company: 'ATT'
id: 'xuegao'
timezone: 'Belgium/Namur'
+ - name: 'Brian Freeman'
+ email: 'bf1936@att.com'
+ company: 'ATT'
+ id: 'bdfreeman1421'
+ timezone: 'America/New_York'
+ - name: 'Yang Xu'
+ email: 'Yang.Xu3@huawei.com'
+ company: 'Huawei'
+ id: 'xuyang11'
+ timezone: 'America/New_York'
tsc:
approval: 'https://lists.onap.org/pipermail/onap-tsc'
+ changes:
+ - type: 'Addition'
+ name: 'Brian Freeman'
+ name: 'Yang Xu'
+ link: 'TBD'
\ No newline at end of file
# HTTP
# basic (challenging)
# proxy (not challenging, needs xff)
-# kerberos (challenging)
# clientcert (not challenging, needs https)
-# jwt (not challenging)
# host (not challenging) #DEPRECATED, will be removed in a future version.
# host based authentication is configurable in sg_roles_mapping
# Authc
# internal
# noop
-# ldap
# Authz
-# ldap
# noop
+# Some SearchGuard functionality is licensed under Apache-2.0, while other functionality is non-free;
+# see https://github.com/floragunncom/search-guard. The functionality enabled in this configuration
+# file only include those that are licensed under Apache-2.0. Please use care and review SearchGuard's
+# license details before enabling any additional features here.
+
searchguard:
dynamic:
# Set filtered_alias_mode to 'disallow' to forbid more than 2 filtered aliases per index
# Set filtered_alias_mode to 'warn' to allow more than 2 filtered aliases per index but warns about it (default)
# Set filtered_alias_mode to 'nowarn' to allow more than 2 filtered aliases per index silently
#filtered_alias_mode: warn
- #kibana:
- # Kibana multitenancy
- # see https://github.com/floragunncom/search-guard-docs/blob/master/multitenancy.md
- # To make this work you need to install https://github.com/floragunncom/search-guard-module-kibana-multitenancy/wiki
- #multitenancy_enabled: true
- #server_username: kibanaserver
- #index: '.kibana'
- #do_not_fail_on_forbidden: false
http:
anonymous_auth_enabled: false
xff:
###### and here https://tools.ietf.org/html/rfc7239
###### and https://tomcat.apache.org/tomcat-8.0-doc/config/valve.html#Remote_IP_Valve
authc:
- kerberos_auth_domain:
- http_enabled: false
- transport_enabled: false
- order: 6
- http_authenticator:
- type: kerberos
- challenge: true
- config:
- # If true a lot of kerberos/security related debugging output will be logged to standard out
- krb_debug: false
- # If true then the realm will be stripped from the user name
- strip_realm_from_principal: true
- authentication_backend:
- type: noop
basic_internal_auth_domain:
http_enabled: true
transport_enabled: true
challenge: false
authentication_backend:
type: noop
- ldap:
- http_enabled: false
- transport_enabled: false
- order: 5
- http_authenticator:
- type: basic
- challenge: false
- authentication_backend:
- # LDAP authentication backend (authenticate users against a LDAP or Active Directory)
- type: ldap
- config:
- # enable ldaps
- enable_ssl: false
- # enable start tls, enable_ssl should be false
- enable_start_tls: false
- # send client certificate
- enable_ssl_client_auth: false
- # verify ldap hostname
- verify_hostnames: true
- hosts:
- - localhost:8389
- bind_dn: null
- password: null
- userbase: 'ou=people,dc=example,dc=com'
- # Filter to search for users (currently in the whole subtree beneath userbase)
- # {0} is substituted with the username
- usersearch: '(sAMAccountName={0})'
- # Use this attribute from the user as username (if not set then DN is used)
- username_attribute: null
- authz:
- roles_from_myldap:
- http_enabled: false
- transport_enabled: false
- authorization_backend:
- # LDAP authorization backend (gather roles from a LDAP or Active Directory, you have to configure the above LDAP authentication backend settings too)
- type: ldap
- config:
- # enable ldaps
- enable_ssl: false
- # enable start tls, enable_ssl should be false
- enable_start_tls: false
- # send client certificate
- enable_ssl_client_auth: false
- # verify ldap hostname
- verify_hostnames: true
- hosts:
- - localhost:8389
- bind_dn: null
- password: null
- rolebase: 'ou=groups,dc=example,dc=com'
- # Filter to search for roles (currently in the whole subtree beneath rolebase)
- # {0} is substituted with the DN of the user
- # {1} is substituted with the username
- # {2} is substituted with an attribute value from user's directory entry, of the authenticated user. Use userroleattribute to specify the name of the attribute
- rolesearch: '(member={0})'
- # Specify the name of the attribute which value should be substituted with {2} above
- userroleattribute: null
- # Roles as an attribute of the user entry
- userrolename: disabled
- #userrolename: memberOf
- # The attribute in a role entry containing the name of that role, Default is "name".
- # Can also be "dn" to use the full DN as rolename.
- rolename: cn
- # Resolve nested roles transitive (roles which are members of other roles and so on ...)
- resolve_nested_roles: true
- userbase: 'ou=people,dc=example,dc=com'
- # Filter to search for users (currently in the whole subtree beneath userbase)
- # {0} is substituted with the username
- usersearch: '(uid={0})'
- # Skip users matching a user name, a wildcard or a regex pattern
- #skip_users:
- # - 'cn=Michael Jackson,ou*people,o=TEST'
- # - '/\S*/'
- roles_from_another_ldap:
- enabled: false
- authorization_backend:
- type: ldap
- #config goes here ...
+ authz:
\ No newline at end of file
# See the License for the specific language governing permissions and
# limitations under the License.
-startODL_status=$(ps -e | grep startODL | wc -l)
waiting_bundles=$(/opt/opendaylight/current/bin/client bundle:list | grep Waiting | wc -l)
run_level=$(/opt/opendaylight/current/bin/client system:start-level)
- if [ "$run_level" == "Level 100" ] && [ "$startODL_status" -lt "1" ] && [ "$waiting_bundles" -lt "1" ]
+ if [ "$run_level" == "Level 100" ] && [ "$waiting_bundles" -lt "1" ]
then
echo APPC is healthy.
else
# limitations under the License.
apiVersion: v1
-description: ONAP Common Design Studio
+description: ONAP Controller Design Studio (CDS)
name: cds
version: 4.0.0
# limitations under the License.
apiVersion: v1
-description: Blueprints Processor Micro Service
-name: blueprints-processor
+description: ONAP CDS Blueprints Processor
+name: cds-blueprints-processor
version: 4.0.0
\ No newline at end of file
-# Copyright (c) 2019 IBM, Bell Canada.\r
-#\r
-# Licensed under the Apache License, Version 2.0 (the "License");\r
-# you may not use this file except in compliance with the License.\r
-# You may obtain a copy of the License at\r
-#\r
-# http://www.apache.org/licenses/LICENSE-2.0\r
-#\r
-# Unless required by applicable law or agreed to in writing, software\r
-# distributed under the License is distributed on an "AS IS" BASIS,\r
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
-# See the License for the specific language governing permissions and\r
-# limitations under the License.\r
-\r
-# Functionality config\r
-blueprintsprocessor.grpcEnable=true\r
-blueprintsprocessor.restconfEnabled=true\r
-blueprintsprocessor.httpPort=8080\r
-blueprintsprocessor.grpcPort=9111\r
-\r
-# Basic Authentication\r
-security.user.password: {bcrypt}$2a$10$duaUzVUVW0YPQCSIbGEkQOXwafZGwQ/b32/Ys4R1iwSSawFgz7QNu\r
-security.user.name: ccsdkapps\r
-\r
-# Blueprint Processor File Execution and Handling Properties\r
-blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy\r
-blueprintsprocessor.blueprintArchivePath=/opt/app/onap/blueprints/archive\r
-\r
-# Primary Database Configuration\r
-blueprintsprocessor.db.primary.url=jdbc:mysql://cds-db:3306/sdnctl\r
-blueprintsprocessor.db.primary.username=sdnctl\r
-blueprintsprocessor.db.primary.password=sdnctl\r
-blueprintsprocessor.db.primary.driverClassName=org.mariadb.jdbc.Driver\r
-blueprintsprocessor.db.primary.hibernateHbm2ddlAuto=update\r
-blueprintsprocessor.db.primary.hibernateDDLAuto=update\r
-blueprintsprocessor.db.primary.hibernateNamingStrategy=org.hibernate.cfg.ImprovedNamingStrategy\r
-blueprintsprocessor.db.primary.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialect\r
-\r
-# Python executor\r
-blueprints.processor.functions.python.executor.executionPath=/opt/app/onap/scripts/jython/ccsdk_blueprints\r
-blueprints.processor.functions.python.executor.modulePaths=/opt/app/onap/scripts/jython/ccsdk_blueprints,/opt/app/onap/scripts/jython/ccsdk_netconf\r
-\r
-# SDN-C's ODL Restconf Connection Details\r
-blueprintsprocessor.restclient.sdncodl.type=basic-auth\r
-blueprintsprocessor.restclient.sdncodl.url=http://sdnc:8282/\r
-blueprintsprocessor.restclient.sdncodl.username=admin\r
-blueprintsprocessor.restclient.sdncodl.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
\ No newline at end of file
+#
+# Copyright (c) 2017-2019 AT&T, IBM, Bell Canada, Nordix Foundation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Web server config
+blueprintsprocessor.grpcEnable=true
+blueprintsprocessor.httpPort=8080
+blueprintsprocessor.grpcPort=9111
+
+# Blueprint Processor File Execution and Handling Properties
+blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy
+blueprintsprocessor.blueprintArchivePath=/opt/app/onap/blueprints/archive
+blueprintsprocessor.blueprintWorkingPath=/opt/app/onap/blueprints/work
+
+# Primary Database Configuration
+blueprintsprocessor.db.primary.url=jdbc:mysql://cds-db:3306/sdnctl
+blueprintsprocessor.db.primary.username=sdnctl
+blueprintsprocessor.db.primary.password=sdnctl
+blueprintsprocessor.db.primary.driverClassName=org.mariadb.jdbc.Driver
+blueprintsprocessor.db.primary.hibernateHbm2ddlAuto=update
+blueprintsprocessor.db.primary.hibernateDDLAuto=update
+blueprintsprocessor.db.primary.hibernateNamingStrategy=org.hibernate.cfg.ImprovedNamingStrategy
+blueprintsprocessor.db.primary.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialect
+
+# Python executor
+blueprints.processor.functions.python.executor.executionPath=/opt/app/onap/scripts/jython/ccsdk_blueprints
+blueprints.processor.functions.python.executor.modulePaths=/opt/app/onap/scripts/jython/ccsdk_blueprints,/opt/app/onap/scripts/jython/ccsdk_netconf,/opt/app/onap/scripts/jython/ccsdk_restconf
+
+security.user.password: {bcrypt}$2a$10$duaUzVUVW0YPQCSIbGEkQOXwafZGwQ/b32/Ys4R1iwSSawFgz7QNu
+security.user.name: ccsdkapps
+
+# SDN-C's ODL Restconf Connection Details
+blueprintsprocessor.restconfEnabled=true
+blueprintsprocessor.restclient.sdncodl.type=basic-auth
+blueprintsprocessor.restclient.sdncodl.url=http://sdnc:8282/
+blueprintsprocessor.restclient.sdncodl.username=admin
+blueprintsprocessor.restclient.sdncodl.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+
+# Executor Options
+blueprintprocessor.resourceResolution.enabled=true
+blueprintprocessor.netconfExecutor.enabled=true
+blueprintprocessor.restConfExecutor.enabled=true
+blueprintprocessor.remoteScriptCommand.enabled=true
+
+# Command executor
+blueprintsprocessor.grpcclient.remote-python.type=token-auth
+blueprintsprocessor.grpcclient.remote-python.host=cds-command-executor
+blueprintsprocessor.grpcclient.remote-python.port=50051
+blueprintsprocessor.grpcclient.remote-python.token=Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
\ No newline at end of file
<logger name="org.hibernate" level="error"/>
<logger name="org.onap.ccsdk.apps" level="info"/>
- <root level="warn">
+ <root level="info">
<appender-ref ref="STDOUT"/>
</root>
value: {{ .Values.config.appConfigDir }}
ports:
- containerPort: {{ .Values.service.http.internalPort }}
- {{ if .Values.config.grpcEnabled }}
- containerPort: {{ .Values.service.grpc.internalPort }}
- {{ end }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{ if .Values.liveness.enabled }}
- mountPath: {{ .Values.config.appConfigDir }}/logback.xml
name: {{ include "common.fullname" . }}-config
subPath: logback.xml
+ - mountPath: {{ .Values.persistence.deployedBlueprint }}
+ name: {{ include "common.fullname" . }}-blueprints
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
path: application.properties
- key: logback.xml
path: logback.xml
+ - name: {{ include "common.fullname" . }}-blueprints
+ persistentVolumeClaim:
+ claimName: {{ .Release.Name }}-cds-blueprints
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if not .Values.persistence.storageClass -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-blueprints
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}-blueprints
+spec:
+ capacity:
+ storage: {{ .Values.persistence.size}}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+{{- end -}}
+{{- end -}}
\ No newline at end of file
--- /dev/null
+{{/*
+# Copyright © 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ .Release.Name }}-cds-blueprints
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if not .Values.persistence.storageClass }}
+ selector:
+ matchLabels:
+ name: {{ include "common.fullname" . }}-blueprints
+{{- end }}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
internalPort: 9111
externalPort: 9111
+
persistence:
enabled: true
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteMany
+ size: 2Gi
+ enabled: true
+ mountSubPath: cds/blueprints/deploy
+ deployedBlueprint: /opt/app/onap/blueprints/deploy
ingress:
enabled: false
--- /dev/null
+# Copyright (c) 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP CDS Command Executor
+name: cds-command-executor
+version: 4.0.0
\ No newline at end of file
--- /dev/null
+# Copyright (c) 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~4.x-0
+ repository: '@local'
\ No newline at end of file
--- /dev/null
+# Copyright (c) 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - cds-blueprints-processor
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.grpc.internalPort }}
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.grpc.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.grpc.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: {{ .Values.persistence.deployedBlueprint }}
+ name: {{ include "common.fullname" . }}-blueprints
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-blueprints
+ persistentVolumeClaim:
+ claimName: {{ .Release.Name }}-cds-blueprints
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright (c) 2019 Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+
apiVersion: v1
kind: Service
metadata:
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
+ annotations:
spec:
type: {{ .Values.service.type }}
ports:
- - name: {{ .Values.service.portName }}
- {{ if eq .Values.service.type "NodePort" }}
- port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }}
- {{ else }}
- port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- {{ end }}
+ - port: {{ .Values.service.grpc.externalPort }}
+ targetPort: {{ .Values.service.grpc.internalPort }}
+ {{- if eq .Values.service.type "NodePort"}}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ {{- end}}
+ name: {{ .Values.service.grpc.portName | default "grpc" }}
selector:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
\ No newline at end of file
--- /dev/null
+# Copyright (c) 2019 Bell Canada
+#
+# Modifications Copyright (c) 2019 Bell Canada.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ # Change to an unused port prefix range to prevent port conflicts
+ # with other instances running within the same k8s cluster
+ nodePortPrefix: 302
+
+ # image repositories
+ repository: nexus3.onap.org:10001
+
+ # readiness check
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+
+ # image pull policy
+ pullPolicy: Always
+
+ persistence:
+ mountPath: /dockerdata-nfs
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/ccsdk-commandexecutor:0.4.2-STAGING-latest
+pullPolicy: Always
+
+# application configuration
+config:
+ basicAuth: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ type: ClusterIP
+ grpc:
+ portName: command-executor-grpc
+ internalPort: 50051
+ externalPort: 50051
+
+persistence:
+ enabled: true
+ mountSubPath: cds/blueprints/deploy
+ deployedBlueprint: /opt/app/onap/blueprints/deploy
+
+ingress:
+ enabled: false
+
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 2
+ memory: 4Gi
+ unlimited: {}
# limitations under the License.
apiVersion: v1
-description: Controller Blueprints Micro Service
-name: controller-blueprints
+description: ONAP CDS Controller Blueprints
+name: cds-controller-blueprints
version: 4.0.0
\ No newline at end of file
--- /dev/null
+# Copyright (c) 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP CDS UI
+name: cds-ui
+version: 4.0.0
\ No newline at end of file
--- /dev/null
+# Copyright (c) 2019 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~4.x-0
+ repository: '@local'
\ No newline at end of file
ports:
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }}
name: {{ .Values.service.portName }}-{{ .Values.service.internalPort }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
--- /dev/null
+# Copyright © 2018 Orange
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefixExt: 304
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:1.1.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+
+subChartsOnly:
+ enabled: true
+
+# application image
+repository: nexus3.onap.org:10001
+image: onap/ccsdk-cds-ui-server:0.4.2-STAGING-latest
+pullPolicy: Always
+
+# application configuration
+config:
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ httpGet:
+ path: /
+ port: 3000
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ httpGet:
+ path: /ping
+ port: 3000
+ initialDelaySeconds: 30
+ periodSeconds: 10
+
+service:
+ type: NodePort
+ portName: ui
+ name: cds-ui
+ nodePort: 97
+ internalPort: 3000
+
+ingress:
+ enabled: false
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 1
+ memory: 1Gi
+ requests:
+ cpu: 10m
+ memory: 100Mi
+ large:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 200m
+ memory: 200Mi
+ unlimited: {}
-# Copyright © 2018 Orange
-# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Copyright © 2019 Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 303
- readinessRepository: oomk8s
- readinessImage: readiness-check:1.1.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
-
-subChartsOnly:
- enabled: true
-
-# application image
-repository: nexus3.onap.org:10001
-image: onap/ccsdk-cds-ui:1.0.0-STAGING-latest
-pullPolicy: Always
-
-# application configuration
-config:
-
mariadb-galera:
config:
userName: sdnctl
replicaCount: 1
persistence:
enabled: true
- mountSubPath: cds/data
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- httpGet:
- path: /
- port: 3000
- initialDelaySeconds: 30
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- httpGet:
- path: /ping
- port: 3000
- initialDelaySeconds: 30
- periodSeconds: 10
-
-service:
- type: NodePort
- portName: ui
- name: cds
- nodePort: 97
- internalPort: 3000
-
-ingress:
- enabled: false
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 1
- memory: 1Gi
- requests:
- cpu: 10m
- memory: 100Mi
- large:
- limits:
- cpu: 2
- memory: 2Gi
- requests:
- cpu: 200m
- memory: 200Mi
- unlimited: {}
+ mountSubPath: cds/data
\ No newline at end of file
# If API authorization is required, then implement a class to enforce it.
# This overrides the Class used for API permission check.
-#ApiPermission.Class: com.company.policy.DecisionPolicy
+ApiPermission.Class: org.onap.dmaap.dbcapi.authentication.AllowAll
#####################################################
#
- name: DELAY
value: "0"
- name: PROTO
- value: "http"
+ value: "https"
- name: PORT
- value: "8080"
+ value: "8443"
- name: REQUESTID
value: "{{.Chart.Name}}-post-install"
volumeMounts:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/portal-app:2.3.1
+image: onap/portal-app:2.5.0-STAGING-latest
pullPolicy: Always
# default number of instances
# application image
repository: nexus3.onap.org:10001
-image: onap/portal-db:2.3.1
+image: onap/portal-db:2.5.0-STAGING-latest
pullPolicy: Always
readinessImage: readiness-check:2.0.0
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/portal-sdk:2.3.1
+image: onap/portal-sdk:2.5.0-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/portal-wms:2.3.1
+image: onap/portal-wms:2.5.0-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
# See the License for the specific language governing permissions and
# limitations under the License.
+import json
+import os.path
+from itertools import chain
+from collections import defaultdict
+
+
GLOBAL_PRELOAD_PARAMETERS = {
# heat template parameter values common to all heat template continaing these parameters
"defaults" : {
}
}
}
+
+
+# Create dictionaries for new MAPPING data to join to original MAPPING data
+GLOBAL_PRELOAD_PARAMETERS2 = {}
+
+
+folder=os.path.join('/var/opt/ONAP/demo/preload_data')
+subfolders = [d for d in os.listdir(folder) if os.path.isdir(os.path.join(folder, d))]
+
+for service in subfolders:
+ filepath=os.path.join('/var/opt/ONAP/demo/preload_data', service, 'preload_data.json')
+ with open(filepath, 'r') as f:
+ preload_data = json.load(f)
+ GLOBAL_PRELOAD_PARAMETERS2['Demo']=preload_data
+
+
+# Merge dictionaries
+# preload_data.json is for Demo key in GLOBAL_PRELOAD_PARAMETERS
+
+
+GLOBAL_PRELOAD_PARAMETERS3 = {'Demo':{}}
+
+for k, v in chain(GLOBAL_PRELOAD_PARAMETERS['Demo'].items(), GLOBAL_PRELOAD_PARAMETERS2['Demo'].items()):
+ GLOBAL_PRELOAD_PARAMETERS3['Demo'][k] = v
+# print(k, v)
+
+GLOBAL_PRELOAD_PARAMETERS = dict(GLOBAL_PRELOAD_PARAMETERS.items() + GLOBAL_PRELOAD_PARAMETERS3.items())
+
+#print GLOBAL_PRELOAD_PARAMETERS
+
GLOBAL_MR_SERVER_PROTOCOL = "http"
GLOBAL_MR_SERVER_PORT = "3904"
# bus controller info
-GLOBAL_BC_SERVER_PORT = "8080"
GLOBAL_BC_HTTPS_SERVER_PORT = "8443"
GLOBAL_BC_USERNAME = "{{ .Values.bcUsername }}"
GLOBAL_BC_PASSWORD = "{{ .Values.bcPassword }}"
GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME = "{{ .Values.openStackProjectName }}"
GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID = "{{ .Values.openStackDomainId }}"
GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION = "{{ .Values.openStackKeystoneAPIVersion }}"
+GLOBAL_INJECTED_REGION_THREE = "{{ .Values.openStackRegionRegionThree }}"
+GLOBAL_INJECTED_KEYSTONE_REGION_THREE = "{{ .Values.openStackKeyStoneUrlRegionThree }}"
+GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION_REGION_THREE = "{{ .Values.openStackKeystoneAPIVersionRegionThree }}"
+GLOBAL_INJECTED_OPENSTACK_USERNAME_REGION_THREE = "{{ .Values.openStackUserNameRegionThree }}"
+GLOBAL_INJECTED_OPENSTACK_PASSWORD_REGION_THREE = "{{ .Values.openStackPasswordRegionThree }}"
+GLOBAL_INJECTED_OPENSTACK_MSO_ENCRYPTED_PASSWORD_REGION_THREE = "{{ .Values.openSackMsoEncryptdPasswordRegionThree }}"
+GLOBAL_INJECTED_OPENSTACK_TENANT_ID_REGION_THREE = "{{ .Values.openStackTenantIdRegionThree }}"
+GLOBAL_INJECTED_OPENSTACK_PROJECT_DOMAIN_REGION_THREE = "{{ .Values.openStackProjectNameRegionThree }}"
+GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN_REGION_THREE = "{{ .Values.openStackDomainIdRegionThree }}"
+GLOBAL_INJECTED_OPENSTACK_OAM_NETWORK_CIDR_PREFIX = "{{ .Values.openStackOamNetworkCidrPrefix }}"
GLOBAL_INJECTED_POLICY_IP_ADDR = "pdp.{{include "common.namespace" .}}"
GLOBAL_INJECTED_POLICY_HEALTHCHECK_IP_ADDR = "drools.{{include "common.namespace" .}}"
GLOBAL_INJECTED_PORTAL_IP_ADDR = "portal-app.{{include "common.namespace" .}}"
"GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME" : "{{ .Values.openStackProjectName }}",
"GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID" : "{{ .Values.openStackDomainId }}",
"GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION" : "{{ .Values.openStackKeystoneAPIVersion }}",
+ "GLOBAL_INJECTED_REGION_THREE" : "{{ .Values.openStackRegionRegionThree }}",
+ "GLOBAL_INJECTED_KEYSTONE_REGION_THREE" : "{{ .Values.openStackKeyStoneUrlRegionThree }}",
+ "GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION_REGION_THREE" : "{{ .Values.openStackKeystoneAPIVersionRegionThree }}",
+ "GLOBAL_INJECTED_OPENSTACK_USERNAME_REGION_THREE" : "{{ .Values.openStackUserNameRegionThree }}",
+ "GLOBAL_INJECTED_OPENSTACK_PASSWORD_REGION_THREE" : "{{ .Values.openStackPasswordRegionThree }}",
+ "GLOBAL_INJECTED_OPENSTACK_MSO_ENCRYPTED_PASSWORD_REGION_THREE" : "{{ .Values.openSackMsoEncryptdPasswordRegionThree }}",
+ "GLOBAL_INJECTED_OPENSTACK_TENANT_ID_REGION_THREE" : "{{ .Values.openStackTenantIdRegionThree }}",
+ "GLOBAL_INJECTED_OPENSTACK_PROJECT_DOMAIN_REGION_THREE" : "{{ .Values.openStackProjectNameRegionThree }}",
+ "GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN_REGION_THREE" : "{{ .Values.openStackDomainIdRegionThree }}",
+ "GLOBAL_INJECTED_OPENSTACK_OAM_NETWORK_CIDR_PREFIX" : "{{ .Values.openStackOamNetworkCidrPrefix }}",
"GLOBAL_INJECTED_POLICY_IP_ADDR" : "pdp.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_POLICY_HEALTHCHECK_IP_ADDR" : "drools.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_PORTAL_IP_ADDR" : "portal-app.{{include "common.namespace" .}}",
# Project name of Openstack where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME
openStackProjectName: "onap"
# Domain id of openstack where VNFs will be deployed. Maps to GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID
-openStackDomainId: "default"
+openStackDomainId: "Default"
# Openstack Keystone API version. Valid values are [ v2.0, v3 ]. Maps to GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION
openStackKeystoneAPIVersion: "v2.0"
+# Values for second cloud instante for VNF instantiatioen testing and keystone v3
+openStackRegionRegionThree: "RegionThree"
+openStackKeyStoneUrlRegionThree: "http://1.2.3.4:5000"
+openStackKeystoneAPIVersionRegionThree: "v3"
+openStackUserNameRegionThree: "demo"
+openStackPasswordRegionThree: "tenantPassword"
+# this is the java encrypted password that is needed for SO
+openSackMsoEncryptdPasswordRegionThree: "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+openStackTenantIdRegionThree: "3583253e932845a09cd4c8ca2f31d095"
+openStackProjectNameRegionThree: "Integration-HEAT-Staging-Daily"
+openStackDomainIdRegionThree: "Default"
+#
# Openstack glance image name for Ubuntu 14. Maps to GLOBAL_INJECTED_UBUNTU_1404_IMAGE
ubuntu14Image: "Ubuntu_14_trusty"
# Openstack glance image name for Ubuntu 16. Maps to GLOBAL_INJECTED_UBUNTU_1604_IMAGE
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dcae-be:1.3.0
+image: onap/dcae-be:1.3-STAGING-latest
pullPolicy: Always
-backendInitImage: onap/dcae-tools:1.3.0
+backendInitImage: onap/dcae-tools:1.3-STAGING-latest
# flag to enable debugging - application support required
debugEnabled: false
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dcae-dt:1.2.0
+image: onap/dcae-dt:1.2-STAGING-latest
pullPolicy: IfNotPresent
config:
javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-dt/logback-spring.xml
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dcae-fe:1.3.0
+image: onap/dcae-fe:1.3-STAGING-latest
pullPolicy: Always
config:
javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-fe/logback-spring.xml
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dcae-tosca-app:1.3.0
+image: onap/dcae-tosca-app:1.3-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
spec:
initContainers:
- command:
- - /root/ready.py
+ - /root/job_complete.py
args:
- - --container-name
- - {{ .Values.mariadb.nameOverride }}
+ - --job-name
+ - {{ .Release.Name }}-so-mariadb-config-job
env:
- name: NAMESPACE
valueFrom:
nodePortPrefixExt: 304
repository: nexus3.onap.org:10001
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
persistence:
mountPath: /dockerdata-nfs
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/bpmn-infra:1.3.3
+image: onap/so/bpmn-infra:1.4.0-STAGING-latest
pullPolicy: Always
replicaCount: 1
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
-mariadb:
- nameOverride: so-mariadb
ingress:
enabled: false
nodeSelector: {}
spec:
initContainers:
- command:
- - /root/ready.py
+ - /root/job_complete.py
args:
- - --container-name
- - {{ .Values.mariadb.nameOverride }}
+ - --job-name
+ - {{ .Release.Name }}-so-mariadb-config-job
env:
- name: NAMESPACE
valueFrom:
nodePortPrefixExt: 304
repository: nexus3.onap.org:10001
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
persistence:
mountPath: /dockerdata-nfs
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/catalog-db-adapter:1.3.3
+image: onap/so/catalog-db-adapter:1.4.0-STAGING-latest
pullPolicy: Always
replicaCount: 1
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
-mariadb:
- nameOverride: so-mariadb
ingress:
enabled: false
config:
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
- mariadb.readwrite.host : {{ .Values.db_host | b64enc | quote }}
- mariadb.readwrite.port : {{ .Values.db_port | b64enc | quote }}
+ mariadb.readwrite.host : {{ .Values.global.mariadbGalera.serviceName | b64enc | quote }}
+ mariadb.readwrite.port : {{ .Values.global.mariadbGalera.servicePort | b64enc | quote }}
mariadb.readwrite.rolename: {{ .Values.db_username | b64enc | quote }}
mariadb.readwrite.password: {{ .Values.db_password | b64enc | quote }}
mariadb.admin.rolename: {{ .Values.db_admin_username| b64enc | quote }}
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-db_host: so-mariadb
-db_port: "3306"
db_admin_username: so_admin
db_admin_password: so_Admin123
db_username: so_user
+++ /dev/null
-# Example MySQL config file for medium systems.
-#
-# This is for a system with memory 8G where MySQL plays
-# an important part, or systems up to 128M where MySQL is used together with
-# other programs (such as a web server)
-#
-# In this file, you can use all long options that a program supports.
-# If you want to know which options a program supports, run the program
-# with the "--help" option.
-
-# The following options will be passed to all MySQL clients
-##[client]
-##user = root
-##port = 3306
-##socket = //opt/app/mysql/mysql.sock
-
-# Here follows entries for some specific programs
-
-# The MySQL server
-[mysqld]
-##performance_schema
-
-slow_query_log =ON
-long_query_time =2
-slow_query_log_file =//var/lib/mysql/slow_query.log
-
-skip-external-locking
-explicit_defaults_for_timestamp = true
-skip-symbolic-links
-local-infile = 0
-key_buffer_size = 16M
-max_allowed_packet = 4M
-table_open_cache = 100
-sort_buffer_size = 512K
-net_buffer_length = 8K
-read_buffer_size = 256K
-read_rnd_buffer_size = 512K
-myisam_sort_buffer_size = 8M
-max_connections = 500
-lower_case_table_names = 1
-thread_stack = 256K
-thread_cache_size = 25
-query_cache_size = 8M
-query_cache_type = 0
-query_prealloc_size = 512K
-query_cache_limit = 1M
-
-# Password validation
-##plugin-load-add=simple_password_check.so
-##simple_password_check_other_characters=0
-
-# Audit Log settings
-plugin-load-add=server_audit.so
-server_audit=FORCE_PLUS_PERMANENT
-server_audit_file_path=//var/lib/mysql/audit.log
-server_audit_file_rotate_size=50M
-server_audit_events=CONNECT,QUERY,TABLE
-server_audit_logging=on
-
-# Don't listen on a TCP/IP port at all. This can be a security enhancement,
-# if all processes that need to connect to mysqld run on the same host.
-# All interaction with mysqld must be made via Unix sockets or named pipes.
-# Note that using this option without enabling named pipes on Windows
-# (via the "enable-named-pipe" option) will render mysqld useless!
-#
-#skip-networking
-
-# Replication Master Server (default)
-# binary logging is required for replication
-##log-bin=//var/lib/mysql/mysql-bin
-
-# binary logging format - mixed recommended
-binlog_format=row
-
-# required unique id between 1 and 2^32 - 1
-# defaults to 1 if master-host is not set
-# but will not function as a master if omitted
-
-# Replication Slave (comment out master section to use this)
-#
-# To configure this host as a replication slave, you can choose between
-# two methods :
-#
-# 1) Use the CHANGE MASTER TO command (fully described in our manual) -
-# the syntax is:
-#
-# CHANGE MASTER TO MASTER_HOST=<host>, MASTER_PORT=<port>,
-# MASTER_USER=<user>, MASTER_PASSWORD=<password> ;
-#
-# where you replace <host>, <user>, <password> by quoted strings and
-# <port> by the master's port number (3306 by default).
-#
-# Example:
-#
-# CHANGE MASTER TO MASTER_HOST='125.564.12.1', MASTER_PORT=3306,
-# MASTER_USER='joe', MASTER_PASSWORD='secret';
-#
-# OR
-#
-# 2) Set the variables below. However, in case you choose this method, then
-# start replication for the first time (even unsuccessfully, for example
-# if you mistyped the password in master-password and the slave fails to
-# connect), the slave will create a master.info file, and any later
-# change in this file to the variables' values below will be ignored and
-# overridden by the content of the master.info file, unless you shutdown
-# the slave server, delete master.info and restart the slaver server.
-# For that reason, you may want to leave the lines below untouched
-# (commented) and instead use CHANGE MASTER TO (see above)
-#
-# required unique id between 2 and 2^32 - 1
-# (and different from the master)
-# defaults to 2 if master-host is set
-# but will not function as a slave if omitted
-#server-id = 2
-#
-# The replication master for this slave - required
-#master-host = <hostname>
-#
-# The username the slave will use for authentication when connecting
-# to the master - required
-#master-user = <username>
-#
-# The password the slave will authenticate with when connecting to
-# the master - required
-#master-password = <password>
-#
-# The port the master is listening on.
-# optional - defaults to 3306
-#master-port = <port>
-#
-# binary logging - not required for slaves, but recommended
-#log-bin=mysql-bin
-
-# Uncomment the following if you are using InnoDB tables
-##innodb_data_home_dir = //opt/app/mysql/data
-##innodb_data_file_path = ibdata1:20M:autoextend:max:32G
-##innodb_log_group_home_dir = //opt/app/mysql/iblogs
-# You can set .._buffer_pool_size up to 50 - 80 %
-# of RAM but beware of setting memory usage too high
-#innodb_buffer_pool_size = 6380M
-#innodb_additional_mem_pool_size = 2M
-# Set .._log_file_size to 25 % of buffer pool size
-innodb_log_file_size = 150M
-innodb_log_files_in_group = 3
-innodb_log_buffer_size = 8M
-#innodb_flush_log_at_trx_commit = 1
-innodb_lock_wait_timeout = 50
-innodb_autoextend_increment = 100
-expire_logs_days = 8
-open_files_limit = 2000
-transaction-isolation=READ-COMMITTED
-####### Galera parameters #######
-## Galera Provider configuration
-wsrep_provider=/usr/lib/galera/libgalera_smm.so
-wsrep_provider_options="gcache.size=2G; gcache.page_size=1G"
-## Galera Cluster configuration
-wsrep_cluster_name="MSO-automated-tests-cluster"
-wsrep_cluster_address="gcomm://"
-#wsrep_cluster_address="gcomm://mariadb1,mariadb2,mariadb3"
-##wsrep_cluster_address="gcomm://192.169.3.184,192.169.3.185,192.169.3.186"
-## Galera Synchronization configuration
-wsrep_sst_method=rsync
-#wsrep_sst_method=xtrabackup-v2
-#wsrep_sst_auth="sstuser:Mon#2o!6"
-## Galera Node configuration
-wsrep_node_name="mariadb1"
-##wsrep_node_address="192.169.3.184"
-wsrep_on=ON
-## Status notification
-#wsrep_notify_cmd=/opt/app/mysql/bin/wsrep_notify
-#######
-
-
-[mysqldump]
-quick
-max_allowed_packet = 16M
-
-[mysql]
-no-auto-rehash
-# Remove the next comment character if you are not familiar with SQL
-#safe-updates
-
-[myisamchk]
-key_buffer_size = 20971520
-
-##[mysqlhotcopy]
-##interactive-timeout
-##[mysqld_safe]
-##malloc-lib=//opt/app/mysql/local/lib/libjemalloc.so.1
-##log-error=//opt/app/mysql/log/mysqld.log
-
-general_log_file = /var/log/mysql/mysql.log
-general_log = 1
+++ /dev/null
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: confd-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }}
\ No newline at end of file
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- spec:
- hostname: mariadb
- initContainers:
- - name: {{ include "common.name" . }}-inject-testlab-project
- command:
- - /bin/bash
- - -c
- - >
- git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit;
- echo "Clone complete. Copying from /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d to /docker-entrypoint-initdb.d";
- cp -rf /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d/* /docker-entrypoint-initdb.d;
- chmod -R 755 /docker-entrypoint-initdb.d;
- echo "Done.";
- image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - name: docker-entrypoint-initdb-d
- mountPath: "/docker-entrypoint-initdb.d"
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- {{ if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end }}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-root-password
- volumeMounts:
- - mountPath: /var/lib/mysql
- name: mariadb-data
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /etc/mysql/conf.d
- name: mariadb-conf
- - name: docker-entrypoint-initdb-d
- mountPath: "/docker-entrypoint-initdb.d"
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes:
- - name: mariadb-data
- {{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
- - name: mariadb-conf
- configMap:
- name: confd-configmap
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: docker-entrypoint-initdb-d
- emptyDir: {}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+{{- if .Values.global.migration.enabled }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-backup
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+ "helm.sh/hook": pre-upgrade,pre-install
+ "helm.sh/hook-weight": "1"
+ "helm.sh/hook-delete-policy": before-hook-creation
+spec:
+ backoffLimit: 20
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ spec:
+ containers:
+ - name: {{ include "common.fullname" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: DB_HOST
+ value: {{ .Values.global.migration.dbHost }}
+ - name: DB_USER
+ value: {{ .Values.global.migration.dbUser }}
+ - name: DB_PORT
+ value: "{{ .Values.global.migration.dbPort }}"
+ - name: DB_PASS
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-migration
+ key: db-root-password-backup
+ command:
+ - /bin/bash
+ - -c
+ - mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb > /var/data/mariadb/backup-`date +%s`.sql
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - name: backup-storage
+ mountPath: /var/data/mariadb
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: backup-storage
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}-migration
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ restartPolicy: Never
+---
+{{- end }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-config-job
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+ "helm.sh/hook": post-upgrade,post-rollback,post-install
+ "helm.sh/hook-weight": "0"
+ "helm.sh/hook-delete-policy": before-hook-creation
+spec:
+ backoffLimit: 20
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}-job
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - {{ .Values.global.mariadbGalera.nameOverride }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ - name: {{ include "common.name" . }}-inject-testlab-project
+ command:
+ - /bin/bash
+ - -c
+ - >
+ git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit;
+ echo "Clone complete. Copying from /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d to /docker-entrypoint-initdb.d";
+ cp -rf /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d/* /docker-entrypoint-initdb.d;
+ chmod -R 755 /docker-entrypoint-initdb.d;
+ echo "Done.";
+ image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: docker-entrypoint-initdb-d
+ mountPath: "/docker-entrypoint-initdb.d"
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /bin/bash
+ - -c
+ - >
+ mysql() { /usr/bin/mysql -h ${DB_HOST} -P ${DB_PORT} "$@"; };
+ export -f mysql;
+ mysql --user=root --password=${MYSQL_ROOT_PASSWORD} requestdb -e exit > /dev/null 2>&1 {{ if not .Values.global.migration.enabled }} && echo "Database already initialized!!!" && exit 0 {{ end }};
+ for f in /docker-entrypoint-initdb.d/*; do case "$f" in *.sh) echo "$0: running $f"; . "$f" ;; *.sql) echo "$0: running $f"; "${mysql[@]}" < "$f"; echo ;; *.sql.gz) echo "$0: running $f"; gunzip -c "$f" | "${mysql[@]}"; echo ;; *) echo "$0: ignoring $f" ;; esac; echo; done;
+ {{- if .Values.global.migration.enabled }}
+ mysql -vv --user=root --password=${MYSQL_ROOT_PASSWORD} < `ls -tr /var/data/mariadb/* | tail -1`;
+ {{- end }}
+ env:
+ - name: DB_HOST
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-db-secrets
+ key: mariadb.readwrite.host
+ - name: DB_PORT
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Release.Name}}-so-db-secrets
+ key: mariadb.readwrite.port
+ - name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: db-root-password
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - name: docker-entrypoint-initdb-d
+ mountPath: "/docker-entrypoint-initdb.d"
+ {{- if .Values.global.migration.enabled }}
+ - name: backup-storage
+ mountPath: /var/data/mariadb
+ {{- end }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: docker-entrypoint-initdb-d
+ emptyDir: {}
+ {{- if .Values.global.migration.enabled }}
+ - name: backup-storage
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}-migration
+ {{- end }}
+ restartPolicy: Never
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright â–’ 2017 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+
+{{- if .Values.global.migration.enabled }}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-migration
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-migration
+ annotations:
+ "helm.sh/hook": pre-upgrade,pre-install
+ "helm.sh/hook-weight": "0"
+ "helm.sh/hook-delete-policy": before-hook-creation
spec:
capacity:
storage: {{ .Values.persistence.size}}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
\ No newline at end of file
+{{- end }}
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright â–’ 2017 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+
+{{- if .Values.global.migration.enabled }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-migration
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
annotations:
+ "helm.sh/hook": pre-upgrade,pre-install
+ "helm.sh/hook-weight": "-1"
+ "helm.sh/hook-delete-policy": before-hook-creation
+{{- if .Values.persistence.annotations }}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
selector:
matchLabels:
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-migration
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
storageClassName: "{{ .Values.persistence.storageClass }}"
{{- end }}
{{- end }}
-{{- end -}}
\ No newline at end of file
+{{- end }}
+
heritage: {{ .Release.Service }}
type: Opaque
data:
- db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }}
\ No newline at end of file
+ db-root-password: {{ .Values.global.mariadbGalera.mariadbRootPassword | b64enc | quote }}
+{{- if .Values.global.migration.enabled }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-migration
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+ "helm.sh/hook": pre-upgrade,pre-install
+ "helm.sh/hook-weight": "0"
+ "helm.sh/hook-delete-policy": before-hook-creation
+type: Opaque
+data:
+ db-root-password-backup: {{ .Values.global.migration.dbPassword | b64enc | quote }}
+{{- end }}
nodePortPrefixExt: 304
repository: nexus3.onap.org:10001
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
ubuntuInitRepository: registry.hub.docker.com
- persistence:
- mountPath: /dockerdata-nfs
#################################################################
# Application configuration defaults.
# application configuration
config:
- mariadbRootPassword: password
# gerrit branch where the latest heat code is checked in
gerritBranch: master
# gerrit project where the latest heat code is checked in
gerritProject: http://gerrit.onap.org/r/so/docker-config.git
# default number of instances
-replicaCount: 1
nodeSelector: {}
affinity: {}
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 450
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-readiness:
- initialDelaySeconds: 450
- periodSeconds: 10
-## Persist data to a persitent volume
-persistence:
- enabled: true
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- ##
- # storageClass: "-"
- accessMode: ReadWriteMany
- size: 2Gi
- mountPath: /dockerdata-nfs
- mountSubPath: mso/mariadb/data
-service:
- type: NodePort
- portName: mariadb
- internalPort: 3306
- externalPort: 3306
- nodePort: 52
+
ingress:
enabled: false
+
# Resource Limit flavor
flavor: small
+
resources:
small:
limits:
cpu: 2
memory: 4Gi
unlimited: {}
+
+persistence:
+ enabled: true
+ ## A manually managed Persistent Volume and Claim
+ ## Requires persistence.enabled: true
+ ## If defined, PVC must be created manually before volume will be bound
+ # existingClaim:
+ volumeReclaimPolicy: Retain
+ ## database data Persistent Volume Storage Class
+ ## If defined, storageClassName: <storageClass>
+ ## If set to "-", storageClassName: "", which disables dynamic provisioning
+ ## If undefined (the default) or set to null, no storageClassName spec is
+ ## set, choosing the default provisioner. (gp2 on AWS, standard on
+ ## GKE, AWS & OpenStack)
+ ##
+ # storageClass: "-"
+ accessMode: ReadWriteMany
+ size: 2Gi
+
+ mountPath: /dockerdata-nfs
+ mountSubPath: so/migration
nodePortPrefixExt: 304
repository: nexus3.onap.org:10001
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
persistence:
mountPath: /dockerdata-nfs
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/so-monitoring:1.3.3
+image: onap/so/so-monitoring:1.4.0-STAGING-latest
pullPolicy: Always
replicaCount: 1
spec:
initContainers:
- command:
- - /root/ready.py
+ - /root/job_complete.py
args:
- - --container-name
- - {{ .Values.mariadb.nameOverride }}
+ - --job-name
+ - {{ .Release.Name }}-so-mariadb-config-job
env:
- name: NAMESPACE
valueFrom:
nodePortPrefixExt: 304
repository: nexus3.onap.org:10001
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
persistence:
mountPath: /dockerdata-nfs
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/openstack-adapter:1.3.3
+image: onap/so/openstack-adapter:1.4.0-STAGING-latest
pullPolicy: Always
repository: nexus3.onap.org:10001
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
-mariadb:
- nameOverride: so-mariadb
ingress:
enabled: false
config:
spec:
initContainers:
- command:
- - /root/ready.py
+ - /root/job_complete.py
args:
- - --container-name
- - {{ .Values.mariadb.nameOverride }}
+ - --job-name
+ - {{ .Release.Name }}-so-mariadb-config-job
env:
- name: NAMESPACE
valueFrom:
nodePortPrefixExt: 304
repository: nexus3.onap.org:10001
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
persistence:
mountPath: /dockerdata-nfs
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/request-db-adapter:1.3.3
+image: onap/so/request-db-adapter:1.4.0-STAGING-latest
pullPolicy: Always
replicaCount: 1
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
-mariadb:
- nameOverride: so-mariadb
ingress:
enabled: false
nodeSelector: {}
spec:
initContainers:
- command:
- - /root/ready.py
+ - /root/job_complete.py
args:
- - --container-name
- - {{ .Values.mariadb.nameOverride }}
+ - --job-name
+ - {{ .Release.Name }}-so-mariadb-config-job
env:
- name: NAMESPACE
valueFrom:
nodePortPrefixExt: 304
repository: nexus3.onap.org:10001
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
persistence:
mountPath: /dockerdata-nfs
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/sdc-controller:1.3.3
+image: onap/so/sdc-controller:1.4.0-STAGING-latest
pullPolicy: Always
replicaCount: 1
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
-mariadb:
- nameOverride: so-mariadb
ingress:
enabled: false
nodeSelector: {}
nodePortPrefixExt: 304
repository: nexus3.onap.org:10001
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
persistence:
mountPath: /dockerdata-nfs
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/sdnc-adapter:1.3.3
+image: onap/so/sdnc-adapter:1.4.0-STAGING-latest
pullPolicy: Always
replicaCount: 1
spec:
initContainers:
- command:
- - /root/ready.py
+ - /root/job_complete.py
args:
- - --container-name
- - {{ .Values.mariadb.nameOverride }}
+ - --job-name
+ - {{ .Release.Name }}-so-mariadb-config-job
env:
- name: NAMESPACE
valueFrom:
nodePortPrefixExt: 304
repository: nexus3.onap.org:10001
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
persistence:
mountPath: /dockerdata-nfs
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/vfc-adapter:1.3.3
+image: onap/so/vfc-adapter:1.4.0-STAGING-latest
pullPolicy: Always
replicaCount: 1
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
-mariadb:
- nameOverride: so-mariadb
ingress:
enabled: false
nodeSelector: {}
nodePortPrefixExt: 304
repository: nexus3.onap.org:10001
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
persistence:
mountPath: /dockerdata-nfs
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
- repository: '@local'
\ No newline at end of file
+ repository: '@local'
+ - name: mariadb-galera
+ version: ~4.x-0
+ repository: '@local'
+ condition: global.mariadbGalera.localCluster
spec:
initContainers:
- command:
- - /root/ready.py
+ - /root/job_complete.py
args:
- - --container-name
- - {{ .Values.mariadb.nameOverride }}
+ - --job-name
+ - {{ .Release.Name }}-so-mariadb-config-job
env:
- name: NAMESPACE
valueFrom:
nodePortPrefixExt: 304
repository: nexus3.onap.org:10001
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
+ mariadbGalera:
+ nameOverride: mariadb-galera
+ serviceName: mariadb-galera
+ servicePort: "3306"
+ mariadbRootPassword: secretpassword
+ #This flag allows SO to instantiate its own mariadb-galera cluster,
+ #serviceName and nameOverride should be so-mariadb-galera if this flag is enabled
+ localCluster: false
persistence:
mountPath: /dockerdata-nfs
-
+ #This configuration will run the migration. The configurations are for backing up the data
+ #from DB and then restoring it to the present versions preferred DB.
+ migration:
+ enabled: false
+ dbHost: mariadb-galera
+ dbPort: 3306
+ dbUser: root
+ dbPassword: secretpassword
+
#################################################################
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/api-handler-infra:1.3.3
+image: onap/so/api-handler-infra:1.4.0-STAGING-latest
pullPolicy: Always
replicaCount: 1
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
-mariadb:
- nameOverride: so-mariadb
-so-bpmn-infra:
- mariadb:
- nameOverride: so-mariadb
-so-catalog-db-adapter:
- mariadb:
- nameOverride: so-mariadb
-so-openstack-adapter:
- mariadb:
- nameOverride: so-mariadb
-so-request-db-adapter:
- mariadb:
- nameOverride: so-mariadb
-so-sdc-controller:
- mariadb:
- nameOverride: so-mariadb
-so-vfc-adapter:
- mariadb:
- nameOverride: so-mariadb
+
nodeSelector: {}
affinity: {}
+
+#Used only if localCluster is enabled. Instantiates SO's own cassandra cluster
+#helm deploy demo local/onap --namespace onap --verbose --set so.enabled=true \
+# --set so.global.mariadbGalera.localCluster=true \
+# --set so.global.mariadbGalera.nameOverride=so-mariadb-galera \
+# --set so.global.mariadbGalera.serviceName=so-mariadb-galera
+mariadb-galera:
+ nameOverride: so-mariadb-galera
+ replicaCount: 1
+ service:
+ name: so-mariadb-galera
+ persistence:
+ mountSubPath: so/mariadb-galera/data
+ enabled: true
value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
- name: MYSQL_ADDR
value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}"
+ - name: MYSQL_AUTH
+ value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}"
+ - name: REDIS_ADDR
+ value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}"
volumeMounts:
- name: {{ include "common.fullname" . }}-catalog
mountPath: /service/vfc/nfvo/catalog/static
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/catalog:1.2.1
+image: onap/vfc/catalog:1.3.0-STAGING-latest
pullPolicy: Always
#Istio sidecar injection policy
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/db:1.2.1
+image: onap/vfc/db:1.3.0-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
service:
type: ClusterIP
- name: vfc-db
- portName: vfc-db
+ name: vfc-redis
+ portName: vfc-redis
externalPort: 3306
internalPort: 3306
externalPort2: 6379
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/emsdriver:1.2.1
+image: onap/vfc/emsdriver:1.3.0-STAGING-latest
pullPolicy: Always
#Istio sidecar injection policy
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/gvnfmdriver:1.2.1
+image: onap/vfc/gvnfmdriver:1.3.0-STAGING-latest
pullPolicy: Always
#Istio sidecar injection policy
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/nfvo/svnfm/huawei:1.2.1
+image: onap/vfc/nfvo/svnfm/huawei:1.3.0-STAGING-latest
pullPolicy: Always
#Istio sidecar injection policy
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/jujudriver:1.2.1
+image: onap/vfc/jujudriver:1.3.0-STAGING-latest
pullPolicy: Always
#Istio sidecar injection policy
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/multivimproxy:1.2.1
+image: onap/vfc/multivimproxy:1.3.0-STAGING-latest
pullPolicy: Always
#Istio sidecar injection policy
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/nfvo/svnfm/nokiav2:1.3.0
+image: onap/vfc/nfvo/svnfm/nokiav2:1.3.1-STAGING-latest
pullPolicy: Always
#Istio sidecar injection policy
value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
- name: MYSQL_ADDR
value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}"
+ - name: MYSQL_AUTH
+ value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}"
+ - name: REDIS_ADDR
+ value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}"
volumeMounts:
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/nslcm:1.2.1
+image: onap/vfc/nslcm:1.3.0-STAGING-latest
pullPolicy: Always
#Istio sidecar injection policy
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/resmanagement:1.2.1
+image: onap/vfc/resmanagement:1.3.0-STAGING-latest
pullPolicy: Always
#Istio sidecar injection policy
value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
- name: MYSQL_ADDR
value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}"
+ - name: MYSQL_AUTH
+ value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}"
+ - name: REDIS_ADDR
+ value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}"
volumeMounts:
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/vnflcm:1.2.1
+image: onap/vfc/vnflcm:1.3.0-STAGING-latest
pullPolicy: Always
#Istio sidecar injection policy
value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
- name: MYSQL_ADDR
value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}"
+ - name: REDIS_ADDR
+ value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}"
+ - name: MYSQL_AUTH
+ value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}"
volumeMounts:
- name: {{ include "common.fullname" . }}-localtime
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/vnfmgr:1.2.1
+image: onap/vfc/vnfmgr:1.3.0-STAGING-latest
pullPolicy: Always
#Istio sidecar injection policy
value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
- name: MYSQL_ADDR
value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}"
+ - name: REDIS_ADDR
+ value: "{{ .Values.global.config.redisServiceName }}:{{ .Values.global.config.redisPort }}"
+ - name: MYSQL_AUTH
+ value: "{{ .Values.global.config.dbUser }}:{{ .Values.global.config.mariadbRootPassword }}"
volumeMounts:
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/vnfres:1.2.1
+image: onap/vfc/vnfres:1.3.0-STAGING-latest
pullPolicy: Always
#Istio sidecar injection policy
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/wfengine-activiti:1.2.0
+image: onap/vfc/wfengine-activiti:1.3.0-STAGING-latest
pullPolicy: Always
#Istio sidecar injection policy
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/wfengine-mgrservice:1.2.0
+image: onap/vfc/wfengine-mgrservice:1.3.0-STAGING-latest
pullPolicy: Always
#Istio sidecar injection policy
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/ztesdncdriver:1.2.0
+image: onap/vfc/ztesdncdriver:1.2.0-STAGING-latest
pullPolicy: Always
#Istio sidecar injection policy
flavor: small
repository: nexus3.onap.org:10001
-image: onap/vfc/ztevnfmdriver:1.2.1
+image: onap/vfc/ztevnfmdriver:1.3.0-STAGING-latest
pullPolicy: Always
#Istio sidecar injection policy
dependencies:
- name: common
version: ~4.x-0
- repository: '@local'
\ No newline at end of file
+ repository: '@local'
+ - name: mariadb-galera
+ version: ~4.x-0
+ repository: '@local'
msbPort: 80
dbServiceName: vfc-db
dbPort: 3306
+ dbUser: root
+ mariadbRootPassword: secretpassword
+ redisServiceName: vfc-redis
+ redisPort: 6379
persistence:
mountPath: /dockerdata-nfs
logstashServiceName: log-ls
logstashPort: 5044
+mariadb-galera:
+ nameOverride: vfc-mariadb
+ service:
+ name: vfc-db
+ portName: vfc-db
+ nfsprovisionerPrefix: vfc
+ persistence:
+ mountSubPath: vfc/data
+ enabled: true
+ disableNfsProvisioner: true
+
+catalog:
+ config:
+ dbPodName: vfc-db
+ dbServiceName: vfc-db
+nslcm:
+ config:
+ dbPodName: vfc-db
+ dbServiceName: vfc-db
# sub-chart configuration
vfc-workflow:
service:
Code Review / oom.git / commitdiff