run mr containers as non root user

author sunil.unnava <sunil.unnava@att.com>

Wed, 10 Apr 2019 17:09:52 +0000 (13:09 -0400)

committer sunil.unnava <sunil.unnava@att.com>

Wed, 10 Apr 2019 17:10:45 +0000 (13:10 -0400)
author sunil.unnava <sunil.unnava@att.com>
Wed, 10 Apr 2019 17:09:52 +0000 (13:09 -0400)
committer sunil.unnava <sunil.unnava@att.com>
Wed, 10 Apr 2019 17:10:45 +0000 (13:10 -0400)
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml

index cc8fd5a..5e96423 100644 (file)
--- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml
@@ -70,6 +70,17 @@ spec:
          image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
          name: {{ include "common.name" . }}-readiness
+      - command:
+        -  sh
+        - -exec
+        - |
+          chown -R 1000:1000 /opt/kafka/data;
+        image: "{{ .Values.busyBoxRepository }}/{{ .Values.busyBoxImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts:
+        - mountPath: /opt/kafka/data
+          name: kafka-data
+        name: {{ include "common.name" . }}-permission-fixer
        containers:
        - name: {{ include "common.name" .  }}
          image: "{{ include "common.repository" . }}/{{ .Values.image }}"
@@ -124,7 +135,7 @@ spec:
          - name: aaf_locate_url
            value: "https://aaf-locate:8095"
          - name: KAFKA_LOG_DIRS
-          value: "kafka/logs"
+          value: "/opt/kafka/data"
          - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR
            value: "{{ .Values.replicaCount }}"
          - name: KAFKA_DEFAULT_REPLICATION_FACTOR
@@ -137,7 +148,7 @@ spec:
            readOnly: true
          - mountPath: /var/run/docker.sock
            name: docker-socket
-        - mountPath: /kafka
+        - mountPath: /opt/kafka/data
            name: kafka-data
        {{- if .Values.tolerations }}
        tolerations:
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml

index 5b83bb0..9f92610 100644 (file)
--- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml
@@ -30,9 +30,12 @@ global:
  #################################################################
  # application image
  repository: nexus3.onap.org:10001
-image: onap/dmaap/kafka111:0.0.5
+image: onap/dmaap/kafka111:0.0.6
  pullPolicy: Always
  ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+busyBoxImage: busybox:1.30
+busyBoxRepository: docker.io
+
  
  zookeeper:
    name: message-router-zookeeper
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml

index 2fbd884..f630e94 100644 (file)
--- a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml
@@ -30,7 +30,7 @@ global:
  #################################################################
  # application image
  repository: nexus3.onap.org:10001
-image: onap/dmaap/kafka111:0.0.5
+image: onap/dmaap/kafka111:0.0.6
  pullPolicy: Always
  ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
  
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml

index b2f9f13..6c15783 100644 (file)
--- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml
@@ -58,18 +58,19 @@ spec:
          - /bin/bash
          - -c
          - >
-          if [ -d /tmp/topics/version-2 ]; then
+          if [ -d /tmp/zookeeper/topics/version-2 ]; then
            echo "nothing to do";
            else
-          git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit;
-          echo "Clone complete. Copying from /tmp/gerrit/oom-projects/data-zookeeper/* to /tmp/topics";
-          cp -var /tmp/gerrit/oom-topics/data-zookeeper/* /tmp/topics;
+          git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/zookeeper/gerrit;
+          echo "Clone complete. Copying from /tmp/zookeeper/gerrit/oom-projects/data-zookeeper/* to /tmp/zookeeper/topics";
+          cp -var /tmp/zookeeper/gerrit/oom-topics/data-zookeeper/* /tmp/zookeeper/topics;
+          chown -R 1000:1000 /tmp/zookeeper/topics;
            echo "Done.";
            fi
          image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}"
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
          volumeMounts:
-        - mountPath: /tmp/topics
+        - mountPath: /tmp/zookeeper/topics
            name: zookeeper-data
        containers:
        - name: {{ include "common.name" . }}
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml

index 37a1bab..22daf94 100644 (file)
--- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml
@@ -30,7 +30,7 @@ global:
  #################################################################
  # application image
  repository: nexus3.onap.org:10001
-image: onap/dmaap/zookeeper:3.0.0
+image: onap/dmaap/zookeeper:4.0.0
  pullPolicy: Always
  ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
  
diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml

index 10ce59c..b141207 100644 (file)
--- a/kubernetes/dmaap/components/message-router/values.yaml
+++ b/kubernetes/dmaap/components/message-router/values.yaml
@@ -28,7 +28,7 @@ global:
  #################################################################
  # application image
  repository: nexus3.onap.org:10001
-image: onap/dmaap/dmaap-mr:1.1.11
+image: onap/dmaap/dmaap-mr:1.1.12
  pullPolicy: Always
  
  kafka:
author	sunil.unnava <sunil.unnava@att.com>
	Wed, 10 Apr 2019 17:09:52 +0000 (13:09 -0400)
committer	sunil.unnava <sunil.unnava@att.com>
	Wed, 10 Apr 2019 17:10:45 +0000 (13:10 -0400)
kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml		patch \| blob \| history
kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml		patch \| blob \| history
kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml		patch \| blob \| history
kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml		patch \| blob \| history
kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml		patch \| blob \| history
kubernetes/dmaap/components/message-router/values.yaml		patch \| blob \| history