# Various IDEs\r
.project\r
.idea/\r
-*.tmproj\r
+*.tmproj
\ No newline at end of file
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- - aaf-cs
- - --container-name
- aaf-locate
env:
- name: NAMESPACE
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/cm"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/cm/bin/cm"]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
flavor: small
-
#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_cm:2.1.1
+image: onap/aaf/aaf_cm:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
+++ /dev/null
-/* # Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. */
-
-// Table Initialization
-// First make sure the keyspace exists.
-
-USE authz;
-
-//
-// CORE Table function
-//
-
-// Namespace - establish hierarchical authority to modify
-// Permissions and Roles
-// "scope" is flag to determine Policy. Typical important scope
-// is "company" (1)
-CREATE TABLE ns (
- name varchar,
- scope int, // deprecated 2.0.11
- description varchar,
- parent varchar,
- type int,
- PRIMARY KEY (name)
-);
-CREATE INDEX ns_parent on ns(parent);
-
-CREATE TABLE ns_attrib (
- ns varchar,
- key varchar,
- value varchar,
- PRIMARY KEY (ns,key)
-);
-create index ns_attrib_key on ns_attrib(key);
-
-// Will be cached
-CREATE TABLE role (
- ns varchar,
- name varchar,
- perms set<varchar>, // Use "Key" of "name|type|action"
- description varchar,
- PRIMARY KEY (ns,name)
-);
-CREATE INDEX role_name ON role(name);
-
-// Will be cached
-CREATE TABLE perm (
- ns varchar,
- type varchar,
- instance varchar,
- action varchar,
- roles set<varchar>, // Need to find Roles given Permissions
- description varchar,
- PRIMARY KEY (ns,type,instance,action)
-);
-
-// This table is user for Authorization
-CREATE TABLE user_role (
- user varchar,
- role varchar, // deprecated: change to ns/rname after 2.0.11
- ns varchar,
- rname varchar,
- expires timestamp,
- PRIMARY KEY(user,role)
- );
-CREATE INDEX user_role_ns ON user_role(ns);
-CREATE INDEX user_role_role ON user_role(role);
-
-// This table is only for the case where return User Credential (MechID) Authentication
-CREATE TABLE cred (
- id varchar,
- type int,
- expires timestamp,
- ns varchar,
- other int,
- notes varchar,
- cred blob,
- prev blob,
- PRIMARY KEY (id,type,expires)
- );
-CREATE INDEX cred_ns ON cred(ns);
-
-// Certificate Cross Table
-// coordinated with CRED type 2
-CREATE TABLE cert (
- fingerprint blob,
- id varchar,
- x500 varchar,
- expires timestamp,
- PRIMARY KEY (fingerprint)
- );
-CREATE INDEX cert_id ON cert(id);
-CREATE INDEX cert_x500 ON cert(x500);
-
-CREATE TABLE notify (
- user text,
- type int,
- last timestamp,
- checksum int,
- PRIMARY KEY (user,type)
-);
-
-CREATE TABLE x509 (
- ca text,
- serial blob,
- id text,
- x500 text,
- x509 text,
- PRIMARY KEY (ca,serial)
-);
-
-
-CREATE INDEX x509_id ON x509 (id);
-CREATE INDEX x509_x500 ON x509 (x500);
-
-//
-// Deployment Artifact (for Certman)
-//
-CREATE TABLE artifact (
- mechid text,
- machine text,
- type Set<text>,
- sponsor text,
- ca text,
- dir text,
- os_user text,
- ns text,
- notify text,
- expires timestamp,
- renewDays int,
- sans Set<text>,
- PRIMARY KEY (mechid,machine)
-);
-CREATE INDEX artifact_machine ON artifact(machine);
-CREATE INDEX artifact_ns ON artifact(ns);
-
-//
-// Non-Critical Table functions
-//
-// Table Info - for Caching
-CREATE TABLE cache (
- name varchar,
- seg int, // cache Segment
- touched timestamp,
- PRIMARY KEY(name,seg)
-);
-
-CREATE TABLE history (
- id timeuuid,
- yr_mon int,
- user varchar,
- action varchar,
- target varchar, // user, user_role,
- subject varchar, // field for searching main portion of target key
- memo varchar, //description of the action
- reconstruct blob, //serialized form of the target
- // detail Map<varchar, varchar>, // additional information
- PRIMARY KEY (id)
-);
-CREATE INDEX history_yr_mon ON history(yr_mon);
-CREATE INDEX history_user ON history(user);
-CREATE INDEX history_subject ON history(subject);
-
-//
-// A place to hold objects to be created at a future time.
-//
-CREATE TABLE future (
- id uuid, // uniquify
- target varchar, // Target Table
- memo varchar, // Description
- start timestamp, // When it should take effect
- expires timestamp, // When not longer valid
- construct blob, // How to construct this object (like History)
- PRIMARY KEY(id)
-);
-CREATE INDEX future_idx ON future(target);
-CREATE INDEX future_start_idx ON future(start);
-
-
-CREATE TABLE approval (
- id timeuuid, // unique Key
- ticket uuid, // Link to Future Record
- user varchar, // the user who needs to be approved
- approver varchar, // user approving
- type varchar, // approver types i.e. Supervisor, Owner
- status varchar, // approval status. pending, approved, denied
- memo varchar, // Text for Approval to know what's going on
- operation varchar, // List operation to perform
- last_notified timestamp, // Timestamp for the last time approver was notified
- PRIMARY KEY(id)
- );
-CREATE INDEX appr_approver_idx ON approval(approver);
-CREATE INDEX appr_user_idx ON approval(user);
-CREATE INDEX appr_ticket_idx ON approval(ticket);
-CREATE INDEX appr_status_idx ON approval(status);
-
-CREATE TABLE approved (
- id timeuuid, // unique Key
- user varchar, // the user who needs to be approved
- approver varchar, // user approving
- type varchar, // approver types i.e. Supervisor, Owner
- status varchar, // approval status. pending, approved, denied
- memo varchar, // Text for Approval to know what's going on
- operation varchar, // List operation to perform
- PRIMARY KEY(id)
- );
-CREATE INDEX approved_approver_idx ON approved(approver);
-CREATE INDEX approved_user_idx ON approved(user);
-
-CREATE TABLE delegate (
- user varchar,
- delegate varchar,
- expires timestamp,
- PRIMARY KEY (user)
-);
-CREATE INDEX delg_delg_idx ON delegate(delegate);
-
-// OAuth Tokens
-CREATE TABLE oauth_token (
- id text, // Reference
- client_id text, // Creating Client ID
- user text, // User requesting
- active boolean, // Active or not
- type int, // Type of Token
- refresh text, // Refresh Token
- expires timestamp, // Expiration time/Date (signed long)
- exp_sec bigint, // Seconds from Jan 1, 1970
- content text, // Content of Token
- scopes Set<text>, // Scopes
- state text, // Context string (Optional)
- req_ip text, // Requesting IP (for logging purpose)
- PRIMARY KEY(id)
-) with default_time_to_live = 21600; // 6 hours
-CREATE INDEX oauth_token_user_idx ON oauth_token(user);
-
-CREATE TABLE locate (
- name text, // Component/Server name
- hostname text, // FQDN of Service/Component
- port int, // Port of Service
- major int, // Version, Major
- minor int, // Version, Minor
- patch int, // Version, Patch
- pkg int, // Version, Package (if available)
- latitude float, // Latitude
- longitude float, // Longitude
- protocol text, // Protocol (i.e. http https)
- subprotocol set<text>, // Accepted SubProtocols, ie. TLS1.1 for https
- port_key uuid, // Key into locate_ports
- PRIMARY KEY(name,hostname,port)
-) with default_time_to_live = 1200; // 20 mins
-
-CREATE TABLE locate_ports (
- id uuid, // Id into locate
- port int, // SubPort
- name text, // Name of Other Port
- protocol text, // Protocol of Other (i.e. JMX, DEBUG)
- subprotocol set<text>, // Accepted sub protocols or versions
- PRIMARY KEY(id, port)
-) with default_time_to_live = 1200; // 20 mins;
-
-//
-// Used by authz-batch processes to ensure only 1 runs at a time
-//
-CREATE TABLE run_lock (
- class text,
- host text,
- start timestamp,
- PRIMARY KEY ((class))
-);
+++ /dev/null
-/* # Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. */
-
-// For Developer Machine single instance
-// CREATE KEYSPACE authz
-// WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1};
-//
-//
-
-// Example of Network Topology, with Datacenter dc1 & dc2
-// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' };
-// Out of the box Docker Cassandra comes with "datacenter1", one instance
-CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'datacenter1': '1' };
-//
+++ /dev/null
-/* # Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. */
-
-USE authz;
-
-// Create 'org' root NS
-INSERT INTO ns (name,description,parent,scope,type)
- VALUES('org','Root Namespace','.',1,1);
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org','admin',{'org.access|*|*'},'Org Admins');
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org','owner',{'org.access|*|read,approve'},'Org Owners');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org','access','*','read,approve',{'org.owner'},'Org Read Access');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org','access','*','*',{'org.admin'},'Org Write Access');
-
-// Create Root pass
-INSERT INTO cred (id,ns,type,cred,expires)
- VALUES ('initial@osaaf.org','org.osaaf',1,0x008c5926ca861023c1d2a36653fd88e2,'2099-12-31') using TTL 14400;
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('initial@osaaf.org','org.admin','2099-12-31','org','admin') using TTL 14400;
-
-
-// Create org.osaaf
-INSERT INTO ns (name,description,parent,scope,type)
- VALUES('org.osaaf','OSAAF Namespace','org',2,2);
-
-INSERT INTO role(ns, name, perms,description)
- VALUES('org.osaaf','admin',{'org.osaaf.access|*|*'},'OSAAF Admins');
-
-INSERT INTO perm(ns, type, instance, action, roles,description)
- VALUES ('org.osaaf','access','*','*',{'org.osaaf.admin'},'OSAAF Write Access');
-
-INSERT INTO role(ns, name, perms,description)
- VALUES('org.osaaf','owner',{'org.osaaf.access|*|read,approve'},'OSAAF Owners');
-
-INSERT INTO perm(ns, type, instance, action, roles,description)
- VALUES ('org.osaaf','access','*','read,appove',{'org.osaaf.owner'},'OSAAF Read Access');
-
-// Create org.osaaf.aaf
-INSERT INTO ns (name,description,parent,scope,type)
- VALUES('org.osaaf.aaf','Application Authorization Framework','org.osaaf',3,3);
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.osaaf.aaf','admin',{'org.osaaf.aaf.access|*|*'},'AAF Admins');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org.osaaf.aaf','access','*','*',{'org.osaaf.aaf.admin'},'AAF Write Access');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org.osaaf.aaf','access','*','read,approve',{'org.osaaf.aaf.owner'},'AAF Read Access');
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.osaaf.aaf','owner',{'org.osaaf.aaf.access|*|read,approve'},'AAF Owners');
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('initial@osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') using TTL 14400;
-
-
-// ONAP Specific Entities
-// ONAP initial env Namespace
-INSERT INTO ns (name,description,parent,scope,type)
- VALUES('org.onap','ONAP','org',2,2);
-
-INSERT INTO ns (name,description,parent,scope,type)
- VALUES('org.onap.portal','ONAP Portal','org.onap.portal',3,3);
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org.onap.portal','access','*','read',{
- 'org.onap.portal.owner','org.onap.portal.designer','org.onap.portal.tester','org.onap.portal.ops','org.onap.portal.governor'
- },'Portal Read Access');
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','owner',{'org.onap.portal.access|*|read'},'Portal Owner');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org.onap.portal','access','*','*',{'org.onap.portal.admin'},'Portal Write Access');
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','admin',{'org.onap.portal.access|*|*'},'Portal Admins');
-
-// DEMO ID (OPS)
-insert into cred (id,type,expires,cred,notes,ns,other) values('demo@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('demo@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
-
-// ADMIN
-insert into cred (id,type,expires,cred,notes,ns,other) values('jh0003@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('jh0003@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
-
-// DESIGNER
-INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('cs0008@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','designer',{'org.onap.portal.access|*|read'},'Portal Designer');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('cs0008@people.osaaf.org','org.onap.portal.designer','2018-10-31','org.onap.portal','designer');
-
-// TESTER
-INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('jm0007@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','tester',{'org.onap.portal.access|*|read'},'Portal Tester');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('jm0007@people.osaaf.org','org.onap.portal.tester','2018-10-31','org.onap.portal','tester');
-
-// OPS
-INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('op0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','ops',{'org.onap.portal.access|*|read'},'Portal Operations');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('op0001@people.osaaf.org','org.onap.portal.ops','2018-10-31','org.onap.portal','ops');
-
-// GOVERNOR
-INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('gv0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.onap.portal','governor',{'org.onap.portal.access|*|read'},'Portal Governor');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('gv0001@people.osaaf.org','org.onap.portal.governor','2018-10-31','org.onap.portal','governor');
-
+++ /dev/null
-/* # Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. */
-
-USE authz;
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('demo@people.osaaf.org','org.admin','2099-12-31','org','admin') ;
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('demo@people.osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') ;
-
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
- hostname: {{ include "common.name" . }}
containers:
- - args:
+ - name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"]
ports:
- containerPort: {{ .Values.service.externalPort }}
- containerPort: {{ .Values.service.externalPort2 }}
- containerPort: {{ .Values.service.externalPort3 }}
- containerPort: {{ .Values.service.externalPort4 }}
+ env:
+ - name: CASSANDRA_CLUSTER_NAME
+ value: "osaaf"
+ - name: CASSANDRA_DC
+ value: "dc1"
+ - name: HEAP_NEWSIZE
+ value: "512M"
+ - name: MAX_HEAP_SIZE
+ value: "1024M"
volumeMounts:
- - mountPath: /data
- name: aaf-cs-data
+ - mountPath: /var/lib/cassandra
+ name: cassandra-storage
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end -}}
readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort3 }}
+ exec:
+ command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","wait"]
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- lifecycle:
- postStart:
- exec:
- command:
- - /bin/sh
- - -c
- - >
- /bin/sleep {{ .Values.readiness.initialDelaySeconds }};
- cd /data/;
- cqlsh -u root -p root -f keyspace.cql ;
- cqlsh -u root -p root -f init.cql ;
- cqlsh -u root -p root -f osaaf.cql ;
- cqlsh -u root -p root -f temp_identity.cql
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . | indent 10 }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: aaf-cs-data
- secret:
- secretName: {{ include "common.fullname" . }}
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: cassandra-storage
+ {{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
--- /dev/null
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.size}}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
\ No newline at end of file
--- /dev/null
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
\ No newline at end of file
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/aaf-cs-data/*").AsSecrets | indent 2 }}
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: library/cassandra:3.11
+image: onap/aaf/aaf_cass:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
# application configuration
config: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 180
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 180
+ initialDelaySeconds: 120
periodSeconds: 10
service:
requests:
cpu: 40m
memory: 9000Mi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
+
+persistence:
+ enabled: true
+ #existingClaim:
+ mountPath: /dockerdata-nfs
+ mountSubPath: "cass"
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteOnce
+ size: 10Gi
+ storageClass: "manual"
\ No newline at end of file
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- - aaf-cs
- - --container-name
- aaf-locate
env:
- name: NAMESPACE
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/fs"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c","ln -s /opt/app/osaaf/data /data;/opt/app/aaf/fs/bin/fs "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_fs:2.1.1
+image: onap/aaf/aaf_fs:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- - aaf-cs
- - --container-name
- - aaf-locate
+ - aaf-cm
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/gui"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/gui/bin/gui "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_gui:2.1.1
+image: onap/aaf/aaf_gui:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- - aaf-cs
- - --container-name
- aaf-locate
env:
- name: NAMESPACE
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/hello"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/hello/bin/hello "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
nodePortPrefix: 302
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
-
+flavor: small
#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_hello:2.1.1
+image: onap/aaf/aaf_hello:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- - aaf-cs
+ - aaf-service
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/locate"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/locate/bin/locate "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
nodePortPrefix: 302
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
-
-# If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines.
-# persistence:
-# mountPath: /dockerdata
flavor: small
#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_locate:2.1.1
+image: onap/aaf/aaf_locate:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
- - /root/ready.py
+ - name: {{ include "common.name" . }}-readiness
+ command:
+ - /root/ready.py
args:
- --container-name
- - aaf-cs
- - --container-name
- aaf-locate
env:
- name: NAMESPACE
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/oauth"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/oauth/bin/oauth "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
ports:
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.externalPort }}
- #Example internal target port if required
- #targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
name: {{ .Values.service.portName }}
{{- else -}}
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_oauth:2.1.1
+image: onap/aaf/aaf_oauth:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
release: {{ .Release.Name }}
spec:
initContainers:
- - command:
+ - name: {{ include "common.name" . }}-job-complete
+ command:
- /root/job_complete.py
args:
- - -j
- - {{ .Release.Name }}-aaf-create-config
+ - --job-name
+ - {{ .Release.Name }}-create-config
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-job-complete
- - command:
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/ready.py
args:
- --container-name
- aaf-cs
- - --container-name
- - aaf-locate
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- - env:
- - name: CASSANDRA_CLUSTER
- value: cassandra_container
- name: {{ include "common.name" . }}
+ - name: {{ include "common.name" . }}
+ command: ["/bin/bash","/opt/app/aaf/bin/service"]
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/service/bin/service "]
volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-persistent-vol
+ - mountPath: "/opt/app/osaaf"
+ name: shared-config-volume
- mountPath: /etc/localtime
name: localtime
readOnly: true
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- name: localtime
hostPath:
path: /etc/localtime
- - name: aaf-persistent-vol
+ - name: shared-config-volume
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/aaf/aaf_service:2.1.1
+image: onap/aaf/aaf_service:2.1.2-SNAPSHOT
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 300
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 30
periodSeconds: 10
service:
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# BEGIN Store prev
-BD=/opt/app/osaaf/backup
-if [ -e "$BD/6day" ]; then
- rm -Rf $BD/6day
-fi
-
-PREV=$BD/6day
-for D in $BD/5day $BD/4day $BD/3day $BD/2day $BD/yesterday; do
- if [ -e "$D" ]; then
- mv "$D" "$PREV"
- fi
- PREV="$D"
-done
-
-if [ -e "$BD/today" ]; then
- if [ -e "$BD/backup.log" ]; then
- mv $BD/backup.log $BD/today
- fi
- gzip $BD/today/*
- mv $BD/today $BD/yesterday
-fi
-
-mkdir $BD/today
-
-# END Store prev
-date
-docker exec -t aaf_cass bash -c "mkdir -p /opt/app/cass_backup"
-docker container cp $BD/cbackup.sh aaf_cass:/opt/app/cass_backup/backup.sh
-# echo "login as Root, then run \nbash /opt/app/cass_backup/backup.sh"
-docker exec -t aaf_cass bash /opt/app/cass_backup/backup.sh
-docker container cp aaf_cass:/opt/app/cass_backup/. $BD/today
-date
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-cd /opt/app/cass_backup
-DATA="ns role perm ns_attrib user_role cred cert x509 delegate approval approved future notify artifact health history"
-PWD=cassandra
-CQLSH="cqlsh -u cassandra -k authz -p $PWD"
-for T in $DATA ; do
- echo "Creating $T.dat"
- $CQLSH -e "COPY authz.$T TO '$T.dat' WITH DELIMITER='|'"
-done
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#
-# Sample Identities.dat
-# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with
-# out-of-the-box tire-kicking, or even for Small companies
-#
-# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing
-# batch feeds, as is appropriate for your company.
-#
-# Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split
-# out AppIDs, choose your own status indicators, or whatever you use.
-# 0 - unique ID
-# 1 - full name
-# 2 - first name
-# 3 - last name
-# 4 - phone
-# 5 - official email
-# 6 - employment status e=employee, c=contractor, a=application, n=no longer with company
-# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
-#
-
-iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e|
-mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna
-bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager
-mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager
-ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager
-iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager
-osaaf|ID of AAF|||||a|bdevl
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# Sample Identities.dat
-# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with
-# out-of-the-box tire-kicking, or even for Small companies
-#
-# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing
-# batch feeds, as is appropriate for your company.
-#
-# Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split
-# out AppIDs, choose your own status indicators, or whatever you use.
-# 0 - unique ID
-# 1 - full name
-# 2 - first name
-# 3 - last name
-# 4 - phone
-# 5 - official email
-# 6 - employment status e=employee, c=contractor, a=application, n=no longer with company
-# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
-#
-
-iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e|
-mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna
-bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager
-mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager
-ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager
-iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager
-osaaf|ID of AAF|||||a|bdevl
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-##
-## org.osaaf.cm.props
-## AAF Certificate Manager properties
-## Note: Link to CA Properties in "local" dir
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/local/org.osaaf.cm.ca.props
-aaf_component=AAF_NS.cm:2.1.0.0
-port=8150
-cadi_registration_hostname={{.Values.config.cmServiceName}}
-#Certman
-cm_public_dir=/opt/app/osaaf/public
-cm_trust_cas=AAF_RootCA.cer
-
-
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-############################################################
-# Common properties for all AAF Components
-# on 2018-03-02 06:59.628-0500
-############################################################
-# Pull in Global Coordinates and Certificate Information
-aaf_root_ns=org.osaaf.aaf
-aaf_trust_perm=org.osaaf.aaf|org.onap|trust
-
-cadi_prop_files=/opt/app/osaaf/local/org.osaaf.location.props:/opt/app/osaaf/local/org.osaaf.aaf.props
-cadi_protocols=TLSv1.1,TLSv1.2
-
-aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
-cadi_loginpage_url=https://AAF_LOCATE_URL/AAF_NS.gui:2.0/login
-
-# Standard for this App/Machine
-aaf_env=DEV
-aaf_data_dir=/opt/app/osaaf/data
-cadi_loglevel=DEBUG
-
-# Domain Support (which will accept)
-aaf_domain_support=.com:.org
-
-# Basic Auth
-aaf_default_realm=people.osaaf.org
-
-# OAuth2
-aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
-aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
-
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.locator
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props
-aaf_component=AAF_NS.fs:2.1.0.0
-port=8096
-cadi_registration_hostname={{.Values.config.fsServiceName}}
-
-aaf_public_dir=/opt/app/osaaf/public
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.locator
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/etc/org.osaaf.orgs.props
-aaf_component=AAF_NS.gui:2.1.0.0
-port=8200
-cadi_registration_hostname={{.Values.config.guiServiceName}}
-
-aaf_gui_title=AAF
-aaf_gui_copyright=(c) 2018 AT&T Intellectual Property. All rights reserved.
-aaf_gui_theme=theme/onap
-cadi_loginpage_url=https://AAF_LOCATE_URL/com.att.aaf.gui:2.0/login
-
-# GUI URLS and Help URLS
-cm_url=https://{{.Values.config.cmServiceName}}:8150
-gw_url=https://{{.Values.config.locateServiceName}}:8095
-fs_url=http://{{.Values.config.fsServiceName}}:8096
-
-aaf_url.gui_onboard=https://wiki.web.att.com/display/aaf/OnBoarding
-aaf_url.cuigui=https://wiki.web.att.com/display/aaf/Using+the+Command+Prompt
-
-aaf_url.aaf_help=https://wiki.onap.org/display/DW/Application+Authorization+Framework+Documentation
-aaf_url.aaf_help.sub=Bootstrapping+AAF,Installation+Guide
-aaf_url.aaf_help.sub.Bootstrapping+AAF=https://wiki.onap.org/display/DW/Bootstrapping+AAF
-aaf_url.aaf_help.sub.Installation+Guide=https://wiki.onap.org/display/DW/AAF+Installation+Guide
-#aaf_url.cadi_help=
-aaf_url.tools=AAF+Projects,AAF+Jira,AAF+Calendar
-aaf_url.tool=AAF+Jira=https://jira.onap.org/secure/RapidBoard.jspa?rapidView=69&projectKey=AAF&view=detail&selectedIssue=AAF-134
-aaf_url.tool.AAF+Projects=https://gerrit.onap.org/r/#/admin/projects/?filter=aaf%2F
-aaf_url.tool.AAF+Calendar=https://wiki.onap.org/pages/viewpage.action?pageId=6587439
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.locator
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props
-aaf_component=AAF_NS.hello:2.1.0.0
-port=8130
-cadi_registration_hostname={{.Values.config.helloServiceName}}
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.locator
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props
-aaf_component=AAF_NS.locator:2.1.0.0
-port=8095
-cadi_registration_hostname={{.Values.config.locateServiceName}}
+++ /dev/null
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-log4j.appender.INIT=org.apache.log4j.DailyRollingFileAppender
-log4j.appender.INIT.File=${LOG4J_FILENAME_init}
-log4j.appender.INIT.DatePattern='.'yyyy-MM-dd
-log4j.appender.INIT.layout=org.apache.log4j.PatternLayout
-log4j.appender.INIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n
-
-log4j.appender.SRVR=org.apache.log4j.DailyRollingFileAppender
-log4j.appender.SRVR.File=${LOG4J_FILENAME_service}
-log4j.appender.SRVR.DatePattern='.'yyyy-MM-dd
-log4j.appender.SRVR.layout=org.apache.log4j.PatternLayout
-log4j.appender.SRVR.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %p [%c] %m %n
-
-log4j.appender.AUDIT=org.apache.log4j.DailyRollingFileAppender
-log4j.appender.AUDIT.File=${LOG4J_FILENAME_audit}
-log4j.appender.AUDIT.DatePattern='.'yyyy-MM-dd
-log4j.appender.AUDIT.layout=org.apache.log4j.PatternLayout
-log4j.appender.AUDIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n
-
-log4j.appender.stdout=org.apache.log4j.ConsoleAppender
-log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
-log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] %m %n
-
-# General Apache libraries
-log4j.rootLogger=WARN.SRVR
-log4j.logger.org.apache=WARN,SRVR
-log4j.logger.com.datastax=WARN,SRVR
-log4j.logger.init=INFO,INIT
-log4j.logger.service=${LOGGING_LEVEL},SRVR
-log4j.logger.audit=INFO,AUDIT
-# Additional configs, not cauth with Root Logger
-log4j.logger.io.netty=INFO,SRVR
-log4j.logger.org.eclipse=INFO,SRVR
-
-
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-##
-## org.osaaf.locator
-## AAF Locator Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props
-aaf_component=AAF_NS.oauth:2.1.0.0
-port=8140
-cadi_registration_hostname={{.Values.config.oauthServiceName}}
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#
-# Define Organizations for use in some of the components. Not all use them
-#
-Organization.org.osaaf=org.onap.aaf.org.DefaultOrg
-org.osaaf.mailHost=smtp.mail.att.com
-org.osaaf.mailFrom=DL-aaf-support@aaf.att.com
-org.osaaf.default=true
-org.osaaf.also_supports=org.osaaf.people
-
-
-
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-##
-## org.osaaf.service
-## AAF Service Properties
-##
-cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/etc/org.osaaf.orgs.props
-aaf_component=AAF_NS.service:2.1.0.0
-port=8100
-cadi_registration_hostname={{.Values.config.serviceServiceName}}
+++ /dev/null
-name = localca
+++ /dev/null
-rmaOaytuFLnhz07oilUO0nO_mZ18XInIi56OoezdUTR5f1GR45lp_nX7marcYv7j2ZS-dpWOSur0
-sK5M-ByrgxfUPyk749Ex4nGSMLnAq-nFMaREpGZPmNP-ul_vCxCmaHUnWKPJB4jx_K_osKPb0-ng
-tqX0hnpbmcq4okV94MUdUs084ymM5LU-qVU_oYbLUM4dXatobe1go8eX2umrutZbQTjz75i4UEcF
-Dv9nDwVqHRGUFMU0NeJlrSlRSO-eiDgVtoSCBGtIkDdKPBTUT3wachHmUBiSBJ3GF05yQP1CwWzz
-AQRSwphP11xKI7tSViT5RoxjxfQZiVEbeyg9g9BROe_pLyIDskoW_ujdnPOWRcSIx6Q4J0eew3kb
-yqcWUPf1K2nSyBSshlsQ6A9NSOLz_KhyIvP_1OG82m1gir3I77Usl7QqMF8IBXCjJ-H_qqR1u-By
-qm_AFjagYA2TgF2YQN-fcneom_5_cA74_xwJ41juhOP72ZWGkX1bAdbiKf85uYo2H3g5HeNWijQL
-y4wJ4qFrSptQRyV2Ntf9OLgpOsKsPPiLlNBugmCjHBMaPMbQAYRbsyCH2nKdjjTG3c6iF5Cj9Jco
-6McvcrYYuq3ynH-2HoL-T-Zgl2AXLxqK4_dl_H243H-GutoJsmIkELLGS_pCpSt4t7xaDvzqxrTj
-4qZ1OjozcpnsqM8HebS28IgoqFaOmrCMqO1MLM_CjAyliTy31P28XEbcYvjEY-FWmnJRSpMLc1Pz
--KOH-2V8uTqn5YlUsFt2TNnc8lEwMH6GSV1vkgxwPQaMUgWV2svc0FfBmTLZI4zNmpMu4cGjaG-f
-Z8r_hX7pDPANBTaqFxTp999dnaS3lLdZMNbJNEKFF0xxdRuBzsPKDiLa7ItixInZlUcEnwJVWOhC
-kcI2J0cEFGxHxWYmYdqyJIvQzjebk6iDqB-mLi0ai-_XYm1niCxZizT_XJADo9LQtTzq1V6pMgYR
-PPfbDKoiYRK6D8nbWsGNOh6xOS7zs8qrnTPxwu5CuZX_EFoejmooHTrXEqw2RzRFw9XqXM8p50C3
-YrwI2lA6kTQItGm0yftAxqfbhbjJp_K1P91ckOYL3ZSYze_hXRmguwYuT5NWlKhBtm5aawuDjXEg
-yn7PnRTT0smW40hbYbks5L-2VVxTd3tith6Ltqh95miL6vpG5ByDDQlZCWwkq7XH7iScejDvT6UN
-jF1K86mNa8CLXuuSzGl1li1CMxoVzW55G3s0-ICDHqjytiUkiUen2V9VzGT9h4BgDfzbShf31M4_
-biO4NL-mkqlDBbh-KcrYjvNj5qQwHSiLSLuQQBoBtJ3hG9jCu4YBYVWJYctV8r3Js_sGDH4rl5w1
-ujEF6QHWZIF73-u53G_LtvoXBnQcrBW8oLpqP-1Pz5d1bio--bRsNa5qAAilNbYmttiKYOYJn4My
-c6QvzF81SqTRZy0Fd0NK_hMCglPkH7sd32UX-LBquvQ_yDqB_ml_pADJhWcfuD4iPAQjR2Vgclxf
-GPCDva6YpJDzjjnaExDYmGFVFpbIPLfvGUCit_9zAycx0nW1J_cVT1BWFHijjAh_gnIpa6MtY3BE
-G3d8ee6_LAQvvVdBwZ955UwyRd-C7Buc7Xcccw-8hcNBKqOCDlE9j4tie2SdO9m53vZRzcLY6Aiw
-BiulIAllqHZQYs0OBcaYgbNgJU-gn9ZMWgS9i3ijPvTTBSNX7y7k4L1a4QOceyuOtt7nkv024YUS
-acTRmaGotRBuVfI-C0L4Q9NL56_nUATB5ca2GqgLEKnWKsiN3T9cBg4Ji88E8OdiVcoO8segB-0d
-QwWCqCZ8_z_R7zBMlDqpfu5wbvoVx0w9JhLgO9f7eoRozqA3qGLv94i1pN6LuU-Q7YPz4jVxmbb_
-2CHyP1n-o1ZWHfWdz6aByXEzrAZdvjfEWwwMYV5l5jFilTXaCNOCjr9S4YjNn0HITdl7E64C06Im
-3QWOsnDv9z1APjnFo12KH_1yWscU0t9gx7FG210Ug6C-G3Bko_tm_YOp0Lkum4qrnxgHMf_a
\ No newline at end of file
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-cm_url=https://{{.Values.config.cmServiceName}}:8150
-#hostname=aaf.osaaf.org
-aaf_env=DEV
-cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US
-cadi_keyfile=/opt/app/osaaf/local/org.osaaf.aaf.keyfile
-cadi_keystore=/opt/app/osaaf/local/org.osaaf.aaf.p12
-cadi_keystore_password=enc:fDY3WPPqHCMQaZdox2UfpRoEq6b9wUqS-aepo0NiqEFa2t7uYHBdxfQAuEwj9Lwb
-#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)>
-cadi_alias=aaf-authz@aaf.osaaf.org
-cadi_truststore=/opt/app/osaaf/local/org.osaaf.aaf.trust.p12
-cadi_truststore_password=enc:5nzj6v3Rb0oZPV1zCxg8EJFfkFvWFGJflLB0i_FN0Np
+++ /dev/null
-############################################################
-# Cassandra properties for AAF Components needing
-# on 2018-03-02 06:59.628-0500
-############################################################
-# LOCAL Cassandra
-cassandra.clusters={{.Values.config.csServiceName}}
-cassandra.clusters.port=9042
-#need this to be fully qualified name when REAL AAF integration
-cassandra.clusters.user=cassandra
-cassandra.clusters.password=enc:gF_I93pTRMIvj3rof-dx-yK84XYT1UKGf98s1LAJyWV
-
-# Name for exception that has happened in the past
-cassandra.reset.exceptions=com.datastax.driver.core.exceptions.NoHostAvailableException:"no host was tried":"Connection has been closed"
-
-# Example Consistency Settings for Clusters with at least instances
-#cassandra.writeConsistency.ns=LOCAL_QUORUM
-#cassandra.writeConsistency.perm=LOCAL_QUORUM
-#cassandra.writeConsistency.role=LOCAL_QUORUM
-#cassandra.writeConsistency.user_role=LOCAL_QUORUM
-#cassandra.writeConsistency.cred=LOCAL_QUORUM
-#cassandra.writeConsistency.ns_attrib=LOCAL_QUORUM
-
-# Consistency Settings when Single Instance
-cassandra.writeConsistency.ns=ONE
-cassandra.writeConsistency.perm=ONE
-cassandra.writeConsistency.role=ONE
-cassandra.writeConsistency.user_role=ONE
-cassandra.writeConsistency.cred=ONE
-cassandra.writeConsistency.ns_attrib=ONE
+++ /dev/null
-##
-## org.osaaf.cm.ca.props
-## Properties to access Certifiate Authority
-##
-
-#Certman
-cm_ca.local=org.onap.aaf.auth.cm.ca.LocalCA,/opt/app/osaaf/local/org.osaaf.aaf.cm.p12;aaf_cm_ca;enc:asFEWMNqjH7GktBLb9EGl6L1zfS2qMH5ZS5Zd90KVT5B9ZyRsqx7Gb73YllO8Hyw
-cm_ca.local.idDomains=org.osaaf
-cm_ca.local.baseSubject=/OU=OSAAF/O=ONAP/C=US
-cm_ca.local.perm_type=org.osaaf.aaf.ca
-
+++ /dev/null
-##
-## org.osaaf.location.props
-##
-## Localized Machine Information
-##
-# Almeda California
-cadi_latitude=37.78187
-cadi_longitude=-122.26147
-
-#cadi_registration_hostname=aaf-onap-beijing-test.osaaf.org
-cadi_trust_masks=10.12.6/24
-aaf_locate_url=https://{{.Values.config.locateServiceName}}:8095
+++ /dev/null
-Public directory left empty on purpose. Content of https://gerrit.onap.org/r/gitweb?p=aaf/authz.git;a=tree;f=auth/sample/public;h=1b387b7858134f80446f006b6d570fa534da3153;hb=refs/heads/master is cloned and mounted into AAF container volume via init container. This is done to dramatically reduce the size of configuration that was being put into a configmap that was exceeding helm configmap limit of 1MB per deployment.
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Release.Name }}-aaf-backup
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/backup/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Release.Name }}-aaf-local
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/local/org.osaaf.location.props").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/local/org.osaaf.cm.ca.props").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/local/org.osaaf.cassandra.props").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/local/org.osaaf.aaf.props").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Release.Name }}-aaf-etc
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/etc/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Release.Name }}-aaf-data
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/data/*").AsConfig . | indent 2 }}
apiVersion: batch/v1
kind: Job
metadata:
- name: {{ include "common.fullname" . }}-create-config
+ name: {{ .Release.Name }}-create-config
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
app: aaf-init-job
release: {{ .Release.Name }}
spec:
- initContainers:
- - name: {{ include "common.name" . }}-inject-config
- command:
- - /bin/bash
- - -c
- - >
- git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit;
- echo "Clone complete. Copying from /tmp/gerrit/ to /public";
- cp -rf /tmp/gerrit/auth/sample/public/* /public;
- echo "Done.";
- image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.global.ubuntuInitImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - name: aaf-public
- mountPath: "/public"
containers:
- - command: ["/bin/bash","-c","if [ ! -d /data/backup ]; then mkdir /data/data && cp -Ra /data1/data/..data/* /data/data/ && mkdir /data/etc && cp -Ra /data1/etc/..data/* data/etc/ && mkdir /data/backup && cp -Ra /data1/backup/..data/* /data/backup/ && cp -Ra /data1/public /data/ && cp -Ra /data1/local /data && mkdir -p /data/logs/oauth && mkdir -p /data/logs/hello && mkdir -p /data/logs/fs && mkdir -p /data/logs/gui && mkdir -p /data/logs/locate && mkdir -p /data/logs/cm && mkdir -p /data/logs/service; fi; exit 0"]
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ - name: {{ include "common.name" . }}-config-container
+ image: "{{ include "common.repository" . }}/{{ .Values.aaf_config.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: aaf-init-job
volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /data
- name: aaf-persistent-data
- - mountPath: /data1/etc
- name: aaf-etc
- - mountPath: /data1/data
- name: aaf-data
- - mountPath: /data1/public/iframe_denied_test.html
- name: aaf-public
- subPath: iframe_denied_test.html
- - mountPath: /data1/public/aaf_2_0.xsd
- name: aaf-public
- subPath: aaf_2_0.xsd
- - mountPath: /data1/public/truststoreONAP.p12
- name: aaf-public
- subPath: truststoreONAP.p12
- - mountPath: /data1/public/AAF_RootCA.cer
- name: aaf-public
- subPath: AAF_RootCA.cer
- - mountPath: /data1/public/truststoreONAPall.jks
- name: aaf-public
- subPath: truststoreONAPall.jks
- - mountPath: /data1/local/org.osaaf.location.props
- name: aaf-local
- subPath: org.osaaf.location.props
- - mountPath: /data1/local/org.osaaf.cm.ca.props
- name: aaf-local
- subPath: org.osaaf.cm.ca.props
- - mountPath: /data1/local/org.osaaf.cassandra.props
- name: aaf-local
- subPath: org.osaaf.cassandra.props
- - mountPath: /data1/local/org.osaaf.aaf.props
- name: aaf-local
- subPath: org.osaaf.aaf.props
- - mountPath: /data1/local/org.osaaf.aaf.trust.p12
- name: aaf-local-secret
- subPath: org.osaaf.aaf.trust.p12
- - mountPath: /data1/local/org.osaaf.aaf.p12
- name: aaf-local-secret
- subPath: org.osaaf.aaf.p12
- - mountPath: /data1/local/org.osaaf.aaf.keyfile
- name: aaf-local-secret
- subPath: org.osaaf.aaf.keyfile
- - mountPath: /data1/local/org.osaaf.aaf.cm.p12
- name: aaf-local-secret
- subPath: org.osaaf.aaf.cm.p12
- - mountPath: /data1/backup
- name: aaf-backup
- - mountPath: /share
- name: aaf-public
+ - mountPath: "/opt/app/osaaf"
+ name: {{ include "common.name" . }}-config-vol
+ env:
+ - name: HOSTNAME
+ value: "{{ .Values.global.cadi.hostname }}"
+ - name: AAF_ENV
+ value: "{{ .Values.global.cadi.aaf_env }}"
+ - name: AAF_REGISTER_AS
+ value: "{{ .Values.global.cadi.aaf_register_as }}"
+ - name: LATITUDE
+ value: "{{ .Values.global.cadi.cadi_latitude }}"
+ - name: LONGITUDE
+ value: "{{ .Values.global.cadi.cadi_longitude }}"
+ - name: CASS_HOST
+ value: "{{ .Values.global.cassandraServiceName }}"
+ - name: AAF_LOCATOR_AS
+ value: "{{ .Values.global.locateServiceName }}"
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: aaf-local-secret
- secret:
- secretName: {{ .Release.Name }}-aaf-local-secret
- - name: aaf-etc
- configMap:
- name: {{ .Release.Name }}-aaf-etc
- - name: aaf-local
- configMap:
- name: {{ .Release.Name }}-aaf-local
- - name: aaf-backup
- configMap:
- name: {{ .Release.Name }}-aaf-backup
- - name: aaf-data
- configMap:
- name: {{ .Release.Name }}-aaf-data
- - name: aaf-persistent-data
+ - name: {{ include "common.name" . }}-config-vol
{{- if .Values.global.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-pvc
+ claimName: {{ .Release.Name }}-config
{{- else }}
emptyDir: {}
{{- end }}
- - name: aaf-public
- emptyDir: {}
restartPolicy: OnFailure
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
# limitations under the License.
*/}}
-{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.config.existingClaim) }}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ .Release.Name }}-config
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.name" . }}
+ app: {{ include "common.name" . }}-config
chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
name: {{ include "common.fullname" . }}
spec:
capacity:
- storage: {{ .Values.persistence.size}}
+ storage: {{ .Values.persistence.config.size}}
accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ - {{ .Values.persistence.config.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }}
hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.config.mountSubPath }}
+{{- if .Values.persistence.config.storageClass }}
+{{- if (eq "-" .Values.persistence.config.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.config.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end }}
+---
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.logs.existingClaim) }}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ .Release.Name }}-logs
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-logs
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.logs.size}}
+ accessModes:
+ - {{ .Values.persistence.logs.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.logs.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.logs.mountSubPath }}
+{{- if .Values.persistence.logs.storageClass }}
+{{- if (eq "-" .Values.persistence.logs.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.logs.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
# limitations under the License.
*/}}
-{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.config.existingClaim) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
- name: {{ .Release.Name }}-aaf-pvc
+ name: {{ .Release.Name }}-config
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.name" . }}
+ app: {{ include "common.name" . }}-config
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
+{{- if .Values.persistence.config.annotations }}
annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{ toYaml .Values.persistence.config.annotations | indent 4 }}
{{- end }}
spec:
selector:
matchLabels:
- name: {{ include "common.fullname" . }}
+ app: {{ include "common.name" . }}-config
accessModes:
- - {{ .Values.persistence.accessMode }}
+ - {{ .Values.persistence.config.accessMode }}
resources:
requests:
- storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
+ storage: {{ .Values.persistence.config.size }}
+{{- if .Values.persistence.config.storageClass }}
+{{- if (eq "-" .Values.persistence.config.storageClass) }}
storageClassName: ""
{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
+ storageClassName: "{{ .Values.persistence.config.storageClass }}"
{{- end }}
{{- end }}
-{{- end -}}
+{{- end }}
+---
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.logs.existingClaim) }}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ .Release.Name }}-logs
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-logs
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.logs.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.logs.annotations | indent 4 }}
+{{- end }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}-logs
+ accessModes:
+ - {{ .Values.persistence.logs.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.logs.size }}
+{{- if .Values.persistence.logs.storageClass }}
+{{- if (eq "-" .Values.persistence.logs.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.logs.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
\ No newline at end of file
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ .Release.Name}}-aaf-local-secret
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
-{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.trust.p12").AsSecrets | indent 2 }}
-{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.p12").AsSecrets | indent 2 }}
-{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.keyfile").AsSecrets | indent 2 }}
-{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.cm.p12").AsSecrets | indent 2 }}
-type: Opaque
ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
persistence:
enabled: true
+
+ cadi:
+ hostname: "aaf.onap"
+ cadi_latitude: "38.0"
+ cadi_longitude: "-72.0"
+ aaf_env: "DEV"
+ aaf_register_as: "aaf.onap"
+ cassandraServiceName: aaf-cass
+ locateServiceName: aaf-locate
+
#################################################################
# Application configuration defaults.
#################################################################
-config:
- serviceServiceName: aaf-service
- locateServiceName: aaf-locate
- cmServiceName: aaf-cm
- fsServiceName: aaf-fs
- guiServiceName: aaf-gui
- helloServiceName: aaf-hello
- oauthServiceName: aaf-oauth
- csServiceName: aaf-cass
- # gerrit branch where the latest aaf/auth/sample/public code exists
- gerritProject: http://gerrit.onap.org/r/aaf/authz.git
- gerritBranch: 2.0.0-ONAP
+repository: nexus3.onap.org:10001
+aaf_config:
+ image: onap/aaf/aaf_config:2.1.2-SNAPSHOT
flavor: small
# default number of instances
## Persist data to a persitent volume
persistence:
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
+ mountPath: "/mnt/data/aaf"
+ enabled: true
+ config:
+ #existingClaim:
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteMany
+ size: 2Gi
+ mountSubPath: "config"
+ storageClass: "manual"
+ logs:
+ #existingClaim:
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteMany
+ size: 2Gi
+ mountSubPath: "logs"
+ storageClass: "manual"
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- ##
- # storageClass: "-"
- accessMode: ReadWriteMany
- size: 2Gi
- mountPath: /dockerdata-nfs
- mountSubPath: aaf/data
+aaf-cs:
+ persistence:
+ #existingClaim:
+ mountPath: /dockerdata-nfs
+ mountSubPath: "cass"
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteOnce
+ size: 10Gi
+ storageClass: "manual"
-# Configure resource requests and limits
-resources:
- small:
- limits:
- cpu: 2
- memory: 3Gi
- requests:
- cpu: 2
- memory: 3Gi
- large:
- limits:
- cpu: 4
- memory: 6Gi
- requests:
- cpu: 4
- memory: 6Gi
- unlimited: {}
+resources: {}
\ No newline at end of file
Code Review / oom.git / commitdiff