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-ansible-server-image:1.4.3
+image: onap/sdnc-ansible-server-image:1.5-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: SDN-C Admin Portal
name: sdnc-portal
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/admportal-sdnc-image:1.4.3
+image: onap/admportal-sdnc-image:1.5-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v1
description: SDNC UEB Listener
name: ueb-listener
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-ueb-listener-image:1.4.3
+image: onap/sdnc-ueb-listener-image:1.5-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- - name: controller-blueprints
- version: ~3.0.0
+ - name: cds
+ version: ~4.x-0
repository: '@local'
+ condition: cds.enabled
- name: mysql
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: network-name-gen
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: dgbuilder
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: sdnc-prom
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
condition: config.geoEnabled
# ============LICENSE_END=========================================================
###
+# Append features to karaf boot feature configuration
+# $1 additional feature to be added
+# $2 repositories to be added (optional)
+function addToFeatureBoot() {
+ CFG=$ODL_HOME/etc/org.apache.karaf.features.cfg
+ ORIG=$CFG.orig
+ if [ -n "$2" ] ; then
+ echo "Add repository: $2"
+ mv $CFG $ORIG
+ cat $ORIG | sed -e "\|featuresRepositories|s|$|,$2|" > $CFG
+ fi
+ echo "Add boot feature: $1"
+ mv $CFG $ORIG
+ cat $ORIG | sed -e "\|featuresBoot *=|s|$|,$1|" > $CFG
+}
+
+# Append features to karaf boot feature configuration
+# $1 search pattern
+# $2 replacement
+function replaceFeatureBoot() {
+ CFG=$ODL_HOME/etc/org.apache.karaf.features.cfg
+ ORIG=$CFG.orig
+ echo "Replace boot feature $1 with: $2"
+ sed -i "/featuresBoot/ s/$1/$2/g" $CFG
+}
+
+function install_sdnrwt_features() {
+ addToFeatureBoot "$SDNRWT_BOOTFEATURES" $SDNRWT_REPOSITORY
+}
+
function enable_odl_cluster(){
if [ -z $SDNC_REPLICAS ]; then
echo "SDNC_REPLICAS is not configured in Env field"
exit
fi
+ #Be sure to remove feature odl-netconf-connector-all from list
+ replaceFeatureBoot "odl-netconf-connector-all,"
+
echo "Installing Opendaylight cluster features"
- mv $ODL_HOME/etc/org.apache.karaf.features.cfg $ODL_HOME/etc/org.apache.karaf.features.cfg.orig
- cat $ODL_HOME/etc/org.apache.karaf.features.cfg.orig | sed -e "\|featuresBoot=config|s|$|,odl-mdsal-clustering,odl-jolokia|" > $ODL_HOME/etc/org.apache.karaf.features.cfg
+ replaceFeatureBoot odl-netconf-topology odl-netconf-clustered-topology
+ replaceFeatureBoot odl-mdsal-all odl-mdsal-all,odl-mdsal-clustering
+ addToFeatureBoot odl-jolokia
#${ODL_HOME}/bin/client feature:install odl-mdsal-clustering
#${ODL_HOME}/bin/client feature:install odl-jolokia
+
echo "Update cluster information statically"
hm=$(hostname)
ODL_HOME=${ODL_HOME:-/opt/opendaylight/current}
ODL_ADMIN_PASSWORD=${ODL_ADMIN_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U}
SDNC_HOME=${SDNC_HOME:-/opt/onap/sdnc}
+SDNC_BIN=${SDNC_BIN:-/opt/onap/sdnc/bin}
CCSDK_HOME=${CCSDK_HOME:-/opt/onap/ccsdk}
SLEEP_TIME=${SLEEP_TIME:-120}
MYSQL_PASSWD=${MYSQL_PASSWD:-{{.Values.config.dbRootPassword}}}
ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false}
GEO_ENABLED=${GEO_ENABLED:-false}
DBINIT_DIR=${DBINIT_DIR:-/opt/opendaylight/current/daexim}
+SDNRWT=${SDNRWT:-false}
+SDNRWT_BOOTFEATURES=${SDNRWT_BOOTFEATURES:-sdnr-wt-feature-aggregator}
+
+echo "Settings:"
+echo " ENABLE_ODL_CLUSTER=$ENABLE_ODL_CLUSTER"
+echo " SDNC_REPLICAS=$SDNC_REPLICAS"
+echo " SDNRWT=$SDNRWT"
#
# Wait for database to init properly
if $ENABLE_ODL_CLUSTER ; then enable_odl_cluster ; fi
+ if $SDNRWT ; then install_sdnrwt_features ; fi
+
echo "Installed at `date`" > ${SDNC_HOME}/.installed
fi
+cp /opt/opendaylight/current/certs/* /tmp
+
+nohup python ${SDNC_BIN}/installCerts.py &
+
+
exec ${ODL_HOME}/bin/karaf server
apiVersion: v1
description: ONAP SDNC Policy Driven Ownership Management
name: sdnc-prom
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}2
{{ end }}
{{- end -}}
+{{ if .Values.certpersistence.enabled }}
+---
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-pv-certs
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-pv-certs
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}-certs
+spec:
+ capacity:
+ storage: {{ .Values.certpersistence.size }}
+ accessModes:
+ - {{ .Values.certpersistence.accessMode }}
+{{- if .Values.certpersistence.storageClass }}
+{{- if (eq "-" .Values.certpersistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.certpersistence.storageClass }}"
+{{- end }}
+{{- end }}
+ persistentVolumeReclaimPolicy: {{ .Values.certpersistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.certpersistence.mountPath }}/{{ .Values.certpersistence.mountSubPath }}
+{{ end }}
+
+
+
--- /dev/null
+{{- if and .Values.certpersistence.enabled (not .Values.certpersistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" .}}-pvc-certs
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-pvc-certs
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.certpersistence.annotations }}
+ annotations:
+{{ toYaml .Values.certpersistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}-pv-certs
+ accessModes:
+ - {{ .Values.certpersistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.certpersistence.size }}
+{{- if .Values.certpersistence.storageClass }}
+{{- if (eq "-" .Values.certpersistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.certpersistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
\ No newline at end of file
value: "{{ .Values.replicaCount }}"
- name: MYSQL_HOST
value: "{{.Release.Name}}-{{.Values.mysql.nameOverride}}-0.{{.Values.mysql.service.name}}.{{.Release.Namespace}}"
+ - name: JAVA_HOME
+ value: "{{ .Values.config.javaHome}}"
volumeMounts:
- mountPath: /etc/localtime
name: localtime
name: {{ include "common.fullname" . }}-mdsal
- mountPath: /var/log/onap
name: logs
+ - mountPath: {{ .Values.certpersistence.certPath }}
+ name: {{ include "common.fullname" . }}-certs
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
configMap:
name: {{ include "common.fullname" . }}-properties
defaultMode: 0644
+ - name: {{ include "common.fullname" . }}-certs
+ {{ if .Values.certpersistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}-pvc-certs
+ {{ else }}
+ emptyDir: {}
+ {{ end }}
{{ if not .Values.persistence.enabled }}
- name: {{ include "common.fullname" . }}-mdsal
emptyDir: {}
selector:
matchLabels:
name: {{ include "common.fullname" . }}
- {{ end }}
+ {{ end }}
\ No newline at end of file
# application images
repository: nexus3.onap.org:10001
pullPolicy: Always
-image: onap/sdnc-image:1.4.3
+image: onap/sdnc-image:1.5-STAGING-latest
# flag to enable debugging - application support required
debugEnabled: false
logstashPort: 5044
ansibleServiceName: sdnc-ansible-server
ansiblePort: 8000
+ javaHome: /usr/lib/jvm/java-1.8-openjdk
# dependency / sub-chart configuration
+cds:
+ enabled: true
+
dmaap-listener:
nameOverride: sdnc-dmaap-listener
config:
mountSubPath: sdnc/mdsal
mdsalPath: /opt/opendaylight/current/daexim
+certpersistence:
+ enabled: true
+
+ ## A manually managed Persistent Volume and Claim
+ ## Requires persistence.enabled: true
+ ## If defined, PVC must be created manually before volume will be bound
+ # existingClaim:
+
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteOnce
+ size: 50Mi
+ mountPath: /dockerdata-nfs
+ mountSubPath: sdnc/certs
+ certPath: /opt/opendaylight/current/certs
+ ##storageClass: "manual"
+
ingress:
enabled: false
apiVersion: v1
description: ONAP Mock Sniro Emulator
name: sniro-emulator
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
apiVersion: v1
description: ONAP Service Orchestrator
name: so
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: so-bpmn-infra
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
# See the License for the specific language governing permissions and
# limitations under the License.
aai:
- auth: 65885E7C4E860E420808030D8BC653073E6782CB5026EC8F49E3E5C6F3E27F6A
+ auth: 221187EFA3AD4E33600DE0488F287099934CE65C3D0697BCECC00BB58E784E07CD74A24581DC31DBC086FF63DF116378776E9BE3D1325885
dme2:
timeout: '30000'
endpoint: https://aai.{{ include "common.namespace" . }}:8443
workflowAaiDistributionDelay: PT30S
pnfEntryNotificationTimeout: P14D
+cds:
+ endpoint: blueprints-processor
+ port: 9111
+ auth: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
camunda:
bpm:
admin-user:
endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
auth: Basic YnBlbDpwYXNzd29yZDEk
db:
- auth: 33293332AEC4930F655D8E2E8BB08937
+ auth: A3745B5DBE165EFCF101D85A6FC81C211AB8BF604F8861B6C413D5DC90F8F30E0139DE44B8A342F4EF70AF
password: wLg4sjrAFUS8rfVfdvTXeQ==
endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/services/RequestsDbAdapter
spring:
db:
endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/services/RequestsDbAdapter
po:
- auth: 33293332AEC4930F655D8E2E8BB08937
- password: B8EBDE0311F0AF355CF3F2FD505A8CAD
+ auth: A3745B5DBE165EFCF101D85A6FC81C211AB8BF604F8861B6C413D5DC90F8F30E0139DE44B8A342F4EF70AF
sdnc:
endpoint: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/SDNCAdapter
rest:
endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/
rollback: 'true'
sdnc:
- password: 3141634BF7E070AA289CF2892C986C0B
+ password: 1D78CFC35382B6938A989066A7A7EAEF4FE933D2919BABA99EB4763737F39876C333EE5F
service:
agnostic:
sniro:
callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
rollback:
callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
+ use:
+ qualified:
+ host: false
global:
dmaap:
username: testuser
host: http://10.42.111.36:904
publisher:
topic: replaceme
+ naming:
+ endpoint: http://naming.demo.onap.com:8081/web/service/v1/genNetworkElementName
+ auth: Basic bTA0NzY4QG5vbi1wcm9kLm1zby5lY29tcC5hdHQuY29tOkF0dG0wNDc2OExpZmUhQA==
policy:
auth: Basic dGVzdHBkcDphbHBoYTEyMw==
+ default:
+ disposition: Skip
client:
auth: Basic bTAzNzQzOnBvbGljeVIwY2sk
endpoint: http://pdp.{{ include "common.namespace" . }}:8081/pdp/api/
tomcat:
max-threads: 50
spring:
- datasource:
- driver-class-name: org.mariadb.jdbc.Driver
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/camundabpmn
- username: ${DB_USERNAME}
- password: ${DB_PASSWORD}
- dbcp2:
- initial-size: 5
- max-total: 20
- validation-query: select 1
- test-on-borrow: true
security:
usercredentials:
-
username: mso_admin
password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
role: ACTUATOR
+so:
+ vnfm:
+ adapter:
+ url: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/
+ auth: Basic dm5mbTpwYXNzd29yZDEk
apiVersion: v1
description: A Helm chart for so-catalog-db-adapter
name: so-catalog-db-adapter
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
#Actuator
management:
context-path: /manage
+cloud_config:
+ identity_services:
+ RAX_KEYSTONE:
+ identity_url: "https://identity.api.rackspacecloud.com/v2.0"
+ mso_id: "RACKSPACE_ACCOUNT_ID"
+ mso_pass: "RACKSPACE_ACCOUNT_APIKEY"
+ admin_tenant: "{{ .Values.config.openStackServiceTenantName }}"
+ member_role: "admin"
+ tenant_metadata: true
+ identity_server_type: "KEYSTONE"
+ identity_authentication_type: "RACKSPACE_APIKEY"
+ DEFAULT_KEYSTONE:
+ identity_url: "{{ .Values.config.openStackKeyStoneUrl }}"
+ mso_id: "{{ .Values.config.openStackUserName }}"
+ mso_pass: "{{ .Values.config.openStackEncryptedPasswordHere }}"
+ admin_tenant: "{{ .Values.config.openStackServiceTenantName }}"
+ member_role: "admin"
+ tenant_metadata: true
+ identity_server_type: "KEYSTONE"
+ identity_authentication_type: "USERNAME_PASSWORD"
+ cloud_sites:
+ Dallas:
+ region_id: "DFW"
+ clli: "DFW"
+ aic_version: "2.5"
+ identity_service_id: "RAX_KEYSTONE"
+ Northern Virginia:
+ region_id: "IAD"
+ clli: "IAD"
+ aic_version: "2.5"
+ identity_service_id: "RAX_KEYSTONE"
+ Chicago:
+ region_id: "ORD"
+ clli: "ORD"
+ aic_version: "2.5"
+ identity_service_id: "RAX_KEYSTONE"
+ RegionOne:
+ region_id: "RegionOne"
+ clli: "RegionOne"
+ aic_version: "2.5"
+ identity_service_id: "DEFAULT_KEYSTONE"
+ DEFAULT:
+ region_id: "{{ .Values.config.openStackRegion }}"
+ clli: "{{ .Values.config.openStackRegion }}"
+ aic_version: "2.5"
+ identity_service_id: "DEFAULT_KEYSTONE"
nameOverride: so-mariadb
ingress:
enabled: false
+config:
+ openStackUserName: "vnf_user"
+ openStackRegion: "RegionOne"
+ openStackKeyStoneUrl: "http://1.2.3.4:5000/v2.0"
+ openStackServiceTenantName: "service"
+ openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
+ openStackTenantId: "d570c718cbc545029f40e50b75eb13df"
nodeSelector: {}
tolerations: []
affinity: {}
apiVersion: v1
description: A Helm chart for DB secrets
name: so-db-secrets
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: MariaDB Service
name: so-mariadb
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: mariadb:10.1.11
+image: mariadb:10.1.38
pullPolicy: Always
ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
config:
mariadbRootPassword: password
# gerrit branch where the latest heat code is checked in
- gerritBranch: 3.0.0-ONAP
+ gerritBranch: master
# gerrit project where the latest heat code is checked in
gerritProject: http://gerrit.onap.org/r/so/docker-config.git
# default number of instances
apiVersion: v1
description: A Helm chart for ONAP Service Orchestration Monitoring
name: so-monitoring
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: so-openstack-adapter
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+aai:
+ auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586
server:
port: {{ index .Values.containerPort }}
spring:
- datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
- username: ${DB_ADMIN_USERNAME}
- password: ${DB_ADMIN_PASSWORD}
- driver-class-name: org.mariadb.jdbc.Driver
- dbcp2:
- initial-size: 5
- max-total: 20
- validation-query: select 1
- test-on-borrow: true
security:
usercredentials:
-
default_keystone_url_version: /v2.0
default_keystone_reg_ex: "/[vV][0-9]"
vnf:
- bpelauth: A7FC9B308B7AF7A269072BA729A345625E0381E3071DE7EE50603677CB69C515
+ bpelauth: D1A67FA93B6A6419132D0F83CC771AF774FD3C60853C50C22C8C6FC5088CC79E9E81EDE9EA39F22B2F66A0068E
checkRequiredParameters: true
addGetFilesOnVolumeReq: false
sockettimeout: 30
valet_enabled: false
fail_requests_on_valet_failure: false
network:
- bpelauth: A7FC9B308B7AF7A269072BA729A345625E0381E3071DE7EE50603677CB69C515
+ bpelauth: D1A67FA93B6A6419132D0F83CC771AF774FD3C60853C50C22C8C6FC5088CC79E9E81EDE9EA39F22B2F66A0068E
sockettimeout: 5
connecttimeout: 5
retrycount: 5
retryinterval: -15
retrylist: 408,429,500,502,503,504,900
+ encryptionKey: 07a7159d3bf51a0e53be7a8f89699be7
tenant:
default_keystone_url_version: /v2.0
default_keystone_reg_ex: "/[vV][0-9]"
pollTimeout: 7500
pollInterval: 15
mso:
+ auth: D1A67FA93B6A6419132D0F83CC771AF774FD3C60853C50C22C8C6FC5088CC79E9E81EDE9EA39F22B2F66A0068E
logPath: ./logs/openstack
+ msb-ip: msb-iag.{{ include "common.namespace" . }}
+ msb-port: 80
+ workflow:
+ endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/sobpmnengine
+ msoKey: 07a7159d3bf51a0e53be7a8f89699be7
+ config:
+ cadi:
+ aafId: poBpmn
catalog:
db:
spring:
endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082
+ aai:
+ endpoint: https://aai.{{ include "common.namespace" . }}:8443
db:
auth: Basic YnBlbDpwYXNzd29yZDEk
site-name: localDevEnv
core-pool-size: 50
max-pool-size: 50
queue-capacity: 500
-cloud_config:
- identity_services:
- RAX_KEYSTONE:
- identity_url: "https://identity.api.rackspacecloud.com/v2.0"
- mso_id: "RACKSPACE_ACCOUNT_ID"
- mso_pass: "RACKSPACE_ACCOUNT_APIKEY"
- admin_tenant: "{{ .Values.config.openStackServiceTenantName }}"
- member_role: "admin"
- tenant_metadata: true
- identity_server_type: "KEYSTONE"
- identity_authentication_type: "RACKSPACE_APIKEY"
- DEFAULT_KEYSTONE:
- identity_url: "{{ .Values.config.openStackKeyStoneUrl }}"
- mso_id: "{{ .Values.config.openStackUserName }}"
- mso_pass: "{{ .Values.config.openStackEncryptedPasswordHere }}"
- admin_tenant: "{{ .Values.config.openStackServiceTenantName }}"
- member_role: "admin"
- tenant_metadata: true
- identity_server_type: "KEYSTONE"
- identity_authentication_type: "USERNAME_PASSWORD"
- cloud_sites:
- Dallas:
- region_id: "DFW"
- clli: "DFW"
- aic_version: "2.5"
- identity_service_id: "RAX_KEYSTONE"
- Northern Virginia:
- region_id: "IAD"
- clli: "IAD"
- aic_version: "2.5"
- identity_service_id: "RAX_KEYSTONE"
- Chicago:
- region_id: "ORD"
- clli: "ORD"
- aic_version: "2.5"
- identity_service_id: "RAX_KEYSTONE"
- RegionOne:
- region_id: "RegionOne"
- clli: "RegionOne"
- aic_version: "2.5"
- identity_service_id: "DEFAULT_KEYSTONE"
- DEFAULT:
- region_id: "{{ .Values.config.openStackRegion }}"
- clli: "{{ .Values.config.openStackRegion }}"
- aic_version: "2.5"
- identity_service_id: "DEFAULT_KEYSTONE"
apiVersion: v1
description: A Helm chart for request-db-adapter
name: so-request-db-adapter
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
auth: Basic YnBlbDpwYXNzd29yZDEk
endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
spring:
- datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
- username: ${DB_USERNAME}
- password: ${DB_PASSWORD}
- driver-class-name: org.mariadb.jdbc.Driver
- initialize: false
- initialization-mode: never
- dbcp2:
- initial-size: 5
- max-total: 20
- validation-query: select 1
- test-on-borrow: true
- jpa:
- generate-ddl: false
- show-sql: false
- hibernate:
- ddl-auto: validate
- naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy
- enable-lazy-load-no-trans: true
- database-platform: org.hibernate.dialect.MySQL5InnoDBDialect
security:
usercredentials:
-
#Actuator
management:
context-path: /manage
-flyway:
- baseline-on-migrate: true
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
- user: ${DB_ADMIN_USERNAME}
- password: ${DB_ADMIN_PASSWORD}
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: so-sdc-controller
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
# See the License for the specific language governing permissions and
# limitations under the License.
aai:
- auth: 65885E7C4E860E420808030D8BC653073E6782CB5026EC8F49E3E5C6F3E27F6A
+ auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586
server:
port: {{ index .Values.containerPort }}
spring:
- datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
- username: ${DB_USERNAME}
- password: ${DB_PASSWORD}
- driver-class-name: org.mariadb.jdbc.Driver
- dbcp2:
- initial-size: 5
- max-total: 20
- validation-query: select 1
- test-on-borrow: true
security:
usercredentials:
-
role: ACTUATOR
request:
datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
driver-class-name: org.mariadb.jdbc.Driver
- dbcp2:
- initial-size: 5
- max-total: 20
- validation-query: select 1
- test-on-borrow: true
mso:
msoKey: 07a7159d3bf51a0e53be7a8f89699be7
logPath: ./logs/sdc
consumerId: SO-COpenSource-Env11
environmentName: AUTO
asdcAddress: sdc-be.{{ include "common.namespace" . }}:8443
- password: 613AF3483E695524F9857643B697FA51C7A9A0951094F53791485BF3458F9EADA37DBACCCEBD0CB242B85B4062745247
+ password: 76966BDD3C7414A03F7037264FF2E6C8EEC6C28F2B67F2840A1ED857C0260FEE731D73F47F828E5527125D29FD25D3E0DE39EE44C058906BF1657DE77BF897EECA93BDC07FA64F
pollingInterval: 60
pollingTimeout: 60
relevantArtifactTypes: HEAT,HEAT_ENV,HEAT_VOL
+ useHttpsWithDmaap: false
activateServerTLSAuth: false
keyStorePassword:
keyStorePath:
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: so-sdnc-adapter
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
activate: POST|285000|sdncurl8|sdnc-request-header|com:att:sdnctl:nbncapi
assign: POST|285000|sdncurl8|sdnc-request-header|com:att:sdnctl:nbncapi
delete: POST|285000|sdncurl8|sdnc-request-header|com:att:sdnctl:nbncapi
+ vnf-topology-aic-operation:
+ activate: POST|270000|sdncurl11|sdnc-request-header|com:att:sdnctl:vnftopologyaic
+ assign: POST|270000|sdncurl11|sdnc-request-header|com:att:sdnctl:vnftopologyaic
tunnelxconn-topology-operation:
activate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource
assign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource
changedelete: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf
delete: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf
rollback: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf
- bpelauth: 023A0244AB819A0DE0131DBC3AC5FAB4D8544E1CB1A7FE3CE60F6E3292AC0D93
+ bpelauth: 4C18603C5AE7E3A42A6CED95CDF9C0BA9B2109B3725747662E5D34E5FDF63DA9ADEBB08185098F14699195FDE9475100
bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/SDNCAdapterCallbackService
generic-resource:
network-topology-operation:
myurl: http://so-sdnc-adapter{{ include "common.namespace" . }}:8086/adapters/rest/SDNCNotify
rest:
bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
- sdncauth: 263f7d5f944d4d0c76db74b4148bec67d0bc796a874bc0d2a2a12aae89a866aa69133f700f391f784719a37f6a68d29bf5a2fbae1dab0402db7788c800c5ba73
+ sdncauth: ED07A7EE5F099FA53369C3DF2240AD68A00154676EEDBC6F8C16BAA83B1912941B8941ABD48683D2C1072DA7040659692DE936A59BBF42A038CF71DE67B4A375190071EC76EA657801B033C135
sdncconnecttime: 5000
sdncurl10: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/GENERIC-RESOURCE-API:'
sdncurl11: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNFTOPOLOGYAIC-API:'
sdncurl12: 'http://sdnc.{{ include "common.namespace" . }}:8282/'
sdncurl5: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/config'
sdncurl6: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNF-API:'
+ sdncurl7: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/L3UCPE-API:'
sdncurl8: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NBNC-API:'
sdncurl9: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NORTHBOUND-API:service-topology-operation'
service:
vfmodule:
'':
query: GET|60000|sdncurl12|
+ network:
+ encryptionKey: 07a7159d3bf51a0e53be7a8f89699be7
spring:
security:
usercredentials:
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: so-vfc-adapter
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
- dbcp2:
- initial-size: 5
- max-total: 20
- validation-query: select 1
- test-on-borrow: true
security:
usercredentials:
- username: bpel
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright © 2019 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
apiVersion: v1
-description: ONAP VNF Validation Platform
-name: vvp
-version: 3.0.0
+description: ONAP SO VNFM Adapter
+name: so-vnfm-adapter
+version: 4.0.0
--- /dev/null
+# Copyright © 2019 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+aai:
+ auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586
+ version: v15
+ endpoint: https://aai.{{ include "common.namespace" . }}:8443
+spring:
+ security:
+ usercredentials:
+ - username: vnfm
+ password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
+ role: BPEL-Client
+ - username: mso_admin
+ password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
+ role: ACTUATOR
+server:
+ port: {{ index .Values.containerPort }}
+mso:
+ key: 07a7159d3bf51a0e53be7a8f89699be7
+ site-name: localSite
+ logPath: ./logs/vnfm-adapter
+ msb-ip: msb-iag.{{ include "common.namespace" . }}
+ msb-port: 80
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2019 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
apiVersion: v1
+data:
+ LOG_PATH: {{ index .Values.logPath }}
+ APP: {{ index .Values.app }}
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-node-props-configmap
+ name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/node.properties").AsConfig . | indent 2 }}
---
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-create-feed-configmap
+ name: {{ include "common.fullname" . }}-app-configmap
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/feeds/*").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }}
--- /dev/null
+# Copyright © 2019 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+spec:
+ replicas: {{ index .Values.replicaCount }}
+ minReadySeconds: {{ index .Values.minReadySeconds }}
+ strategy:
+ type: {{ index .Values.updateStrategy.type }}
+ rollingUpdate:
+ maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
+ maxSurge: {{ index .Values.updateStrategy.maxSurge }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: {{ include "common.repository" . }}/{{ .Values.image }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ envFrom:
+ - configMapRef:
+ name: {{ include "common.fullname" . }}-configmap
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: logs
+ mountPath: /app/logs
+ - name: config
+ mountPath: /app/config
+ readOnly: true
+ livenessProbe:
+ tcpSocket:
+ port: {{ index .Values.livenessProbe.port }}
+ initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}}
+ periodSeconds: {{ index .Values.livenessProbe.periodSeconds}}
+ successThreshold: {{ index .Values.livenessProbe.successThreshold}}
+ failureThreshold: {{ index .Values.livenessProbe.failureThreshold}}
+ ports:
+ - containerPort: {{ index .Values.containerPort }}
+ name: {{ .Values.service.portName }}
+ protocol: TCP
+ volumes:
+ - name: logs
+ emptyDir: {}
+ - name: config
+ configMap:
+ name: {{ include "common.fullname" . }}-app-configmap
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+# Copyright © 2019 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+ msb.onap.org/service-info: '[
+ {
+ "serviceName": "{{ include "common.servicename" . }}",
+ "version": "v1",
+ "url": "/so/vnfm-adapter/v1",
+ "protocol": "REST",
+ "port": "{{.Values.service.externalPort}}",
+ "visualRange":"1"
+ }
+ ]'
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Copyright © 2019 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
#################################################################
# Global configuration defaults.
#################################################################
global:
- nodePortPrefix: 302
+ nodePortPrefixExt: 304
repository: nexus3.onap.org:10001
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
+ persistence:
+ mountPath: /dockerdata-nfs
#################################################################
# Application configuration defaults.
#################################################################
-# application image
repository: nexus3.onap.org:10001
-image: onap/vvp/test-engine:1.0.0
+image: onap/so/vnfm-adapter:1.4.0
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
+minReadySeconds: 10
+containerPort: 9092
+logPath: ./logs/vnfm-adapter/
+app: vnfm-adapter
service:
- type: ClusterIP
- internalPort: 8282
-
+ type: NodePort
+ internalPort: 9092
+ externalPort: 9092
+ nodePort: "06"
+ portName: so-vnfm-port
+updateStrategy:
+ type: RollingUpdate
+ maxUnavailable: 1
+ maxSurge: 1
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ memory: 4Gi
+ cpu: 2000m
+ requests:
+ memory: 1Gi
+ cpu: 500m
+ large:
+ limits:
+ memory: 8Gi
+ cpu: 4000m
+ requests:
+ memory: 2Gi
+ cpu: 1000m
+ unlimited: {}
+livenessProbe:
+ port: 9092
+ initialDelaySeconds: 600
+ periodSeconds: 60
+ timeoutSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
ingress:
enabled: false
+nodeSelector: {}
+tolerations: []
+affinity: {}
# limitations under the License.
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
default:
testApi: GR_API
camundaURL: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/
- camundaAuth: 1D9003AB8BAFFA0D2104B67FA89040AD70B5B495B2A5DF931DE236484EBC1681
+ camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
async:
core-pool-size: 50
max-pool-size: 50
queue-capacity: 500
sdc:
client:
- auth: F3473596C526938329DF877495B494DC374D1C4198ED3AD305EA3ADCBBDA1862
+ auth: 878785F4F31BC9CFA5AB52A172008212D8845ED2DE08AD5E56AF114720A4E49768B8F95CDA2EB971765D28EDCDAA24
activate:
instanceid: test
userid: cs0008
count: 3
aai:
endpoint: https://aai.{{ include "common.namespace" . }}:8443
- auth: 2630606608347B7124C244AB0FE34F6F
+ auth: 6E081E10B1CA43A843E303733A74D9B23B601A6E22A21C7EF2C7F15A42F81A1A4E85E65268C2661F71321052C7F3E55B96A8E1E951F8BF6F
+ extApi:
+ endpoint: http://nbi.onap:8080/nbi/api/v3
so:
operational-environment:
dmaap:
username: testuser
password: VjR5NDcxSzA=
host: http://dmaap-bc.{{ include "common.namespace" . }}:8080
+ auth: 51EA5414022D7BE536E7516C4D1A6361416921849B72C0D6FC1C7F262FD9F2BBC2AD124190A332D9845A188AD80955567A4F975C84C221EEA8243BFD92FFE6896CDD1EA16ADD34E1E3D47D4A
publisher:
topic: com.att.ecomp.mso.operationalEnvironmentEvent
spring:
- datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb
- username: ${DB_USERNAME}
- password: ${DB_PASSWORD}
- driver-class-name: org.mariadb.jdbc.Driver
- dbcp2:
- initial-size: 5
- max-total: 20
- validation-query: select 1
- test-on-borrow: true
- jpa:
- show-sql: true
- hibernate:
- dialect: org.hibernate.dialect.MySQL5Dialect
- ddl-auto: validate
- naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy
- enable-lazy-load-no-trans: true
jersey:
type: filter
security:
role: ACTUATOR
request:
datasource:
- url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
+ jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
driver-class-name: org.mariadb.jdbc.Driver
- dbcp2:
- initial-size: 5
- max-total: 20
- validation-query: select 1
- test-on-borrow: true
+org:
+ onap:
+ so:
+ cloud-owner: onap
+ adapters:
+ network:
+ encryptionKey: 07a7159d3bf51a0e53be7a8f89699be7
apiVersion: v1
description: ONAP uui
name: uui
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP uui server
name: uui-server
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
apiVersion: v1
description: ONAP Virtual Function Controller (VF-C)
name: vfc
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP VFC - Catalog
name: vfc-catalog
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
- name: MYSQL_ADDR
value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}"
volumeMounts:
+ - name: {{ include "common.fullname" . }}-catalog
+ mountPath: /service/vfc/nfvo/catalog/static
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
readOnly: true
mountPath: /usr/share/filebeat/data
volumes:
+ - name: {{ include "common.fullname" . }}-catalog
+ {{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
- name: {{ include "common.fullname" . }}-localtime
hostPath:
path: /etc/localtime
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
kind: PersistentVolume
apiVersion: v1
name: {{ include "common.fullname" . }}
spec:
capacity:
- storage: {{ .Values.persistence.size }}
+ storage: {{ .Values.persistence.size}}
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
+{{- end -}}
\ No newline at end of file
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
kind: PersistentVolumeClaim
apiVersion: v1
storageClassName: "{{ .Values.persistence.storageClass }}"
{{- end }}
{{- end }}
-{{- end -}}
+{{- end -}}
\ No newline at end of file
initialDelaySeconds: 10
periodSeconds: 10
+## Persist data to a persitent volume
+persistence:
+ enabled: true
+ ## A manually managed Persistent Volume and Claim
+ ## Requires persistence.enabled: true
+ ## If defined, PVC must be created manually before volume will be bound
+ # existingClaim:
+ volumeReclaimPolicy: Retain
+ ## database data Persistent Volume Storage Class
+ ## If defined, storageClassName: <storageClass>
+ ## If set to "-", storageClassName: "", which disables dynamic provisioning
+ ## If undefined (the default) or set to null, no storageClassName spec is
+ ## set, choosing the default provisioner. (gp2 on AWS, standard on
+ ## GKE, AWS & OpenStack)
+ ##
+ # storageClass: "-"
+ accessMode: ReadWriteMany
+ size: 2Gi
+ mountPath: /dockerdata-nfs
+ mountSubPath: vfc/catalog
+
service:
type: ClusterIP
name: vfc-catalog
apiVersion: v1
description: ONAP VFC - DB
name: vfc-db
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP VFC - EMS Driver
name: vfc-ems-driver
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - Generic VNFM Driver
name: vfc-generic-vnfm-driver
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - Huawei VNFM Driver
name: vfc-huawei-vnfm-driver
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - Juju VNFM Driver
name: vfc-juju-vnfm-driver
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - MultiVIM Proxy
name: vfc-multivim-proxy
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - Nokia V2VNFM Driver
name: vfc-nokia-v2vnfm-driver
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - Nokia VNFM Driver
name: vfc-nokia-vnfm-driver
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - NS Life Cycle Management
name: vfc-nslcm
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - Resource Manager
name: vfc-resmgr
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - VNF Life Cycle Management
name: vfc-vnflcm
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - VNF Manager
name: vfc-vnfmgr
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - VNF Resource Manager
name: vfc-vnfres
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - Workflow Engine
name: vfc-workflow-engine
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - Workflow
name: vfc-workflow
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - ZTE SDNC Driver
name: vfc-zte-sdnc-driver
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
apiVersion: v1
description: ONAP VFC - ZTE VNFM Driver
name: vfc-zte-vnfm-driver
-version: 3.0.0
\ No newline at end of file
+version: 4.0.0
\ No newline at end of file
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
\ No newline at end of file
msbPort: 80
dbServiceName: vfc-db
dbPort: 3306
+ persistence:
+ mountPath: /dockerdata-nfs
# application configuration
config:
apiVersion: v1
description: ONAP Virtual Infrastructure Deployment
name: vid
-version: 3.0.0
+version: 4.0.0
apiVersion: v1
description: ONAP VID MariaDB Galera cluster
name: vid_mariadb_galera
-version: 3.0.0
+version: 4.0.0
keywords:
- mariadb
- mysql
metadata:
name: {{ include "common.fullname" . }}-confd
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }}
---
metadata:
name: {{ include "common.fullname" . }}-externalconfig
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
data:
my_extra.cnf: |-
[mysqld]
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
metadata:
name: {{ include "common.fullname" . }}-log-configmap
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/log/vid/*").AsConfig . | indent 2 }}
---
metadata:
name: {{ include "common.fullname" . }}-filebeat-configmap
namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
---
# application image
repository: nexus3.onap.org:10001
-image: onap/vid:3.2.2
+image: onap/vid:4.0-STAGING-latest
pullPolicy: Always
# mariadb image for initializing
apiVersion: v1
description: ONAP VNF SDK
name: vnfsdk
-version: 3.0.0
+version: 4.0.0
dependencies:
- name: common
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
- name: postgres
- version: ~3.0.0
+ version: ~4.x-0
repository: '@local'
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: end-to-end flow tests based on Seleniunm
-name: vvp-ci-uwsgi
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import os
-from datetime import datetime
-
-# With this file at web/settings/__init__.py, we need three applications of
-# dirname() to find the project root.
-PROJECT_PATH = os.path.realpath(os.path.dirname(os.path.dirname(os.path.dirname(__file__))))
-LOGS_PATH = os.path.join(PROJECT_PATH, "logs")
-
-ICE_ENVIRONMENT = os.environ['ICE_ENVIRONMENT']
-PROGRAM_NAME_URL_PREFIX = os.environ['PROGRAM_NAME_URL_PREFIX']
-SERVICE_PROVIDER = os.environ['SERVICE_PROVIDER']
-PROGRAM_NAME = os.environ['PROGRAM_NAME']
-SERVICE_PROVIDER_DOMAIN = os.environ['SERVICE_PROVIDER_DOMAIN']
-
-# See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/
-SECRET_KEY = os.environ["SECRET_KEY"]
-
-# https://docs.djangoproject.com/en/1.10/ref/settings/#allowed-hosts
-# Anything in the Host header that does not match our expected domain should
-# raise SuspiciousOperation exception.
-ALLOWED_HOSTS = ['*']
-
-if ICE_ENVIRONMENT == 'production':
- DEBUG = False
-
- EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
- EMAIL_HOST = os.environ.get('ICE_EMAIL_HOST')
- EMAIL_HOST_PASSWORD = os.environ['EMAIL_HOST_PASSWORD']
- EMAIL_HOST_USER = os.environ['EMAIL_HOST_USER']
- EMAIL_PORT = os.environ['EMAIL_PORT']
-else:
- DEBUG = True
- EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
-
-
-# Note: Only SSL email backends are allowed
-EMAIL_USE_SSL = True
-
-REST_FRAMEWORK = {
- 'DEFAULT_AUTHENTICATION_CLASSES': (
- 'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
- ),
- 'PAGE_SIZE': 10,
- # Use Django's standard `django.contrib.auth` permissions,
- # or allow read-only access for unauthenticated users.
- 'DEFAULT_PERMISSION_CLASSES': ('rest_framework.permissions.IsAdminUser',),
-}
-APPEND_SLASH = False
-
-# Application definition
-
-INSTALLED_APPS = [
-
- 'django.contrib.auth',
- 'django.contrib.contenttypes', # required by d.c.admin
- 'django.contrib.sessions', # required by d.c.admin
- 'django.contrib.messages', # required by d.c.admin
- 'django.contrib.staticfiles',
- 'django.contrib.admin', # django admin site
- 'rest_framework',
- 'iceci.apps.IceCiConfig',
-]
-
-MIDDLEWARE_CLASSES = [
- 'django.middleware.security.SecurityMiddleware',
- 'django.contrib.sessions.middleware.SessionMiddleware',
- 'django.middleware.common.CommonMiddleware',
- 'django.middleware.csrf.CsrfViewMiddleware',
- 'django.contrib.auth.middleware.AuthenticationMiddleware',
- 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
- 'django.contrib.messages.middleware.MessageMiddleware',
- 'django.middleware.clickjacking.XFrameOptionsMiddleware',
-]
-
-ROOT_URLCONF = 'web.urls'
-
-TEMPLATES = [
- {
- 'BACKEND': 'django.template.backends.django.DjangoTemplates',
- 'DIRS': [PROJECT_PATH + '/web/templates'],
- 'APP_DIRS': True,
- 'OPTIONS': {
- 'context_processors': [
- 'django.template.context_processors.debug',
- 'django.template.context_processors.request',
- 'django.contrib.auth.context_processors.auth', # required by d.c.admin
- 'django.contrib.messages.context_processors.messages', # required by d.c.admin
- ],
- },
- },
-]
-
-WSGI_APPLICATION = 'web.wsgi.application'
-
-# Database
-# https://docs.djangoproject.com/en/1.9/ref/settings/#databases
-
-DATABASES = {
- 'default': { # CI DB details.
- 'NAME': '/app/ice_ci_db.db' ,
- 'ENGINE': 'django.db.backends.sqlite3',
- 'TEST_NAME': '/app/ice_ci_db.db',
- },
-}
-SINGLETONE_DB = {
- 'default': { # CI DB details.
- 'ENGINE': 'django.db.backends.postgresql',
- 'NAME': os.environ.get('CI_DB_NAME', 'ice_ci_db'),
- 'USER': os.environ.get('CI_DB_USER', 'iceci'),
- 'PASSWORD': os.environ.get('CI_DB_PASSWORD', 'Aa123456'),
- 'HOST': os.environ.get('CI_DB_HOST', 'localhost'),
- 'PORT': os.environ.get('CI_DB_PORT', '5433'),
- },
- 'em_db': { # ICE DB details.
- 'ENGINE': 'django.db.backends.postgresql',
- 'NAME': os.environ.get('EM_DB_NAME', 'icedb'),
- 'USER': os.environ.get('EM_DB_USER', 'iceuser'),
- 'PASSWORD': os.environ.get('EM_DB_PASSWORD', 'Aa123456'),
- 'HOST': os.environ.get('EM_DB_HOST', 'localhost'),
- 'PORT': os.environ.get('EM_DB_PORT', '5433'),
- },
- 'cms_db': { # ICE CMS details.
- 'ENGINE': 'django.db.backends.postgresql',
- 'NAME': os.environ.get('CMS_DB_NAME', 'icecmsdb'),
- 'USER': os.environ.get('CMS_DB_USER', 'icecmsuser'),
- 'PASSWORD': os.environ.get('CMS_DB_PASSWORD', 'Aa123456'),
- 'HOST': os.environ.get('CMS_DB_HOST', 'localhost'),
- 'PORT': os.environ.get('CMS_DB_PORT', '5433'),
- }
-}
-
-# Password validation
-# https://docs.djangoproject.com/en/1.9/ref/settings/#auth-password-validators
-
-AUTH_PASSWORD_VALIDATORS = [
- {
- 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
- },
- {
- 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
- },
- {
- 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
- },
- {
- 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
- },
-]
-
-
-# Internationalization
-# https://docs.djangoproject.com/en/1.9/topics/i18n/
-
-LANGUAGE_CODE = 'en-us'
-
-TIME_ZONE = 'UTC'
-
-USE_I18N = True
-
-USE_L10N = True
-
-USE_TZ = False
-
-
-# Static files (CSS, JavaScript, Images)
-# https://docs.djangoproject.com/en/1.9/howto/static-files/
-STATIC_ROOT = os.environ['STATIC_ROOT']
-STATIC_URL = '/static/'
-
-LOGGING = {
- 'version': 1,
- 'disable_existing_loggers': False,
- 'formatters': { # All possible attributes are: https://docs.python.org/3/library/logging.html#logrecord-attributes
- 'verbose': {
- 'format': '%(asctime)s %(levelname)s %(module)s %(filename)s:%(lineno)d %(process)d %(thread)d %(message)s'
- },
- 'simple': {
- 'format': '%(asctime)s %(levelname)s %(filename)s:%(lineno)d %(message)s'
- },
- },
- 'handlers': {
- 'console': {
- 'class': 'logging.StreamHandler',
- 'formatter': 'simple'
- },
- 'file1': {
- 'level': 'INFO', # handler will ignore DEBUG (only process INFO, WARN, ERROR, CRITICAL, FATAL)
- 'class': 'logging.FileHandler',
- 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-info.log',
- 'formatter': 'verbose'
- },
- 'file2': {
- 'level': 'DEBUG',
- 'class': 'logging.FileHandler',
- 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-debug.log',
- 'formatter': 'verbose'
- },
- 'file3': {
- 'level': 'ERROR',
- 'class': 'logging.FileHandler',
- 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-requests.log',
- 'formatter': 'verbose'
- },
- 'file4': {
- 'level': 'ERROR',
- 'class': 'logging.FileHandler',
- 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-db.log',
- 'formatter': 'verbose'
- }
- },
- 'loggers': {
- 'vvp-ci.logger': {
- 'handlers': ['file1', 'file2', 'file3', 'file4','console'],
- 'level': os.getenv('ICE_ICE_LOGGER_LEVEL', 'DEBUG'),
- },
- 'django': {
- 'handlers': ['console'],
- 'level': os.getenv('ICE_DJANGO_LOGGER_LEVEL', 'DEBUG'),
- },
- 'django.request': {
- 'handlers': ['file3'],
- 'level': os.getenv('ICE_ICE_REQUESTS_LOGGER_LEVEL', 'ERROR'),
- },
- 'django.db.backends': {
- 'handlers': ['file4'],
- 'level': os.getenv('ICE_ICE_DB_LOGGER_LEVEL', 'ERROR'),
- }
- }
-}
-
-
-#############################
-# ICE-CI Related Configuration
-#############################
-ICE_CONTACT_FROM_ADDRESS = os.getenv('ICE_CONTACT_FROM_ADDRESS')
-ICE_CONTACT_EMAILS = list(os.getenv('ICE_CONTACT_EMAILS','user@example.com').split(','))
-ICE_CI_ENVIRONMENT_NAME = os.getenv('ICE_CI_ENVIRONMENT_NAME', 'Dev') # Dev / Docker / Staging
-ICE_EM_URL = "{domain}/{prefix}".format(domain=os.environ['ICE_EM_DOMAIN_NAME'], prefix=PROGRAM_NAME_URL_PREFIX)
-ICE_PORTAL_URL = os.environ['ICE_DOMAIN']
-EM_REST_URL = ICE_EM_URL + '/v1/engmgr/'
-
-#Number of test results presented in admin page. Illegal values: '0' or 'Null'
-NUMBER_OF_TEST_RESULTS = int(os.getenv('NUMBER_OF_TEST_RESULTS', '30'))
-ICE_BUILD_REPORT_NUM = os.getenv('ICE_BUILD_REPORT_NUM',"{:%Y-%m-%d-%H-%M-%S}".format(datetime.now()))
-IS_JUMP_STATE=os.getenv('IS_JUMP_STATE', "True")
-DATABASE_TYPE = 'sqlite'
-
-# FIXME: Does this authentication scheme actually gain us anything? What's the
-# threat model
-WEBHOOK_TOKEN = os.environ['SECRET_WEBHOOK_TOKEN']
-
-# The authentication token and URL needed for us to issue requests to the GitLab API.
-GITLAB_TOKEN = os.environ['SECRET_GITLAB_AUTH_TOKEN']
-GITLAB_URL = "http://vvp-gitlab/"
-
-JENKINS_URL = "http://vvp-jenkins:8080/"
-JENKINS_USERNAME = "admin"
-JENKINS_PASSWORD = os.environ['SECRET_JENKINS_PASSWORD']
-
-AWS_S3_HOST = os.environ['S3_HOST']
-AWS_S3_PORT = int(os.environ['S3_PORT'])
-AWS_S3_CUSTOM_DOMAIN = os.environ['S3_HOST']
-AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID']
-AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY']
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-bind = ":8282"
-chdir = '/app'
-pidfile = '/tmp/ice-project-master.pid'
-backlog = '5000'
-errorlog = '-'
-loglevel = 'info'
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- imagePullSecrets:
- - name: onapkey
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: 80
- - containerPort: 8282
- - containerPort: 9000
- volumeMounts:
- - name: ci-settings
- mountPath: /opt/configmaps/settings/
- - name: site-crt
- mountPath: /opt/secrets/site-crt/
- env:
- - name: ICE_ENVIRONMENT
- value: "development"
- - name: PROGRAM_NAME_URL_PREFIX
- value: "vvp"
- - name: SERVICE_PROVIDER
- value: "NA"
- - name: PROGRAM_NAME
- value: "VVP"
- - name: SERVICE_PROVIDER_DOMAIN
- value: "na.com"
- - name: SECRET_KEY
- valueFrom:
- secretKeyRef: {name: em-secret, key: key}
- - name: EM_DB_HOST
- value: postgresql
- - name: EM_DB_PORT
- value: "5432"
- - name: EM_DB_NAME
- value: icedb
- - name: EM_DB_USER
- value: "em_postgresuser"
- - name: EM_DB_PASSWORD
- valueFrom:
- secretKeyRef: {name: postgresql-passwords, key: emPassword}
- - name: CMS_DB_HOST
- value: postgresql
- - name: CMS_DB_PORT
- value: "5432"
- - name: CMS_DB_NAME
- value: "icecmsdb"
- - name: CMS_DB_USER
- value: "cms_postgresuser"
- - name: CMS_DB_PASSWORD
- valueFrom:
- secretKeyRef: {name: postgresql-passwords, key: cmsPassword}
- - name: CI_DB_HOST
- value: postgresql
- - name: CI_DB_PORT
- value: "5432"
- - name: CI_DB_NAME
- value: icedb
- - name: CI_DB_USER
- value: "em_postgresuser"
- - name: CI_DB_PASSWORD
- valueFrom:
- secretKeyRef: {name: postgresql-passwords, key: ciPassword}
- - name: STATIC_ROOT
- value: "/app/htdocs"
- - name: ICE_CONTACT_FROM_ADDRESS
- value: "example"
- - name: SECRET_WEBHOOK_TOKEN
- valueFrom:
- secretKeyRef: {name: em-secret, key: em_webhook_token}
- - name: SECRET_GITLAB_AUTH_TOKEN
- valueFrom:
- secretKeyRef: {name: gitlab-password, key: auth-token}
- - name: SECRET_JENKINS_PASSWORD
- valueFrom:
- secretKeyRef: {name: em-secret, key: jenkins_admin_password}
- - name: ICE_DOMAIN
- value: https://development.vvp.example.com
- - name: ICE_EM_DOMAIN_NAME
- value: https://development.vvp.example.com
- - name: OAUTHLIB_INSECURE_TRANSPORT
- value: "1"
- - name: CI_ADMIN_USER
- value: "ciadminuser"
- - name: CI_ADMIN_MAIL
- value: "ciadminmail@example.com"
- - name: CI_ADMIN_PASSWORD
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: admin_password}
- - name: S3_HOST
- value: "dev-s3.vvp.example.com"
- - name: S3_PORT
- value: "443"
- - name: AWS_ACCESS_KEY_ID
- valueFrom:
- secretKeyRef: {name: em-secret, key: aws_access_key_id}
- - name: AWS_SECRET_ACCESS_KEY
- valueFrom:
- secretKeyRef: {name: em-secret, key: aws_secret_access_key}
- command: ["/app/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "web.wsgi:application", ]
- volumes:
- - name: ci-settings
- configMap:
- name: {{ include "common.fullname" . }}-settings
- - name: site-crt
- secret:
- secretName: site-crt
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName | default "http" }}
- selector:
- app: {{ include "common.name" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: backend uwsgi server which hosts django application
-name: vvp-cms-uwsgi
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-from __future__ import absolute_import, unicode_literals
-import os
-from cms.envbool import envbool
-
-from django import VERSION as DJANGO_VERSION
-from django.utils.translation import ugettext_lazy as _
-from boto.s3.connection import OrdinaryCallingFormat
-
-
-######################
-# MEZZANINE SETTINGS #
-######################
-
-# The following settings are already defined with default values in
-# the ``defaults.py`` module within each of Mezzanine's apps, but are
-# common enough to be put here, commented out, for conveniently
-# overriding. Please consult the settings documentation for a full list
-# of settings Mezzanine implements:
-# http://mezzanine.jupo.org/docs/configuration.html#default-settings
-
-# Controls the ordering and grouping of the admin menu.
-#
-# ADMIN_MENU_ORDER = (
-# ("Content", ("pages.Page", "blog.BlogPost",
-# "generic.ThreadedComment", (_("Media Library"), "media-library"),)),
-# ("Site", ("sites.Site", "redirects.Redirect", "conf.Setting")),
-# ("Users", ("auth.User", "auth.Group",)),
-# )
-
-# A three item sequence, each containing a sequence of template tags
-# used to render the admin dashboard.
-#
-# DASHBOARD_TAGS = (
-# ("blog_tags.quick_blog", "mezzanine_tags.app_list"),
-# ("comment_tags.recent_comments",),
-# ("mezzanine_tags.recent_actions",),
-# )
-
-# A sequence of templates used by the ``page_menu`` template tag. Each
-# item in the sequence is a three item sequence, containing a unique ID
-# for the template, a label for the template, and the template path.
-# These templates are then available for selection when editing which
-# menus a page should appear in. Note that if a menu template is used
-# that doesn't appear in this setting, all pages will appear in it.
-
-# PAGE_MENU_TEMPLATES = (
-# (1, _("Top navigation bar"), "pages/menus/dropdown.html"),
-# (2, _("Left-hand tree"), "pages/menus/tree.html"),
-# (3, _("Footer"), "pages/menus/footer.html"),
-# )
-
-# A sequence of fields that will be injected into Mezzanine's (or any
-# library's) models. Each item in the sequence is a four item sequence.
-# The first two items are the dotted path to the model and its field
-# name to be added, and the dotted path to the field class to use for
-# the field. The third and fourth items are a sequence of positional
-# args and a dictionary of keyword args, to use when creating the
-# field instance. When specifying the field class, the path
-# ``django.models.db.`` can be omitted for regular Django model fields.
-#
-# EXTRA_MODEL_FIELDS = (
-# (
-# # Dotted path to field.
-# "mezzanine.blog.models.BlogPost.image",
-# # Dotted path to field class.
-# "somelib.fields.ImageField",
-# # Positional args for field class.
-# (_("Image"),),
-# # Keyword args for field class.
-# {"blank": True, "upload_to": "blog"},
-# ),
-# # Example of adding a field to *all* of Mezzanine's content types:
-# (
-# "mezzanine.pages.models.Page.another_field",
-# "IntegerField", # 'django.db.models.' is implied if path is omitted.
-# (_("Another name"),),
-# {"blank": True, "default": 1},
-# ),
-# )
-
-# Setting to turn on featured images for blog posts. Defaults to False.
-#
-# BLOG_USE_FEATURED_IMAGE = True
-
-# If True, the django-modeltranslation will be added to the
-# INSTALLED_APPS setting.
-USE_MODELTRANSLATION = False
-
-
-########################
-# MAIN DJANGO SETTINGS #
-########################
-
-# Hosts/domain names that are valid for this site; required if DEBUG is False
-# See https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts
-ALLOWED_HOSTS = ['*']
-
-# Set UTC time zone:
-TIME_ZONE = 'UTC'
-USE_TZ = True
-
-# Local time zone for this installation. Choices can be found here:
-# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name
-# although not all choices may be available on all operating systems.
-# On Unix systems, a value of None will cause Django to use the same
-# timezone as the operating system.
-# If running in a Windows environment this must be set to the same as your
-# system time zone.
-TIME_ZONE = 'UTC'
-
-# If you set this to True, Django will use timezone-aware datetimes.
-USE_TZ = True
-
-# Language code for this installation. All choices can be found here:
-# http://www.i18nguy.com/unicode/language-identifiers.html
-LANGUAGE_CODE = "en"
-
-# Supported languages
-LANGUAGES = (
- ('en', _('English')),
-)
-
-ENVIRONMENT = os.environ['ENVIRONMENT']
-
-# See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/
-SECRET_KEY = os.environ["SECRET_KEY"]
-
-# A boolean that turns on/off debug mode. When set to ``True``, stack traces
-# are displayed for error pages. Should always be set to ``False`` in
-# production. Best set to ``True`` in local_settings.py
-DEBUG = envbool('DJANGO_DEBUG_MODE', False)
-
-# Note: Only SSL email backends are allowed
-EMAIL_USE_SSL = True
-
-# Whether a user's session cookie expires when the Web browser is closed.
-SESSION_EXPIRE_AT_BROWSER_CLOSE = True
-
-SITE_ID = 1
-
-# If you set this to False, Django will make some optimizations so as not
-# to load the internationalization machinery.
-USE_I18N = False
-
-AUTHENTICATION_BACKENDS = ("mezzanine.core.auth_backends.MezzanineBackend",)
-
-# The numeric mode to set newly-uploaded files to. The value should be
-# a mode you'd pass directly to os.chmod.
-FILE_UPLOAD_PERMISSIONS = 0o644
-
-
-#############
-# DATABASES #
-#############
-
-DATABASES = {
- 'default': {
- 'ENGINE': 'django.db.backends.postgresql',
- 'NAME': os.environ['PGDATABASE'],
- 'USER': os.environ['PGUSER'],
- 'PASSWORD': os.environ['PGPASSWORD'],
- 'HOST': os.environ['PGHOST'],
- 'PORT': os.environ['PGPORT'],
- }
-}
-
-
-#########
-# PATHS #
-#########
-
-# Full filesystem path to the project.
-PROJECT_APP_PATH = os.path.dirname(os.path.abspath(__file__))
-PROJECT_APP = os.path.basename(PROJECT_APP_PATH)
-PROJECT_ROOT = BASE_DIR = os.path.dirname(PROJECT_APP_PATH)
-
-# Every cache key will get prefixed with this value - here we set it to
-# the name of the directory the project is in to try and use something
-# project specific.
-CACHE_MIDDLEWARE_KEY_PREFIX = PROJECT_APP
-
-# Package/module name to import the root urlpatterns from for the project.
-ROOT_URLCONF = 'cms.urls'
-
-TEMPLATES = [
- {
- "BACKEND": "django.template.backends.django.DjangoTemplates",
- "DIRS": [
- os.path.join(PROJECT_ROOT, "templates")
- ],
- "APP_DIRS": True,
- "OPTIONS": {
- "context_processors": [
- "django.contrib.auth.context_processors.auth",
- "django.contrib.messages.context_processors.messages",
- "django.template.context_processors.debug",
- "django.template.context_processors.i18n",
- "django.template.context_processors.static",
- "django.template.context_processors.media",
- "django.template.context_processors.request",
- "django.template.context_processors.tz",
- "mezzanine.conf.context_processors.settings",
- "mezzanine.pages.context_processors.page",
- ],
- "builtins": [
- "mezzanine.template.loader_tags",
- ],
- },
- },
-]
-
-if DJANGO_VERSION < (1, 9):
- del TEMPLATES[0]["OPTIONS"]["builtins"]
-
-
-################
-# APPLICATIONS #
-################
-
-INSTALLED_APPS = (
- "mezzanine_api",
- "rest_framework",
- "rest_framework_swagger",
- "oauth2_provider",
- "django.contrib.admin",
- "django.contrib.auth",
- "django.contrib.contenttypes",
- "django.contrib.redirects",
- "django.contrib.sessions",
- "django.contrib.sites",
- "django.contrib.sitemaps",
- "django.contrib.staticfiles",
- "mezzanine.boot",
- "mezzanine.conf",
- "mezzanine.core",
- "mezzanine.generic",
- "mezzanine.pages",
- "mezzanine.blog",
- "mezzanine.forms",
- "mezzanine.galleries",
- "mezzanine.twitter",
- # "mezzanine.accounts",
- # "mezzanine.mobile",
- "cms" ,
- "storages",
-)
-
-# List of middleware classes to use. Order is important; in the request phase,
-# these middleware classes will be applied in the order given, and in the
-# response phase the middleware will be applied in reverse order.
-MIDDLEWARE_CLASSES = (
- "mezzanine.core.middleware.UpdateCacheMiddleware",
- "mezzanine_api.middleware.ApiMiddleware",
- 'django.contrib.sessions.middleware.SessionMiddleware',
- # Uncomment if using internationalisation or localisation
- # 'django.middleware.locale.LocaleMiddleware',
- 'django.middleware.common.CommonMiddleware',
- 'django.middleware.csrf.CsrfViewMiddleware',
- 'django.contrib.auth.middleware.AuthenticationMiddleware',
- 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
- 'django.contrib.messages.middleware.MessageMiddleware',
- 'django.middleware.clickjacking.XFrameOptionsMiddleware',
-
- "mezzanine.core.request.CurrentRequestMiddleware",
- "mezzanine.core.middleware.RedirectFallbackMiddleware",
- "mezzanine.core.middleware.TemplateForDeviceMiddleware",
- "mezzanine.core.middleware.TemplateForHostMiddleware",
- "mezzanine.core.middleware.AdminLoginInterfaceSelectorMiddleware",
- "mezzanine.core.middleware.SitePermissionMiddleware",
- "mezzanine.pages.middleware.PageMiddleware",
- "mezzanine.core.middleware.FetchFromCacheMiddleware",
-)
-
-# Store these package names here as they may change in the future since
-# at the moment we are using custom forks of them.
-PACKAGE_NAME_FILEBROWSER = "filebrowser_safe"
-PACKAGE_NAME_GRAPPELLI = "grappelli_safe"
-
-#########################
-# OPTIONAL APPLICATIONS #
-#########################
-
-# These will be added to ``INSTALLED_APPS``, only if available.
-OPTIONAL_APPS = (
- "debug_toolbar",
- "django_extensions",
- "compressor",
- PACKAGE_NAME_FILEBROWSER,
- PACKAGE_NAME_GRAPPELLI,
-)
-
-#####################
-# REST API SETTINGS #
-#####################
-try:
- from mezzanine_api.settings import *
-except ImportError:
- pass
-
-
-##################
-# LOCAL SETTINGS #
-##################
-
-# Allow any settings to be defined in local_settings.py which should be
-# ignored in your version control system allowing for settings to be
-# defined per ma chine.
-
-# Instead of doing "from .local_settings import *", we use exec so that
-# local_settings has full access to everything defined in this module.
-# Also force into sys.modules so it's visible to Django's autoreload.
-
-f = os.path.join(PROJECT_APP_PATH, "local_settings/__init__.py")
-if os.path.exists(f):
- import sys
- import imp
- module_name = "%s.local_settings" % PROJECT_APP
- module = imp.new_module(module_name)
- module.__file__ = f
- sys.modules[module_name] = module
- exec(open(f, "rb").read())
-
-
-####################
-# DYNAMIC SETTINGS #
-####################
-
-# set_dynamic_settings() will rewrite globals based on what has been
-# defined so far, in order to provide some better defaults where
-# applicable. We also allow this settings module to be imported
-# without Mezzanine installed, as the case may be when using the
-# fabfile, where setting the dynamic settings below isn't strictly
-# required.
-try:
- from mezzanine.utils.conf import set_dynamic_settings
-except ImportError:
- pass
-else:
- set_dynamic_settings(globals())
-
-# default settings for mezzanine
-NEVERCACHE_KEY = os.getenv('CMS_NEVERCACHE_KEY', ''),
-# Application User
-CMS_APP_USER = os.getenv('CMS_APP_USER')
-CMS_APP_USER_PASSWORD = os.getenv('CMS_APP_USER_PASSWORD')
-CMS_APP_USER_MAIL = os.getenv('CMS_APP_USER_MAIL')
-# Client App (EM)
-CMS_APP_CLIENT_ID = os.getenv('CMS_APP_CLIENT_ID')
-CMS_APP_CLIENT_SECRET = os.getenv('CMS_APP_CLIENT_SECRET')
-CMS_APP_NAME = 'Engagement_Manager_App'
-REST_FRAMEWORK['DEFAULT_RENDERER_CLASSES'] = (
- 'rest_framework.renderers.JSONRenderer',
-)
-
-# S3 configuration for static resources storage and media upload
-
-# used by our custom storage.py
-MEDIA_BUCKET = "cms-media"
-STATIC_BUCKET = "cms-static"
-
-# django-storages configuration
-AWS_S3_HOST = os.environ['S3_HOST']
-AWS_S3_PORT = int(os.environ['S3_PORT'])
-AWS_S3_CUSTOM_DOMAIN = os.environ['S3_HOST']
-AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID']
-AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY']
-AWS_AUTO_CREATE_BUCKET = True
-AWS_PRELOAD_METADATA = True
-
-# Set by custom subclass.
-# AWS_STORAGE_BUCKET_NAME = "em-static"
-AWS_S3_CALLING_FORMAT = OrdinaryCallingFormat()
-DEFAULT_FILE_STORAGE = 'cms.settings.storage.S3MediaStorage'
-STATICFILES_STORAGE = 'cms.settings.storage.S3StaticStorage'
-
-# These seem to have no effect even when we don't override with custom_domain?
-STATIC_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, STATIC_BUCKET)
-MEDIA_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, MEDIA_BUCKET)
-
-STATIC_ROOT = os.environ['STATIC_ROOT']
-
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-bind = ":80"
-chdir = '/srv'
-pidfile = '/tmp/ice-project-master.pid'
-backlog = '5000'
-errorlog = '-'
-loglevel = 'info'
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""
-storage.py
-
-In order to make Django store trusted static files and untrusted media
-(user-uploaded) files in separate s3 buckets, we must create two different
-storage classes.
-
-https://www.caktusgroup.com/blog/2014/11/10/Using-Amazon-S3-to-store-your-Django-sites-static-and-media-files/
-http://www.leehodgkinson.com/blog/my-mezzanine-s3-setup/
-
-"""
-
-# FIXME this module never changes so might not need not be kept in a
-# configmap. Also it is (almost) the same as what we use in em; that does
-# not use S3BotoStorageMixin.
-
-# There is a newer storage based on boto3 but that doesn't support changing
-# the HOST, as we need to for non-amazon s3 services. It does support an
-# "endpoint"; setting AWS_S3_ENDPOINT_URL may cause it to work.
-from storages.backends.s3boto import S3BotoStorage
-from filebrowser_safe.storage import S3BotoStorageMixin
-from django.conf import settings
-
-
-# NOTE for some reason, collectstatic uploads to bucket/location but the
-# urls constructed are domain/location
-class S3StaticStorage(S3BotoStorage, S3BotoStorageMixin):
- custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.STATIC_BUCKET)
- bucket_name = settings.STATIC_BUCKET
- # location = ...
-
-
-class S3MediaStorage(S3BotoStorage, S3BotoStorageMixin):
- custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.MEDIA_BUCKET)
- bucket_name = settings.MEDIA_BUCKET
- # location = ...
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-settings
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/cms/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-secret
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
- key: "KCtkbV9yaigwMDU9XmV2emVzZDMjeHB5JC0kY15qI2NsemlsYngmXz0wbGg3by0zNCM="
- app_user: "Y21zYXBwdXNlcg=="
- app_user_mail: "Y21zYXBwdXNlckBleGFtcGxlLmNvbQ=="
- app_user_password: "Y21zYXBwdXNlcnBhc3N3b3Jk"
- app_client_id: "RWVCNFhlaW1vb2M2eGllU2VlS2FoOGRhZTFlaXBhZTRvdGFlc2hlZQ=="
- app_client_secret: "aGFpTW9vcGllWmVlMXdlaTNsZWY0Z2FleWlhMnZhaHdvaHRoMG1haWQ5aXRoMnBoZWVzaGFpdGh1VG9vcjJKb2hzaGVpNWJhZXk3RWlxdWFldGhlaWI4cXVhaXF1ZWU3cGhpYXRoN2V1YjJhaU5haWMzb3U5dmFpemViZWlGNXU="
- nevercache_key: "YV9qLWc1aCszKW9AMndpYXNtYmcoaHV4cHVqaD05NShwLSR2ejF4aiZ0K20pKy11ODQ="
----
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- imagePullSecrets:
- - name: onapkey
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort1 }}
- - containerPort: {{ .Values.service.internalPort2 }}
- env:
- - name: ENVIRONMENT
- value: "development"
- - name: SECRET_KEY
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: key}
- - name: EMAIL_HOST
- value: "localhost"
- - name: EMAIL_HOST_USER
- value: "example"
- - name: EMAIL_PORT
- value: "25"
- - name: EMAIL_HOST_PASSWORD
- valueFrom:
- secretKeyRef: {name: email-secret, key: password}
- - name: PGHOST
- value: vvp-postgres
- - name: PGPORT
- value: "5432"
- - name: PGDATABASE
- value: "icecmsdb"
- - name: PGUSER
- value: "cms_postgresuser"
- - name: PGPASSWORD
- valueFrom:
- secretKeyRef: {name: postgresql-passwords, key: cmsPassword}
- - name: ICE_CONTACT_FROM_ADDRESS
- value: "example"
- - name: CMS_NEVERCACHE_KEY
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: nevercache_key}
- - name: CMS_APP_USER
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_user}
- - name: CMS_APP_USER_MAIL
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_user_mail}
- - name: CMS_APP_USER_PASSWORD
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_user_password}
- - name: CMS_APP_CLIENT_ID
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_client_id}
- - name: CMS_APP_CLIENT_SECRET
- valueFrom:
- secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_client_secret}
- - name: STATIC_ROOT
- value: "/app/htdocs"
- - name: DJANGO_DEBUG_MODE
- value: "True"
- - name: S3_HOST
- value: "dev-s3.vvp.example.com"
- - name: S3_PORT
- value: "443"
- - name: AWS_ACCESS_KEY_ID
- valueFrom:
- secretKeyRef: {name: em-secret, key: aws_access_key_id}
- - name: AWS_SECRET_ACCESS_KEY
- valueFrom:
- secretKeyRef: {name: em-secret, key: aws_secret_access_key}
- command: ["/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "cms.wsgi:application", ]
- volumeMounts:
- - name: settings
- mountPath: /opt/configmaps/settings/
- - name: site-crt
- mountPath: /opt/secrets/site-crt/
- volumes:
- - name: settings
- configMap:
- name: {{ include "common.fullname" . }}-settings
- - name: site-crt
- secret:
- secretName: site-crt
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort1 }}
- name: {{ .Values.service.portName | default "http" }}
- selector:
- app: {{ include "common.name" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: backend uwsgi server which hosts django application
-name: vvp-em-uwsgi
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""
-Django settings for VVP project.
-
-Environment variables that must exist:
-
- ENVIRONMENT
- SECRET_KEY
- SECRET_WEBHOOK_TOKEN
- SECRET_GITLAB_AUTH_TOKEN
- SECRET_JENKINS_PASSWORD
- SECRET_CMS_APP_CLIENT_ID
- SECRET_CMS_APP_CLIENT_SECRET
-
-Environment variables that must exist in production:
-
- EMAIL_HOST
- EMAIL_HOST_PASSWORD
- EMAIL_HOST_USER
- EMAIL_PORT
-
-"""
-
-import os
-from vvp.settings.envbool import envbool
-from corsheaders.defaults import default_headers
-from boto.s3.connection import OrdinaryCallingFormat
-import datetime
-
-# With this file at ice/settings/__init__.py, we need three applications of
-# dirname() to find the project root.
-import engagementmanager
-PROJECT_PATH = os.path.dirname(os.path.dirname(engagementmanager.__file__))
-LOGS_PATH = os.path.join(PROJECT_PATH, "logs")
-
-ENVIRONMENT = os.environ['ENVIRONMENT']
-PROGRAM_NAME_URL_PREFIX = os.environ['PROGRAM_NAME_URL_PREFIX']
-SERVICE_PROVIDER = os.environ['SERVICE_PROVIDER']
-PROGRAM_NAME = os.environ['PROGRAM_NAME']
-SERVICE_PROVIDER_DOMAIN = os.environ['SERVICE_PROVIDER_DOMAIN']
-
-# See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/
-SECRET_KEY = os.environ["SECRET_KEY"]
-
-# https://docs.djangoproject.com/en/1.10/ref/settings/#allowed-hosts
-# Anything in the Host header that does not match our expected domain should
-# raise SuspiciousOperation exception.
-ALLOWED_HOSTS = ['*']
-
-DEBUG = envbool('DJANGO_DEBUG_MODE', False)
-
-if ENVIRONMENT == 'production':
- EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
- EMAIL_HOST = os.environ['EMAIL_HOST']
- EMAIL_HOST_PASSWORD = os.environ['EMAIL_HOST_PASSWORD']
- EMAIL_HOST_USER = os.environ['EMAIL_HOST_USER']
- EMAIL_PORT = os.environ['EMAIL_PORT']
-else:
- EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
-
-# Note: Only SSL email backends are allowed
-EMAIL_USE_SSL = True
-
-REST_FRAMEWORK = {
- # Use Django's standard `django.contrib.auth` permissions,
- # or allow read-only access for unauthenticated users.
- 'EXCEPTION_HANDLER': 'engagementmanager.utils.exception_handler.ice_exception_handler',
- 'PAGE_SIZE': 10,
- 'DEFAULT_PERMISSION_CLASSES': (
- 'rest_framework.permissions.IsAuthenticated',
- ),
- 'DEFAULT_AUTHENTICATION_CLASSES': (
- 'rest_framework.authentication.SessionAuthentication',
- 'rest_framework.authentication.BasicAuthentication',
- 'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
- ),
- 'DEFAULT_PARSER_CLASSES': (
- 'engagementmanager.rest.parsers.XSSJSONParser',
- 'engagementmanager.rest.parsers.XSSFormParser',
- 'engagementmanager.rest.parsers.XSSMultiPartParser',
- )
-}
-
-JWT_AUTH = {
- 'JWT_AUTH_HEADER_PREFIX': 'token',
- 'JWT_ALGORITHM': 'HS256',
- 'JWT_EXPIRATION_DELTA': datetime.timedelta(days=1),
- 'JWT_DECODE_HANDLER': 'engagementmanager.utils.authentication.ice_jwt_decode_handler',
-}
-
-APPEND_SLASH = False
-
-# Application definition
-INSTALLED_APPS = [
- 'django.contrib.auth', # required by d.c.admin
- 'corsheaders',
- 'django.contrib.contenttypes', # required by d.c.admin
- 'django.contrib.sessions', # required by d.c.admin
- 'django.contrib.messages', # required by d.c.admin
- 'django.contrib.staticfiles',
- 'django.contrib.admin', # django admin site
- 'rest_framework',
- 'engagementmanager.apps.EngagementmanagerConfig',
- 'validationmanager.apps.ValidationmanagerConfig',
-]
-
-MIDDLEWARE_CLASSES = [
- 'django.middleware.security.SecurityMiddleware',
- 'django.contrib.sessions.middleware.SessionMiddleware',
- 'django.middleware.common.CommonMiddleware',
- 'django.contrib.auth.middleware.AuthenticationMiddleware', # required by d.c.admin
- 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
- 'django.contrib.messages.middleware.MessageMiddleware',
- 'django.middleware.clickjacking.XFrameOptionsMiddleware',
- 'corsheaders.middleware.CorsMiddleware',
-]
-
-ROOT_URLCONF = 'vvp.urls'
-
-TEMPLATES = [
- {
- 'BACKEND': 'django.template.backends.django.DjangoTemplates',
- 'DIRS': [PROJECT_PATH + '/web/templates'],
- 'APP_DIRS': True,
- 'OPTIONS': {
- 'context_processors': [
- 'django.template.context_processors.debug',
- 'django.template.context_processors.request',
- 'django.contrib.auth.context_processors.auth', # required by d.c.admin
- 'django.contrib.messages.context_processors.messages', # required by d.c.admin
- ],
- },
- },
-]
-
-WSGI_APPLICATION = 'vvp.wsgi.application'
-
-
-# Database
-# https://docs.djangoproject.com/en/1.9/ref/settings/#databases
-DATABASES = {
- 'default': {
- 'ENGINE': 'django.db.backends.postgresql',
- 'NAME': os.environ['PGDATABASE'],
- 'USER': os.environ['PGUSER'],
- 'PASSWORD': os.environ['PGPASSWORD'],
- 'HOST': os.environ['PGHOST'],
- 'PORT': os.environ['PGPORT'],
- }
-}
-
-
-# Password validation
-# https://docs.djangoproject.com/en/1.9/ref/settings/#auth-password-validators
-AUTH_PASSWORD_VALIDATORS = [
- {'NAME': 'django.contrib.auth.password_validation.%s' % s} for s in [
- 'UserAttributeSimilarityValidator',
- 'MinimumLengthValidator',
- 'CommonPasswordValidator',
- 'NumericPasswordValidator',
- ]]
-
-
-# Internationalization
-# https://docs.djangoproject.com/en/1.9/topics/i18n/
-LANGUAGE_CODE = 'en-us'
-TIME_ZONE = 'UTC'
-USE_I18N = True
-USE_L10N = True
-USE_TZ = True
-
-CORS_ALLOW_HEADERS = default_headers + ('ICE-USER-ID',)
-
-# Static files (CSS, JavaScript, Images)
-# https://docs.djangoproject.com/en/1.9/howto/static-files/
-STATIC_ROOT = os.environ['STATIC_ROOT']
-
-
-LOGGING = {
- 'version': 1,
- 'disable_existing_loggers': False,
- 'formatters': { # All possible attributes are: https://docs.python.org/3/library/logging.html#logrecord-attributes
- 'verbose': {
- 'format': '%(asctime)s %(levelname)s %(name)s %(module)s %(lineno)d %(process)d %(thread)d %(message)s'
- },
- 'simple': {
- 'format': '%(asctime)s %(levelname)s %(name)s %(message)s'
- },
- },
- 'handlers': {
- 'console': {
- 'class': 'logging.StreamHandler',
- 'formatter': 'simple'
- },
- 'vvp-info.log': {
- 'level': 'INFO', # handler will ignore DEBUG (only process INFO, WARN, ERROR, CRITICAL, FATAL)
- 'class': 'logging.FileHandler',
- 'filename': os.path.join(LOGS_PATH, 'vvp-info.log'),
- 'formatter': 'verbose'
- },
- 'vvp-debug.log': {
- 'level': 'DEBUG',
- 'class': 'logging.FileHandler',
- 'filename': os.path.join(LOGS_PATH, 'vvp-debug.log'),
- 'formatter': 'verbose'
- },
- 'vvp-requests.log': {
- 'level': 'ERROR',
- 'class': 'logging.FileHandler',
- 'filename': os.path.join(LOGS_PATH, 'vvp-requests.log'),
- 'formatter': 'verbose'
- },
- 'vvp-db.log': {
- 'level': 'ERROR',
- 'class': 'logging.FileHandler',
- 'filename': os.path.join(LOGS_PATH, 'vvp-db.log'),
- 'formatter': 'verbose',
- },
- },
- 'loggers': {
- 'vvp.logger': {
- 'handlers': ['vvp-info.log', 'vvp-debug.log', 'vvp-requests.log', 'vvp-db.log', 'console'],
- 'level': 'DEBUG' if DEBUG else 'INFO',
- },
- 'django': {
- 'handlers': ['console'],
- 'level': 'INFO' if DEBUG else 'ERROR',
- },
- 'django.request': {
- 'handlers': ['vvp-requests.log', 'console'],
- 'level': 'INFO' if DEBUG else 'ERROR',
- },
- 'django.db.backends': {
- 'handlers': ['vvp-db.log', 'console'],
- 'level': 'DEBUG' if DEBUG else 'ERROR',
- 'propagate': False,
- },
- # silence the hundred lines of useless "missing variable in template"
- # complaints per admin pageview.
- 'django.template': {
- 'level': 'DEBUG',
- 'handlers': ['vvp-info.log', 'vvp-debug.log', 'console'],
- 'propagate': False,
- },
- }
-}
-
-
-#############################
-# VVP Related Configuration
-#############################
-CONTACT_FROM_ADDRESS = os.getenv('CONTACT_FROM_ADDRESS', 'dummy@example.com')
-CONTACT_EMAILS = [s.strip() for s in os.getenv('CONTACT_EMAILS', 'user@example.com').split(',') if s]
-DOMAIN = os.getenv('EM_DOMAIN_NAME')
-TOKEN_EXPIRATION_IN_HOURS = 48
-DAILY_SCHEDULED_JOB_HOUR = 20
-NUMBER_OF_POLLED_ACTIVITIES = 5
-TEMP_PASSWORD_EXPIRATION_IN_HOURS = 48
-# This is the DNS name pointing to the private-network ip of the host machine
-# running (a haproxy that points to) (an nginx frontend for) this app
-API_DOMAIN = 'em'
-
-# The authentication token needed by Jenkins or Gitlab to issue webhook updates
-# to us. This is a "secret" shared by Jenkins and Django. It must be part of
-# the URL path component for the Jenkins webhook in ValidationManager to accept
-# a notification. It should be a set of random URL-path-safe characters, with
-# no slash '/'.
-# FIXME: Does this authentication scheme actually gain us anything? What's the
-# threat model
-WEBHOOK_TOKEN = os.environ['SECRET_WEBHOOK_TOKEN']
-
-# The authentication token and URL needed for us to issue requests to the GitLab API.
-GITLAB_TOKEN = os.environ['SECRET_GITLAB_AUTH_TOKEN']
-GITLAB_URL = "http://vvp-gitlab/"
-
-JENKINS_URL = "http://vvp-jenkins:8080/"
-JENKINS_USERNAME = "admin"
-JENKINS_PASSWORD = os.environ['SECRET_JENKINS_PASSWORD']
-
-IS_CL_CREATED_ON_REVIEW_STATE = envbool('IS_CL_CREATED_ON_REVIEW_STATE', False) # Options: True, False
-IS_SIGNAL_ENABLED = envbool('IS_SIGNAL_ENABLED', True)
-RECENT_ENG_TTL = 3 # In days
-CMS_URL = "http://vvp-cms-uwsgi/api/"
-CMS_APP_CLIENT_ID = os.environ['SECRET_CMS_APP_CLIENT_ID']
-CMS_APP_CLIENT_SECRET = os.environ['SECRET_CMS_APP_CLIENT_SECRET']
-
-# slack integration
-SLACK_API_TOKEN = os.environ['SLACK_API_TOKEN']
-ENGAGEMENTS_CHANNEL = os.getenv('ENGAGEMENTS_CHANNEL', '')
-ENGAGEMENTS_NOTIFICATIONS_CHANNEL = os.getenv('ENGAGEMENTS_NOTIFICATIONS_CHANNEL:', '')
-DEVOPS_CHANNEL = os.getenv('DEVOPS_CHANNEL', '')
-DEVOPS_NOTIFICATIONS_CHANNEL = os.getenv('DEVOPS_NOTIFICATIONS_CHANNEL', '')
-
-# S3 configuration for static resources storage and media upload
-
-# used by our custom storage.py
-MEDIA_BUCKET = "em-media"
-STATIC_BUCKET = "em-static"
-
-# django-storages configuration
-AWS_S3_HOST = os.environ['S3_HOST']
-AWS_S3_PORT = int(os.environ['S3_PORT'])
-AWS_S3_CUSTOM_DOMAIN = os.environ['S3_HOST']
-AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID']
-AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY']
-AWS_AUTO_CREATE_BUCKET = True
-AWS_PRELOAD_METADATA = True
-
-# Set by custom subclass.
-# AWS_STORAGE_BUCKET_NAME = "em-static"
-AWS_S3_CALLING_FORMAT = OrdinaryCallingFormat()
-DEFAULT_FILE_STORAGE = 'vvp.settings.storage.S3MediaStorage'
-STATICFILES_STORAGE = 'vvp.settings.storage.S3StaticStorage'
-
-# These seem to have no effect even when we don't override with custom_domain?
-STATIC_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, STATIC_BUCKET)
-MEDIA_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, MEDIA_BUCKET)
-
-STATIC_ROOT = os.environ['STATIC_ROOT']
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""
-envbool.py
-
-Return which environment is currently running on (to setting.py).
-
-"""
-import os
-
-
-def envbool(key, default=False, unknown=True):
- """Return a boolean value based on that of an environment variable.
-
- Environment variables have no native boolean type. They are always strings, and may be empty or
- unset (which differs from empty.) Furthermore, notions of what is "truthy" in shell script
- differ from that of python.
-
- This function converts environment variables to python boolean True or False in
- case-insensitive, expected ways to avoid pitfalls:
-
- "True", "true", and "1" become True
- "False", "false", and "0" become False
- unset or empty becomes False by default (toggle with 'default' parameter.)
- any other value becomes True by default (toggle with 'unknown' parameter.)
-
- """
- return {
- 'true': True, '1': True, # 't': True,
- 'false': False, '0': False, # 'f': False.
- '': default,
- }.get(os.getenv(key, '').lower(), unknown)
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-bind = ":80"
-chdir = '/srv'
-pidfile = '/tmp/ice-project-master.pid'
-backlog = '5000'
-errorlog = '-'
-loglevel = 'info'
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-"""
-storage.py
-
-In order to make Django store trusted static files and untrusted media
-(user-uploaded) files in separate s3 buckets, we must create two different
-storage classes.
-
-https://www.caktusgroup.com/blog/2014/11/10/Using-Amazon-S3-to-store-your-Django-sites-static-and-media-files/
-http://www.leehodgkinson.com/blog/my-mezzanine-s3-setup/
-
-"""
-
-# FIXME this module never changes so might not need not be kept in a
-# configmap. Also it is (almost) the same as what we use in cms.
-
-# There is a newer storage based on boto3 but that doesn't support changing
-# the HOST, as we need to for non-amazon s3 services. It does support an
-# "endpoint"; setting AWS_S3_ENDPOINT_URL may cause it to work.
-from storages.backends.s3boto import S3BotoStorage
-from django.conf import settings
-
-
-# NOTE for some reason, collectstatic uploads to bucket/location but the
-# urls constructed are domain/location
-class S3StaticStorage(S3BotoStorage):
- custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.STATIC_BUCKET)
- bucket_name = settings.STATIC_BUCKET
- # location = ...
-
-
-class S3MediaStorage(S3BotoStorage):
- custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.MEDIA_BUCKET)
- bucket_name = settings.MEDIA_BUCKET
- # location = ...
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- imagePullSecrets:
- - name: onapkey
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: 80
- - containerPort: 9000
- volumeMounts:
- - name: em-settings
- mountPath: /opt/configmaps/settings/
- - name: site-crt
- mountPath: /opt/secrets/site-crt/
- env:
- - name: ENVIRONMENT
- value: "development"
- - name: PROGRAM_NAME_URL_PREFIX
- value: "vvp"
- - name: SERVICE_PROVIDER
- value: "NA"
- - name: PROGRAM_NAME
- value: "VVP"
- - name: SERVICE_PROVIDER_DOMAIN
- value: "na.com"
- - name: SECRET_KEY
- valueFrom:
- secretKeyRef: {name: em-secret, key: key}
- - name: EMAIL_HOST
- value: "localhost"
- - name: EMAIL_HOST_USER
- value: "example"
- - name: EMAIL_PORT
- value: "25"
- - name: EMAIL_HOST_PASSWORD
- valueFrom:
- secretKeyRef: {name: email-secret, key: password}
- - name: PGHOST
- value: vvp-postgres
- - name: PGPORT
- value: "5432"
- - name: PGDATABASE
- value: icedb
- - name: PGUSER
- value: "em_postgresuser"
- - name: PGPASSWORD
- valueFrom:
- secretKeyRef: {name: postgresql-passwords, key: emPassword}
- - name: DOMAIN
- value: https://development.vvp.example.com
- - name: ICE_EM_DOMAIN_NAME
- value: https://development.vvp.example.com
- - name: CONTACT_FROM_ADDRESS
- value: "example"
- - name: OAUTHLIB_INSECURE_TRANSPORT
- value: "1"
- - name: SECRET_WEBHOOK_TOKEN
- valueFrom:
- secretKeyRef: {name: em-secret, key: em_webhook_token}
- - name: SECRET_GITLAB_AUTH_TOKEN
- valueFrom:
- secretKeyRef: {name: gitlab-password, key: auth-token}
- - name: SECRET_JENKINS_PASSWORD
- valueFrom:
- secretKeyRef: {name: em-secret, key: jenkins_admin_password}
- - name: SECRET_CMS_APP_CLIENT_ID
- valueFrom:
- secretKeyRef: {name: em-secret, key: cms_app_client_id}
- - name: SECRET_CMS_APP_CLIENT_SECRET
- valueFrom:
- secretKeyRef: {name: em-secret, key: cms_app_client_secret}
- - name: STATIC_ROOT
- value: "/app/htdocs"
- - name: DJANGO_DEBUG_MODE
- value: "True"
- - name: SLACK_API_TOKEN
- valueFrom:
- secretKeyRef: {name: em-secret, key: slack_api_token}
- - name: ENGAGEMENTS_CHANNEL
- value: ""
- - name: ENGAGEMENTS_NOTIFICATIONS_CHANNEL
- value: ""
- - name: DEVOPS_CHANNEL
- value: ""
- - name: DEVOPS_NOTIFICATIONS_CHANNEL
- value: ""
- - name: S3_HOST
- value: "dev-s3.vvp.example.com"
- - name: S3_PORT
- value: "443"
- - name: AWS_ACCESS_KEY_ID
- valueFrom:
- secretKeyRef: {name: em-secret, key: aws_access_key_id}
- - name: AWS_SECRET_ACCESS_KEY
- valueFrom:
- secretKeyRef: {name: em-secret, key: aws_secret_access_key}
- command: ["/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "vvp.wsgi:application", ]
- volumes:
- - name: site-crt
- secret:
- secretName: site-crt
- - name: em-settings
- configMap:
- name: {{ include "common.fullname" . }}-settings
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName | default "http" }}
- selector:
- app: {{ include "common.name" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: onap/vvp/engagementmgr:1.0.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: ClusterIP
- internalPort: 80
- portName: em
-
-ingress:
- enabled: false
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: load balancer for external transport
-name: vvp-ext-haproxy
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-resolvers dns
- nameserver pod_dns "10.3.0.10:53"
- resolve_retries 3
- timeout retry 1s
- hold valid 30s
-
-defaults
- mode http
- timeout connect 5000ms
- timeout client 50000ms
- timeout server 50000ms
- option httpclose
- option redispatch
- option abortonclose
- option httplog
- option dontlognull
- default-server init-addr last,libc,none
-
-backend gitlab_ssh
- mode tcp
- option tcplog
- timeout server 2h
- server gitlabssh vvp-gitlab:22 resolvers dns
-
-frontend gitlab_ssh_frontend
- mode tcp
- option tcplog
- timeout client 2h
- bind 0.0.0.0:22
- acl is_ssh dst_port 22
- use_backend gitlab_ssh if is_ssh
-
-backend portal_backend
- mode http
- server ice_portal vvp:8181 resolvers dns
-
-backend api
- mode http
- server engagement_manager vvp-em-uwsgi:80 resolvers dns
-
-backend s3
- mode http
- balance roundrobin
- option httpchk HEAD /
- server ceph-01 10.252.0.21:8080 check inter 10000ms
-
-frontend portal
- mode http
- acl is_api_call path_beg -i /vvp
- acl is_s3 hdr_beg(host) s3. staging-s3. dev-s3.
- use_backend api if is_api_call
- use_backend s3 if is_s3
- bind 0.0.0.0:80
- bind 0.0.0.0:443 ssl crt /etc/haproxy/site.pem force-tlsv12
- default_backend portal_backend
-
-listen stats
- bind 0.0.0.0:9001
- mode http
- stats enable # Enable stats page
- stats realm Haproxy\ Statistics
- stats uri /haproxy_stats
- stats auth "${HAPROXY_USER}:${HAPROXY_PASS}"
- acl network_allowed src 10.252.0.0/16 127.0.0.1/32 10.2.0.0/16
- http-request deny if !network_allowed
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-cfg
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/ext-haproxy-cfg/*").AsConfig . | indent 2 }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- imagePullSecrets:
- - name: onapkey
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: 80
- - containerPort: 22
- - containerPort: 443
- - containerPort: 9001
- env:
- - name: HAPROXY_USER
- valueFrom:
- secretKeyRef:
- name: haproxy-auth
- key: user
- - name: HAPROXY_PASS
- valueFrom:
- secretKeyRef:
- name: haproxy-auth
- key: pass
- volumeMounts:
- - mountPath: /usr/local/etc/haproxy/
- name: ext-haproxy-cfg
- - mountPath: /etc/haproxy/
- name: site-pem
- volumes:
- - name: ext-haproxy-cfg
- configMap:
- name: {{ include "common.fullname" . }}-cfg
- items:
- - key: file
- path: haproxy.cfg
- - name: site-pem
- secret:
- secretName: site-pem
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort1 }}
- name: {{ .Values.service.portName1 }}
- - port: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName2 }}
- - port: {{ .Values.service.internalPort3 }}
- name: {{ .Values.service.portName3 }}
- - port: {{ .Values.service.internalPort4 }}
- name: {{ .Values.service.portName4 }}
- selector:
- app: {{ include "common.name" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: docker.io
-image: haproxy:1.7.2-alpine
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: NodePort
- portName1: web
- internalPort1: 80
- portName2: ssl
- internalPort2: 443
- portName3: ssh
- internalPort3: 22
- portName4: stats
- internalPort4: 9000
-
-ingress:
- enabled: false
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: gitlab-password
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
- password: "YW82aWo2d29oV2VpcXU0ZQ=="
- auth-token: "amFkdTZ5b2hqYWl5OFdvYjBJZUs="
----
-kind: Secret
-apiVersion: v1
-metadata:
- name: jenkins-deploykey
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
- deploykey.pub: "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUlQWFNQT2ppSkYvWEdicmNpVXNja1hMbFA0Q0ZHNS9POHErQ0xRZW1CTlE="
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "common.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort1 }}
- - containerPort: {{ .Values.service.internalPort2 }}
- securityContext:
- privileged: true
- volumeMounts:
- - mountPath: /var/opt/gitlab
- name: gitlab
- subPath: var/opt/gitlab
- - mountPath: /etc/gitlab
- name: gitlab
- subPath: etc/gitlab
- - mountPath: /var/log/gitlab
- name: gitlab
- subPath: var/log/gitlab
- - mountPath: /tmp/deploykey
- name: jenkins-deploykey
- env:
- - name: ADMIN_PASSWORD
- valueFrom:
- secretKeyRef:
- name: gitlab-password
- key: password
- - name: AUTHENTICATION_TOKEN
- valueFrom:
- secretKeyRef:
- name: gitlab-password
- key: auth-token
- - name: EXTERNAL_URL
- value: "http://vvp-gitlab"
- volumes:
- - name: gitlab
- emptyDir: {}
- - name: jenkins-deploykey
- secret:
- secretName: jenkins-deploykey
- imagePullSecrets:
- - name: onapkey
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort1 }}
- name: {{ .Values.service.portName1 }}
- - port: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName2 }}
- selector:
- app: {{ include "common.name" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: scan for validity and viruses on users files
-name: vvp-imagescanner
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-import os
-from pathlib import Path
-from awsauth import S3Auth
-# A mapping from host names to Requests Authentication Objects; see
-# http://docs.python-requests.org/en/master/user/authentication/
-AUTHS = {}
-if 'S3_HOST' in os.environ:
- AUTHS[os.environ['S3_HOST']] = S3Auth(
- os.environ['AWS_ACCESS_KEY_ID'],
- os.environ['AWS_SECRET_ACCESS_KEY'],
- service_url='https://%s/' % os.environ['S3_HOST']
- )
-LOGS_PATH = Path(os.environ['IMAGESCANNER_LOGS_PATH'])
-STATUSFILE = LOGS_PATH/'status.txt'
-# A dict passed as kwargs to jenkins.Jenkins constructor.
-JENKINS = {
- 'url': 'http://jenkins:8080',
- 'username': 'admin',
- 'password': os.environ['SECRET_JENKINS_PASSWORD'],
- }
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: imagescanner-settings
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/imagescanner/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: slack-tokens
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
- notifications: ""
----
-kind: Secret
-apiVersion: v1
-metadata:
- name: imagescanner-ssh
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
- # FIXME the imagescanner really should have its own private key, but then we
- # have to adjust the gitlab wrapper script to set two public keys as
- # deploykeys.
- id_ed25519: "LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFNd0FBQUF0emMyZ3RaVwpReU5UVXhPUUFBQUNDRDEwanpvNGlSZjF4bTYzSWxMSEpGeTVUK0FoUnVmenZLdmdpMEhwZ1RVQUFBQUpqV3dKZDkxc0NYCmZRQUFBQXR6YzJndFpXUXlOVFV4T1FBQUFDQ0QxMGp6bzRpUmYxeG02M0lsTEhKRnk1VCtBaFJ1Znp2S3ZnaTBIcGdUVUEKQUFBRUFXRktNV0xsNkZnRUJ1Zzk3MSthdE5ZQnQ4R2R1V3pDWWd0L2o5VHU0U2g0UFhTUE9qaUpGL1hHYnJjaVVzY2tYTApsUDRDRkc1L084cStDTFFlbUJOUUFBQUFFM0JoZFd4QVVHRjFiQ2R6SUUxaFl5QlFjbThCQWc9PQotLS0tLUVORCBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0K"
----
-kind: ConfigMap
-apiVersion: v1
-metadata:
- name: site-certificate
- namespace: {{ include "common.namespace" . }}
-data:
- site.crt: |
- -----BEGIN CERTIFICATE-----
- MIIDEDCCAfgCCQDhahVKE9/eUjANBgkqhkiG9w0BAQsFADBKMRAwDgYDVQQKDAdF
- eGFtcGxlMRAwDgYDVQQLDAdleGFtcGxlMSQwIgYDVQQDDBtkZXZlbG9wbWVudC52
- dnAuZXhhbXBsZS5jb20wHhcNMTcxMjI0MTUzOTA3WhcNMTgxMjI0MTUzOTA3WjBK
- MRAwDgYDVQQKDAdFeGFtcGxlMRAwDgYDVQQLDAdleGFtcGxlMSQwIgYDVQQDDBtk
- ZXZlbG9wbWVudC52dnAuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
- DwAwggEKAoIBAQCkvNGXe+bdvL2kvrP2L3WABt2WCFoZ2Pn8Px0eEsRiJHVD0eWz
- rgJYHFJu0C0cK9NYSKxVVI8LnKH7Ny5MFfM4Tqyr3UEOLs+fSwaAqM5tSyZU/tEK
- ractA7bi9fDk2lkcs+LLuZMqGPZ37UZcZwsUQ0BONHP668LqkWqT9hNLIN4ejInr
- 32WA3Y7hPNd8Cj+AaLt1x2cXYzi9hrE5l3h9ofkOpXsgDzeIHlp4jJ6kXXQf8UM5
- 1viqa2CWXHBHEG+5eftLSaeE6LAlNt5IJ6LcWEZgNtXr2es4LJC3FjXrv0gc04Cp
- U2OfizpbhT11cLGaeXOq1cUCXNIb4FcJApoXAgMBAAEwDQYJKoZIhvcNAQELBQAD
- ggEBAFGPDG9iurAhUKbFkY97xLA443U01bdwi7eAT5T9qo/RzOwcbuKWXVm1k5HK
- CQO81nlLqLQwhI1+uTTmR41epuJxyGIaDgUySB+8fLzyRSIFaxKD+UeVPgipDNZs
- h0sKSKrO6MoWzMLUYvdZRw6VIc+UpSCqPY+FKUBUHZtMpSFLnhHjRvVkiP4VvFXj
- b7jQzHughzeITygws42fKK/MK7wQ6byaMVRbPbQKPAXNxd/UrSPeX+RzKRWOZ6R8
- Ulyp7dezXCP77UaTZTsxwlurPQIZNMshDxE/SbWt0Q1g28rj5KfAjoZs5Tg/gmQ8
- LLKI/b1OvKohaANGZ6We5U+ceeU=
- -----END CERTIFICATE-----
- wrapper.sh: |
- #!/bin/sh
- # This script is meant to be used as a wrapper, so that it can be easily
- # used with docker or kubernetes' container command specification.
- #
- # Kubernetes' volumeMount creates symlinks for configMapped files at the
- # target directory.
- # Alpine's update-ca-certificates ignores symlinks.
- # So we must contrive to copy the contents of the mounted cert (a symlink)
- # into place as a normal file.
- dev_cert="${0%/*}/site.crt"
- echo >&2 "$0: Checking for site CA certificate at $dev_cert..."
- if [ -s "$dev_cert" ]; then
- echo >&2 "$0: Updating container CA certificate bundle with site certificate..."
- cp -L "$dev_cert" /usr/local/share/ca-certificates/
- update-ca-certificates
- else
- echo >&2 "$0: No site CA certificate found."
- fi
- echo >&2 "$0: Launching command: $@"
- exec "$@"
-
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- imagePullSecrets:
- - name: onapkey
- containers:
- - name: imagescanner-worker
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- command:
- - "sh"
- - "/opt/site-certificate/wrapper.sh"
- - "/usr/local/bin/imagescanner-worker"
- securityContext:
- privileged: true
- volumeMounts:
- - name: imagescanner-ssh
- mountPath: /root/.ssh
- - name: dev
- mountPath: /dev
- - name: logs
- mountPath: /var/log/imagescanner
- - name: imagescanner-settings
- mountPath: /opt/imagescanner-settings
- - name: site-certificate
- mountPath: /opt/site-certificate
- env:
- - name: PYTHONPATH
- value: /opt/imagescanner-settings
- - name: S3_HOST
- value: "dev-s3.vvp.example.com"
- - name: S3_PORT
- value: "443"
- - name: AWS_ACCESS_KEY_ID
- valueFrom:
- secretKeyRef: {name: em-secret, key: aws_access_key_id}
- - name: AWS_SECRET_ACCESS_KEY
- valueFrom:
- secretKeyRef: {name: em-secret, key: aws_secret_access_key}
- - name: SECRET_JENKINS_PASSWORD
- value: ''
- - name: REQUESTS_CA_BUNDLE
- value: /etc/ssl/certs/ca-certificates.crt
-
- - name: notifications-worker
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- command: ["/usr/local/bin/notifications-worker"]
- securityContext:
- privileged: true
- env:
- - name: SLACK_TOKEN
- valueFrom:
- secretKeyRef: {name: slack-tokens, key: notifications}
- - name: DOMAIN
- value: "dev-em.vvp.example.com"
- - name: PYTHONPATH
- value: /opt/imagescanner-settings
- - name: SECRET_JENKINS_PASSWORD
- valueFrom:
- secretKeyRef: {name: em-secret, key: jenkins_admin_password}
- volumeMounts:
- - name: imagescanner-settings
- mountPath: /opt/imagescanner-settings
-
- - name: imagescanner-frontend
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- command: ["/usr/local/bin/imagescanner-frontend"]
- securityContext:
- privileged: true
- ports:
- - containerPort: 80
- volumeMounts:
- - name: logs
- mountPath: /var/log/imagescanner
- - name: imagescanner-settings
- mountPath: /opt/imagescanner-settings
- env:
- - name: DEFAULT_SLACK_CHANNEL
- value: "#notifications"
- - name: SECRET_JENKINS_PASSWORD
- value: ''
-
- volumes:
- - name: imagescanner-ssh
- secret:
- secretName: imagescanner-ssh
- defaultMode: 0600
- - name: dev
- hostPath:
- path: /dev
- - name: logs
- emptyDir: {}
- - name: imagescanner-settings
- configMap:
- name: imagescanner-settings
- - name: site-certificate
- configMap:
- name: site-certificate
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName | default "http" }}
- selector:
- app: {{ include "common.name" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: onap/vvp/image-scanner:1.0.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: ClusterIP
- internalPort: 80
- portName: web
-
-ingress:
- enabled: false
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: load balancer for internal (container to container) transport
-name: vvp-int-haproxy
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-resolvers dns
- nameserver pod_dns "10.3.0.10:53"
- resolve_retries 3
- timeout retry 1s
- hold valid 30s
-
-defaults
- mode http
- timeout connect 5000ms
- timeout client 50000ms
- timeout server 50000ms
- option httpclose
- option redispatch
- option abortonclose
- option httplog
- option dontlognull
- default-server init-addr last,libc,none
-
-backend gitlab_web_backend
- mode http
- server gitlab_web_1 vvp-gitlab:80 resolvers dns
-
-frontend gitlab_web
- mode http
- bind 0.0.0.0:80
-
- acl is_scanner path_beg /imagescanner
- acl is_em_admin hdr_beg(host) em. staging-em. dev-em.
- acl is_cms hdr_beg(host) cms. staging-cms. dev-cms.
- acl is_ci_admin hdr_beg(host) staging-ci. dev-ci.
- acl is_s3 hdr_beg(host) s3. staging-s3. dev-s3.
-
- use_backend imagescanner if is_em_admin is_scanner
- use_backend cms if is_cms
- use_backend api if is_em_admin
- use_backend ci if is_ci_admin
- use_backend s3 if is_s3
-
- default_backend gitlab_web_backend
-
-backend s3
- mode http
- balance roundrobin
- server ceph-01 10.252.0.21:8080
-
-backend cms
- mode http
- server cms_server vvp-cms-uwsgi:80 resolvers dns
-
-backend api
- mode http
- server engagement_manager vvp-em-uwsgi:80 resolvers dns
-
-backend ci
- mode http
- server ci_test vvp-ci-uwsgi:8282 resolvers dns
-
-listen jenkins
- bind 0.0.0.0:8080
- server jenkins vvp-jenkins:8080 resolvers dns
-
-backend imagescanner
- mode http
- server imagescanner vvp-imagescanner:80 resolvers dns
-
-listen stats
- bind 0.0.0.0:9000
- mode http
- stats enable # Enable stats page
- stats realm Haproxy\ Statistics
- stats uri /haproxy_stats
- stats auth "${HAPROXY_USER}:${HAPROXY_PASS}"
- acl network_allowed src 10.252.0.0/16 127.0.0.1/32 10.2.0.0/16
- block if !network_allowed
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-cfg
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/int-haproxy-cfg/*").AsConfig . | indent 2 }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- imagePullSecrets:
- - name: onapkey
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: 80
- - containerPort: 8080
- - containerPort: 9000
- env:
- - name: HAPROXY_USER
- valueFrom:
- secretKeyRef:
- name: haproxy-auth
- key: user
- - name: HAPROXY_PASS
- valueFrom:
- secretKeyRef:
- name: haproxy-auth
- key: pass
- volumeMounts:
- - mountPath: /usr/local/etc/haproxy/
- name: int-haproxy-cfg
- volumes:
- - name: int-haproxy-cfg
- configMap:
- name: {{ include "common.fullname" . }}-cfg
- items:
- - key: file
- path: haproxy.cfg
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort1 }}
- name: {{ .Values.service.portName1 }}
- - port: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName2 }}
- - port: {{ .Values.service.internalPort3 }}
- name: {{ .Values.service.portName3 }}
- selector:
- app: {{ include "common.name" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: docker.io
-image: haproxy:1.7.2-alpine
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: NodePort
- portName1: web
- internalPort1: 80
- portName2: jenkins
- internalPort2: 8080
- portName3: stats
- internalPort3: 9000
-
-ingress:
- enabled: false
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: run validation tasks
-name: vvp-jenkins
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-kind: Secret
-apiVersion: v1
-metadata:
- name: jenkins-users-admin
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
- config.xml: "PD94bWwgdmVyc2lvbj0nMS4wJyBlbmNvZGluZz0nVVRGLTgnPz4KPHVzZXI+CiAgPGZ1bGxOYW1lPmFkbWluPC9mdWxsTmFtZT4KICA8ZGVzY3JpcHRpb24+PC9kZXNjcmlwdGlvbj4KICA8cHJvcGVydGllcz4KICAgIDxodWRzb24uc2VjdXJpdHkuSHVkc29uUHJpdmF0ZVNlY3VyaXR5UmVhbG1fLURldGFpbHM+CiAgICAgIDxwYXNzd29yZEhhc2g+I2piY3J5cHQ6JDJhJDEwJERyaXVLdThPcTdpaWhtdi80bzlKOHV6cmg2QlVBaUtuejMuM21EMXBDb2dzUHJnOW42M1pXPC9wYXNzd29yZEhhc2g+CiAgICA8L2h1ZHNvbi5zZWN1cml0eS5IdWRzb25Qcml2YXRlU2VjdXJpdHlSZWFsbV8tRGV0YWlscz4KICA8L3Byb3BlcnRpZXM+CjwvdXNlcj4K"
----
-kind: Secret
-apiVersion: v1
-metadata:
- name: jenkins-ssh
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
- # .ssh/config isn't really a secret, but it's the easiest way to get it into
- # the same directory as the key
- config: "SG9zdCAqClVzZXJLbm93bkhvc3RzRmlsZSAvZGV2L251bGwKU3RyaWN0SG9zdEtleUNoZWNraW5nIG5vCklkZW50aXR5RmlsZSAiL3Zhci9qZW5raW5zX2hvbWUvLnNzaC9pZF9lZDI1NTE5Igo="
- id_ed25519: "LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFNd0FBQUF0emMyZ3RaVwpReU5UVXhPUUFBQUNDRDEwanpvNGlSZjF4bTYzSWxMSEpGeTVUK0FoUnVmenZLdmdpMEhwZ1RVQUFBQUpqV3dKZDkxc0NYCmZRQUFBQXR6YzJndFpXUXlOVFV4T1FBQUFDQ0QxMGp6bzRpUmYxeG02M0lsTEhKRnk1VCtBaFJ1Znp2S3ZnaTBIcGdUVUEKQUFBRUFXRktNV0xsNkZnRUJ1Zzk3MSthdE5ZQnQ4R2R1V3pDWWd0L2o5VHU0U2g0UFhTUE9qaUpGL1hHYnJjaVVzY2tYTApsUDRDRkc1L084cStDTFFlbUJOUUFBQUFFM0JoZFd4QVVHRjFiQ2R6SUUxaFl5QlFjbThCQWc9PQotLS0tLUVORCBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0K"
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- imagePullSecrets:
- - name: onapkey
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- ports:
- - containerPort: 8080
- volumeMounts:
- - name: jenkins-home
- mountPath: /var/jenkins_home
- - name: jenkins-users-admin
- mountPath: /var/jenkins_home/users/admin
- - name: jenkins-ssh
- mountPath: /var/jenkins_home/.ssh
- volumes:
- - name: jenkins-home
- emptyDir: {}
- - name: jenkins-users-admin
- secret:
- secretName: jenkins-users-admin
- - name: jenkins-ssh
- secret:
- secretName: jenkins-ssh
-
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName | default "http" }}
- selector:
- app: {{ include "common.name" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: onap/vvp/jenkins:1.0.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: NodePort
- internalPort: 8080
- portName: jenkins
-
-ingress:
- enabled: false
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: store all data of engagement manager
-name: vvp-postgres
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#
-# initdb defaults
-#
-listen_addresses = '*' # what IP address(es) to listen on;
-max_connections = 100 # (change requires restart)
-shared_buffers = 32MB # min 128kB
-datestyle = 'iso, mdy'
-lc_messages = 'en_US.UTF-8' # locale for system error message
-lc_monetary = 'en_US.UTF-8' # locale for monetary formatting
-lc_numeric = 'en_US.UTF-8' # locale for number formatting
-lc_time = 'en_US.UTF-8' # locale for time formatting
-default_text_search_config = 'pg_catalog.english'
-log_line_prefix = 'user=%u,db=%d '
-#
-# our customizations
-#
-dynamic_shared_memory_type = posix
-log_timezone = 'UTC'
-timezone = 'UTC'
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# sourced, not executed, by docker-entrypoint.sh (/bin/bash)
-
-# defaults
-: ${ICE_CMS_DB_USER:="icecmsuser"}
-: ${ICE_CMS_DB_NAME:="icecmsdb"}
-: ${ICE_CMS_DB_PASSWORD:="na"}
-
-psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<- EOF
- CREATE USER ${ICE_CMS_DB_USER} WITH CREATEDB PASSWORD '${ICE_CMS_DB_PASSWORD}';
- CREATE DATABASE ${ICE_CMS_DB_NAME} WITH OWNER ${ICE_CMS_DB_USER} ENCODING 'utf-8';
-EOF
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# sourced, not executed, by docker-entrypoint.sh (/bin/bash)
-ln -sf /etc/postgresql/conf.d/postgresql.conf "${PGDATA}"/postgresql.conf
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: postgresql-conf
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/postgres/conf/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: postgresql-initdb
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/postgres/init/*").AsConfig . | indent 2 }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- imagePullSecrets:
- - name: onapkey
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: 5432
- volumeMounts:
- - mountPath: /var/lib/postgresql/data
- name: postgresql-data
- - mountPath: /etc/postgresql/conf.d/
- name: postgresql-conf
- - mountPath: /docker-entrypoint-initdb.d/
- name: postgresql-initdb
- env:
- - name: POSTGRES_DB
- value: icedb
- - name: ICE_CMS_DB_NAME
- value: icecmsdb
- - name: POSTGRES_USER
- value: em_postgresuser
- - name: ICE_CMS_DB_USER
- value: cms_postgresuser
- - name: ICE_CMS_DB_PASSWORD
- valueFrom:
- secretKeyRef:
- name: postgresql-passwords
- key: cmsPassword
- - name: POSTGRES_PASSWORD
- valueFrom:
- secretKeyRef:
- name: postgresql-passwords
- key: emPassword
- volumes:
- - name: postgresql-data
- emptyDir: {}
- - name: postgresql-conf
- configMap:
- name: postgresql-conf
- - name: postgresql-initdb
- configMap:
- name: postgresql-initdb
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName | default "http" }}
- selector:
- app: {{ include "common.name" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: onap/vvp/postgresql:1.0.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: ClusterIP
- name: vvp-postgres
- portName: vvp-postgres
- internalPort: 5432
- externalPort: 5432
-
-ingress:
- enabled: false
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: in memory key-value store for all project
-name: vvp-redis
-version: 3.0.0
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- name: {{ include "common.name" . }}
- spec:
- hostname: {{ include "common.name" . }}
- containers:
- - args:
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: docker.io
-image: redis:alpine
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: ClusterIP
- name: vvp-redis
- portName: vvp-redis
- internalPort: 6379
- externalPort: 6379
-
-ingress:
- enabled: false
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-dependencies:
- - name: common
- version: ~3.0.0
- repository: '@local'
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-pid /nginx.pid;
-error_log /dev/stdout warn;
-
-http {
- access_log /dev/stdout;
- server {
- listen 0.0.0.0:8181;
-
- location / {
- include /etc/nginx/mime.types;
- root /usr/share/nginx/html/;
- }
-
- }
-}
-
-events {
- worker_connections 4096;
-}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-{
- "serviceProvider": {
- "name": "NA"
- },
- "program": {
- "name": "VVP"
- }
-}
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: portal-nginx-config
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/vvp/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: onapkey
-data:
- .dockercfg: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOiB7InVzZXJuYW1lIjogImRvY2tlciIsICJwYXNzd29yZCI6ICJkb2NrZXIiLCAiZW1haWwiOiAiZW1haWxAZW1haWwuY29tIn19
-type: kubernetes.io/dockercfg
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: em-secret
-type: Opaque
-data:
- key: "IzkxZV9fdzNrPTc4MUB5KGVfIzZodTZ0JmgyNTQjdSkmYmorbTl0aHglayE2XiowNnI="
- em_webhook_token: "QWlwN29oeDFlaUhhZXNob2g5c2hhaWx1OWVleDd0aGE="
- gitlab_admin_password: "YW82aWo2d29oV2VpcXU0ZQ=="
- jenkins_admin_password: "a29peWVCYWlUaDNrYWlOZw=="
- cms_app_client_id: "RWVCNFhlaW1vb2M2eGllU2VlS2FoOGRhZTFlaXBhZTRvdGFlc2hlZQ=="
- cms_app_client_secret: "aGFpTW9vcGllWmVlMXdlaTNsZWY0Z2FleWlhMnZhaHdvaHRoMG1haWQ5aXRoMnBoZWVzaGFpdGh1VG9vcjJKb2hzaGVpNWJhZXk3RWlxdWFldGhlaWI4cXVhaXF1ZWU3cGhpYXRoN2V1YjJhaU5haWMzb3U5dmFpemViZWlGNXU="
- slack_api_token: ""
- aws_access_key_id: "MlpCMTlVOUQ4SzZYVkpHNzVWWDA="
- aws_secret_access_key: "N3hWV2Vxc0xJb3RLT3VhMHh2aGFwSXNDdDFWVTB4Nk0yRTRmVFJLTw=="
----
-kind: Secret
-apiVersion: v1
-metadata:
- name: email-secret
-type: Opaque
-data:
- password: "RVhBTVBMRQ=="
----
-kind: Secret
-apiVersion: v1
-metadata:
- name: site-crt
-type: Opaque
-data:
- # the public part of the certificate, not actually a secret.
- site.crt: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURFRENDQWZnQ0NRRGhhaFZLRTkvZVVqQU5CZ2txaGtpRzl3MEJBUXNGQURCS01SQXdEZ1lEVlFRS0RBZEYKZUdGdGNHeGxNUkF3RGdZRFZRUUxEQWRsZUdGdGNHeGxNU1F3SWdZRFZRUUREQnRrWlhabGJHOXdiV1Z1ZEM1MgpkbkF1WlhoaGJYQnNaUzVqYjIwd0hoY05NVGN4TWpJME1UVXpPVEEzV2hjTk1UZ3hNakkwTVRVek9UQTNXakJLCk1SQXdEZ1lEVlFRS0RBZEZlR0Z0Y0d4bE1SQXdEZ1lEVlFRTERBZGxlR0Z0Y0d4bE1TUXdJZ1lEVlFRRERCdGsKWlhabGJHOXdiV1Z1ZEM1MmRuQXVaWGhoYlhCc1pTNWpiMjB3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQgpEd0F3Z2dFS0FvSUJBUUNrdk5HWGUrYmR2TDJrdnJQMkwzV0FCdDJXQ0ZvWjJQbjhQeDBlRXNSaUpIVkQwZVd6CnJnSllIRkp1MEMwY0s5TllTS3hWVkk4TG5LSDdOeTVNRmZNNFRxeXIzVUVPTHMrZlN3YUFxTTV0U3laVS90RUsKcmFjdEE3Ymk5ZkRrMmxrY3MrTEx1Wk1xR1BaMzdVWmNad3NVUTBCT05IUDY2OExxa1dxVDloTkxJTjRlaklucgozMldBM1k3aFBOZDhDaitBYUx0MXgyY1hZemk5aHJFNWwzaDlvZmtPcFhzZ0R6ZUlIbHA0ako2a1hYUWY4VU01CjF2aXFhMkNXWEhCSEVHKzVlZnRMU2FlRTZMQWxOdDVJSjZMY1dFWmdOdFhyMmVzNExKQzNGalhydjBnYzA0Q3AKVTJPZml6cGJoVDExY0xHYWVYT3ExY1VDWE5JYjRGY0pBcG9YQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRApnZ0VCQUZHUERHOWl1ckFoVUtiRmtZOTd4TEE0NDNVMDFiZHdpN2VBVDVUOXFvL1J6T3djYnVLV1hWbTFrNUhLCkNRTzgxbmxMcUxRd2hJMSt1VFRtUjQxZXB1Snh5R0lhRGdVeVNCKzhmTHp5UlNJRmF4S0QrVWVWUGdpcEROWnMKaDBzS1NLck82TW9Xek1MVVl2ZFpSdzZWSWMrVXBTQ3FQWStGS1VCVUhadE1wU0ZMbmhIalJ2VmtpUDRWdkZYagpiN2pRekh1Z2h6ZUlUeWd3czQyZktLL01LN3dRNmJ5YU1WUmJQYlFLUEFYTnhkL1VyU1BlWCtSektSV09aNlI4ClVseXA3ZGV6WENQNzdVYVRaVHN4d2x1clBRSVpOTXNoRHhFL1NiV3QwUTFnMjhyajVLZkFqb1pzNVRnL2dtUTgKTExLSS9iMU92S29oYUFOR1o2V2U1VStjZWVVPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg=="
----
-piVersion: v1
-kind: Secret
-metadata:
- name: postgresql-passwords
-type: Opaque
-data:
- emPassword: "ZW1fcG9zdGdyZXNwYXNz"
- cmsPassword: "Y21zX3Bvc3RncmVzcGFzcw=="
- ciPassword: "Y2lkYnBhc3M="
----
-kind: Secret
-apiVersion: v1
-metadata:
- name: site-pem
-type: Opaque
-data:
- site.pem: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURFRENDQWZnQ0NRRGhhaFZLRTkvZVVqQU5CZ2txaGtpRzl3MEJBUXNGQURCS01SQXdEZ1lEVlFRS0RBZEYKZUdGdGNHeGxNUkF3RGdZRFZRUUxEQWRsZUdGdGNHeGxNU1F3SWdZRFZRUUREQnRrWlhabGJHOXdiV1Z1ZEM1MgpkbkF1WlhoaGJYQnNaUzVqYjIwd0hoY05NVGN4TWpJME1UVXpPVEEzV2hjTk1UZ3hNakkwTVRVek9UQTNXakJLCk1SQXdEZ1lEVlFRS0RBZEZlR0Z0Y0d4bE1SQXdEZ1lEVlFRTERBZGxlR0Z0Y0d4bE1TUXdJZ1lEVlFRRERCdGsKWlhabGJHOXdiV1Z1ZEM1MmRuQXVaWGhoYlhCc1pTNWpiMjB3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQgpEd0F3Z2dFS0FvSUJBUUNrdk5HWGUrYmR2TDJrdnJQMkwzV0FCdDJXQ0ZvWjJQbjhQeDBlRXNSaUpIVkQwZVd6CnJnSllIRkp1MEMwY0s5TllTS3hWVkk4TG5LSDdOeTVNRmZNNFRxeXIzVUVPTHMrZlN3YUFxTTV0U3laVS90RUsKcmFjdEE3Ymk5ZkRrMmxrY3MrTEx1Wk1xR1BaMzdVWmNad3NVUTBCT05IUDY2OExxa1dxVDloTkxJTjRlaklucgozMldBM1k3aFBOZDhDaitBYUx0MXgyY1hZemk5aHJFNWwzaDlvZmtPcFhzZ0R6ZUlIbHA0ako2a1hYUWY4VU01CjF2aXFhMkNXWEhCSEVHKzVlZnRMU2FlRTZMQWxOdDVJSjZMY1dFWmdOdFhyMmVzNExKQzNGalhydjBnYzA0Q3AKVTJPZml6cGJoVDExY0xHYWVYT3ExY1VDWE5JYjRGY0pBcG9YQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRApnZ0VCQUZHUERHOWl1ckFoVUtiRmtZOTd4TEE0NDNVMDFiZHdpN2VBVDVUOXFvL1J6T3djYnVLV1hWbTFrNUhLCkNRTzgxbmxMcUxRd2hJMSt1VFRtUjQxZXB1Snh5R0lhRGdVeVNCKzhmTHp5UlNJRmF4S0QrVWVWUGdpcEROWnMKaDBzS1NLck82TW9Xek1MVVl2ZFpSdzZWSWMrVXBTQ3FQWStGS1VCVUhadE1wU0ZMbmhIalJ2VmtpUDRWdkZYagpiN2pRekh1Z2h6ZUlUeWd3czQyZktLL01LN3dRNmJ5YU1WUmJQYlFLUEFYTnhkL1VyU1BlWCtSektSV09aNlI4ClVseXA3ZGV6WENQNzdVYVRaVHN4d2x1clBRSVpOTXNoRHhFL1NiV3QwUTFnMjhyajVLZkFqb1pzNVRnL2dtUTgKTExLSS9iMU92S29oYUFOR1o2V2U1VStjZWVVPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCgotLS0tLUJFR0lOIFBSSVZBVEUgS0VZLS0tLS0KTUlJRXZRSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2N3Z2dTakFnRUFBb0lCQVFDa3ZOR1hlK2Jkdkwyawp2clAyTDNXQUJ0MldDRm9aMlBuOFB4MGVFc1JpSkhWRDBlV3pyZ0pZSEZKdTBDMGNLOU5ZU0t4VlZJOExuS0g3Ck55NU1GZk00VHF5cjNVRU9McytmU3dhQXFNNXRTeVpVL3RFS3JhY3RBN2JpOWZEazJsa2NzK0xMdVpNcUdQWjMKN1VaY1p3c1VRMEJPTkhQNjY4THFrV3FUOWhOTElONGVqSW5yMzJXQTNZN2hQTmQ4Q2orQWFMdDF4MmNYWXppOQpockU1bDNoOW9ma09wWHNnRHplSUhscDRqSjZrWFhRZjhVTTUxdmlxYTJDV1hIQkhFRys1ZWZ0TFNhZUU2TEFsCk50NUlKNkxjV0VaZ050WHIyZXM0TEpDM0ZqWHJ2MGdjMDRDcFUyT2ZpenBiaFQxMWNMR2FlWE9xMWNVQ1hOSWIKNEZjSkFwb1hBZ01CQUFFQ2dnRUFmaXVua3cvd2FBK3daOGN2YWZRN1dBenFGWWpjQ1VQbllzeXI3bWFOUm1XSgo4cUdGL2pIZDFjSUxXSmZVbE9qeiszL2RqWlV2NGNMYlJONmtkTjJ5NUlOTk9HeEM4U3ZsRkttUGwyYXlnMzYxCkl3L3U1dkROUTJxKzNlRmoyTU5xME5MdGR2N3d1YU5ZMGMxR3dHcWpUNmVhVHN0WnNPcDA1TmJ1KzlmU093ejgKcHJFOUVxU2FpbHBjMFpIMDNUb0JDY1ZpTFBRN0RDeWkzd0QvTHFaWXlqbnNKdnBWVjFGV2paTWRNQjVCTHlQNQp2Wkg5Qk1iQ0Eva2YrUDVYVjBtUU9rcWk3OVN0bEhHc21id3A5YzVEUnZiUHZ3TWdsdUpqVDRRNXZldXNtY1ozClF4ZGpXVVpLeXZUU2w2QmFVV0tmSkxhMGhPWHR1UXB5VHhhMDY3S1RNUUtCZ1FEU2tTUXM4aGhnYVhMQVJDMWUKcWwxK29ZNVNjckxVb3dBbHJoNXYxRjlzcTAyNEkrRXRPa3dUZHZkbDNTQjg0bmhyRDVZQ2JhcXlWRi9uNFRaQQpoMnZkUHVsZ3pOT0FPQUh5bjQyanpuQm5kcWtqaXQrdUhOUVBWVjA3bzVwaDk1N05DT25XNFFPZ01IeFhrbDRzCllROTlVYkJmTmdwTC9PY0NUOWhFbnl3d3pRS0JnUURJU0QvV2poMFZ3Nmd0VXlUcjFUMlQ0S3FzS09HTXNIZ1gKbWVqRkJnQVpoeTNSQTRxSnBLWkdPOWUyK0VvMWRSN1ErVjIzOXhaVy9WdEZDcmdLYUNENm9EWFFQM0grcC93VgpvRXozbDJoMWRrSmxYSVd1Z1ZUY05uOGNHeU1TUi9BMUEycFVQNkMwRTJqSTFXWURpT2VQdnFSVTZpczE4dGYwCkNwMjdnNU5tY3dLQmdGSEUvMUZjNms1MlpKTjVaa3oreDdQbk5RZWJkd3JRQ2J5WU0wV21LVEJnRFp4V2dwazMKckZkYXVaUWJIUVNpUmJUOXBubG04UVN6YzFMdXlFeWl5aVp1eWQ1SGJGSzhiVFUwOUtJS0J1aUcwZ1AxYUF1TApNbWFKOWR5MUdieTFsanQxSEtuUFU4TWZVUW9JMHYxVTY5ajBvaE0zUHlSbkg2WnNMMFhtc2hoNUFvR0FZT0tLCmR5a0NLdUFlUCtiRHFvM2FIdW9FeGdsMHFwRkhWdXR1TGJrc1hTMEdYZURmcUp3TWoxY3RqK1ptUjV2amoyWEMKRDFjbzZHWGhPL0htZTZwSm9kUFVsR3ZNb2tyeTZDZEdkRk03QmU5eVNRUkw2dEhIa2t1T2k3TVk4U1A1c0R0NQp1VTJhV09JMncwaHY4Ky9MVEw4RlVjcUJvclJhQVVVTmJvTkV6NzhDZ1lFQXF0bXI0YmJYeWRnNFpFckY5c2ZWCkh4NUhZdDQweU1QajJrR3hSWm9uQXYvaXBwaHpCNFRXZmZFckdCNlgvdzNnUWpla2Z6S2pFNU5rSGVvMytEQisKbzFqc1BySXhrcFlYSzAydlNWN3RZdnlaczBBWGlGcm5sZFBkSzlhNHRtWHhhZEQwZm1OSkxmU0hwd0tVNXdQagpOR2UzUG5rT1pMUlQ4MHVPWkVpMUx4Zz0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo="
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: haproxy-auth
-type: Opaque
-data:
- user: "aGFwcm94eXVzZXI="
- pass: "aGFwcm94eXBhc3M="
-
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
- spec:
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: /tmp/
- name: portal-nginx-config
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- command: ["nginx", "-g", "daemon off;", "-c", "/tmp/nginx.conf"]
- volumes:
- - name: portal-nginx-config
- configMap:
- name: portal-nginx-config
- items:
- - key: file
- path: nginx.conf
- - key: service_provider.json
- path: service_provider.json
- imagePullSecrets:
- - name: onapkey
+++ /dev/null
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: onap/vvp/portal:1.0.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-service:
- type: ClusterIP
- internalPort: 8181
- externalPort: 8181
-
-ingress:
- enabled: false