> sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm
-**Step 3.** Customize the helm charts like oom/kubernetes/onap/values.yaml or an override
-file like onap-all.yaml, onap-vfw.yaml or openstack.yaml file to suit your deployment with items like the
-OpenStack tenant information.
+**Step 3.** Customize the helm charts like `oom/kubernetes/onap/values.yaml` or an override
+file like `onap-all.yaml`, `onap-vfw.yaml` or `openstack.yaml` file to suit your deployment
+with items like the OpenStack tenant information.
.. note::
- Standard and example override files (e.g. onap-all.yaml, openstack.yaml) can be found in
- the oom/kubernetes/onap/resources/overrides/ directory.
+ Standard and example override files (e.g. `onap-all.yaml`, `openstack.yaml`) can be found in
+ the `oom/kubernetes/onap/resources/overrides/` directory.
a. You may want to selectively enable or disable ONAP components by changing
- the `enabled: true/false` flags.
+ the ``enabled: true/false`` flags.
- b. Encyrpt the OpenStack password using the shell tool for robot and put it in
- the robot helm charts or robot section of openstack.yaml
+ b. Encrypt the OpenStack password using the shell tool for robot and put it in
+ the robot helm charts or robot section of `openstack.yaml`
c. Encrypt the OpenStack password using the java based script for SO helm charts
- or SO section of openstack.yaml.
+ or SO section of `openstack.yaml`.
d. Update the OpenStack parameters that will be used by robot, SO and APPC helm
Here is an example of the nominal entries that need to be provided.
We have different values file available for different contexts.
-.. literalinclude:: onap-values.yaml
+.. literalinclude:: ../kubernetes/onap/values.yaml
:language: yaml
openssl algorithm that works with the python based Robot Framework.
.. note::
- To generate ROBOT openStackEncryptedPasswordHere :
+ To generate ROBOT ``openStackEncryptedPasswordHere``::
- ``cd so/resources/config/mso/``
-
- ``/oom/kubernetes/so/resources/config/mso# echo -n "<openstack tenant password>" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p``
+ cd so/resources/config/mso/
+ /oom/kubernetes/so/resources/config/mso# echo -n "<openstack tenant password>" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p``
c. Generating SO Encrypted Password:
The SO Encrypted Password uses a java based encryption utility since the
ROBOT uses in Dublin.
.. note::
- To generate SO openStackEncryptedPasswordHere and openStackSoEncryptedPassword:
-
- SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key`
-
- OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX
-
- git clone http://gerrit.onap.org/r/integration
+ To generate SO ``openStackEncryptedPasswordHere`` and ``openStackSoEncryptedPassword``
+ ensure `default-jdk` is installed::
- cd integration/deployment/heat/onap-rke/scripts
+ apt-get update; apt-get install default-jdk
+ Then execute::
- javac Crypto.java
+ SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key`
+ OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX
- [ if javac is not installed 'apt-get update ; apt-get install default-jdk' ]
-
- java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY"
+ git clone http://gerrit.onap.org/r/integration
+ cd integration/deployment/heat/onap-rke/scripts
+ javac Crypto.java
+ java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY"
d. Update the OpenStack parameters:
automation that can help confirm the setup is correct, please observe the following
constraints.
-openStackPublicNetId:
-
-This network should allow heat templates to add interfaces.
-This need not be an external network, floating IPs can be assigned to the ports on
-the VMs that are created by the heat template but its important that neutron allow
-ports to be created on them.
-
-openStackPrivateNetCidr: "10.0.0.0/16"
+``openStackPublicNetId:``
+ This network should allow heat templates to add interfaces.
+ This need not be an external network, floating IPs can be assigned to the ports on
+ the VMs that are created by the heat template but its important that neutron allow
+ ports to be created on them.
-This ip address block is used to assign OA&M addresses on VNFs to allow ONAP connectivity.
-The demonstration heat templates assume that 10.0 prefix can be used by the VNFs and the
-demonstration ip addressing plan embodied in the preload template prevent conflicts when
-instantiating the various VNFs. If you need to change this, you will need to modify the preload
-data in the robot helm chart like integration_preload_parametes.py and the demo/heat/preload_data
-in the robot container. The size of the CIDR should be sufficient for ONAP and the VMs you expect
-to create.
+``openStackPrivateNetCidr: "10.0.0.0/16"``
+ This ip address block is used to assign OA&M addresses on VNFs to allow ONAP connectivity.
+ The demonstration heat templates assume that 10.0 prefix can be used by the VNFs and the
+ demonstration ip addressing plan embodied in the preload template prevent conflicts when
+ instantiating the various VNFs. If you need to change this, you will need to modify the preload
+ data in the robot helm chart like integration_preload_parametes.py and the demo/heat/preload_data
+ in the robot container. The size of the CIDR should be sufficient for ONAP and the VMs you expect
+ to create.
-openStackOamNetworkCidrPrefix: "10.0"
-
-This ip prefix mush match the openStackPrivateNetCidr and is a helper variable to some of the
-robot scripts for demonstration. A production deployment need not worry about this
-setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix.
+``openStackOamNetworkCidrPrefix: "10.0"``
+ This ip prefix mush match the openStackPrivateNetCidr and is a helper variable to some of the
+ robot scripts for demonstration. A production deployment need not worry about this
+ setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix.
Example Keystone v2.0
+
.. literalinclude:: example-integration-override.yaml
:language: yaml
Example Keystone v3 (required for Rocky and later releases)
+
.. literalinclude:: example-integration-override-v3.yaml
:language: yaml
.. literalinclude:: helm-search.txt
.. note::
- The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use `make` to update your local Helm repository.
+ The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use ``make`` to update your local Helm repository.
**Step 8.** Once the repo is setup, installation of ONAP can be done with a
single command
.. note::
- The --timeout 900 is currently required in Dublin to address long running initialization tasks
+ The ``--timeout 900`` is currently required in Dublin to address long running initialization tasks
for DMaaP and SO. Without this timeout value both applications may fail to deploy.
To deploy all ONAP applications use this command::
All override files may be customized (or replaced by other overrides) as per needs.
-onap-all.yaml
-
+`onap-all.yaml`
Enables the modules in the ONAP deployment. As ONAP is very modular, it is possible to customize ONAP and disable some components through this configuration file.
-environment.yaml
-
+`environment.yaml`
Includes configuration values specific to the deployment environment.
Example: adapt readiness and liveness timers to the level of performance of your infrastructure
-openstack.yaml
-
+`openstack.yaml`
Includes all the Openstack related information for the default target tenant you want to use to deploy VNFs from ONAP and/or additional parameters for the embedded tests.
**Step 9.** Verify ONAP installation
.. note::
While all pods may be in a Running state, it is not a guarantee that all components are running fine.
- Launch the healthcheck tests using Robot to verify that the components are healthy.
+ Launch the healthcheck tests using Robot to verify that the components are healthy::
- > ~/oom/kubernetes/robot/ete-k8s.sh onap health
+ > ~/oom/kubernetes/robot/ete-k8s.sh onap health
-**Step 10.** Undeploy ONAP
+**Step 10.** Undeploy ONAP::
-> helm undeploy dev --purge
+ > helm undeploy dev --purge
More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins
The top level onap/values.yaml file contains the values required to be set
before deploying ONAP. Here is the contents of this file:
-.. include:: onap_values.yaml
+.. include:: ../kubernetes/onap/values.yaml
:code: yaml
One may wish to create a value file that is specific to a given deployment such
echo "Starting cdt-proxy-service jar, logging to ${APPC_HOME}/cdt-proxy-service/jar.log"
java -jar ${APPC_HOME}/cdt-proxy-service/cdt-proxy-service.jar > ${APPC_HOME}/cdt-proxy-service/jar.log &
+echo "Starting dmaap-event-service jar, logging to ${APPC_HOME}/dmaap-event-service/jar.log"
+java -jar -Dorg_onap_appc_bootstrap_path=/opt/onap/appc/data/properties -Dorg_onap_appc_bootstrap_file=appc.properties ${APPC_HOME}/dmaap-event-service/dmaap-event-service.jar > ${APPC_HOME}/dmaap-event-service/jar.log &
+
echo "Adding a property system.properties for AAF cadi.properties location"
echo "" >> ${ODL_HOME}/etc/system.properties
echo "cadi_prop_files=${APPC_HOME}/data/properties/cadi.properties" >> ${ODL_HOME}/etc/system.properties
# Properties used by EventSenderDmaapImpl.java
DCAE.dmaap.event.topic.write=EventSenderTest
-DCAE.dmaap.appc.username=test
-DCAE.dmaap.appc.password=test
-DCAE.dmaap.event.pool.members=message-router.{{.Release.Namespace}}:3904
+DCAE.dmaap.event.username=test
+DCAE.dmaap.event.password=test
+DCAE.dmaap.event.poolMembers=message-router.{{.Release.Namespace}}:3904
#OAM Listener
appc.OAM.disabled=true
appc.OAM.provider.pass={{.Values.config.odlPassword}}
appc.asdc.env={{.Values.config.dmaapTopicEnv}}
+
+#Properties for communication between appc dmaap microservice and appc
+appc.srvcomm.messaging.username={{.Values.config.dmaapServiceUser}}
+appc.srvcomm.messaging.password={{.Values.config.dmaapServicePassword}}
+appc.srvcomm.messaging.url={{.Values.config.dmaapServiceUrl}}
openStackUserName: admin
openStackEncryptedPassword: enc:LDEbHEAvTF1R
odlUser: admin
+ dmaapServiceUrl: http://localhost:8080/publish
+ dmaapServiceUser: appc
+ dmaapServicePassword: onapappc
appc-ansible-server:
service:
api:
controller:
http:
- baseUrl: http://cds-controller-blueprints:8080/api/v1
+ baseUrl: http://cds-blueprints-processor-http:8081/api/v1
authToken: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
processor:
http:
apiVersion: v1
description: ONAP DCAE Gen2
name: dcaegen2
-version: 5.0.0
+version: 6.0.0
+# Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
make-dcaegen2: make-dcae-bootstrap make-dcae-cloudify-manager make-dcae-config-binding-service make-dcae-healthcheck make-dcae-redis make-dcae-servicechange-handler make-dcae-inventory-api make-dcae-deployment-handler make-dcae-policy-handler make-dcae-dashboard
make-dcae-bootstrap:
- cd charts && helm dep up dcae-bootstrap && helm lint dcae-bootstrap
+ cd components && helm dep up dcae-bootstrap && helm lint dcae-bootstrap
make-dcae-cloudify-manager:
- cd charts && helm dep up dcae-cloudify-manager && helm lint dcae-cloudify-manager
+ cd components && helm dep up dcae-cloudify-manager && helm lint dcae-cloudify-manager
make-dcae-config-binding-service:
- cd charts && helm dep up dcae-config-binding-service && helm lint dcae-config-binding-service
+ cd components && helm dep up dcae-config-binding-service && helm lint dcae-config-binding-service
make-dcae-healthcheck:
- cd charts && helm dep up dcae-healthcheck && helm lint dcae-healthcheck
+ cd components && helm dep up dcae-healthcheck && helm lint dcae-healthcheck
make-dcae-redis:
- cd charts && helm dep up dcae-redis && helm lint dcae-redis
+ cd components && helm dep up dcae-redis && helm lint dcae-redis
make-dcae-servicechange-handler:
- cd charts && helm dep up dcae-servicechange-handler && helm lint dcae-servicechange-handler
+ cd components && helm dep up dcae-servicechange-handler && helm lint dcae-servicechange-handler
make-dcae-inventory-api:
- cd charts/dcae-servicechange-handler/charts && helm dep up dcae-inventory-api && helm lint dcae-inventory-api
+ cd components && helm dep up dcae-inventory-api && helm lint dcae-inventory-api
make-dcae-deployment-handler:
- cd charts && helm dep up dcae-deployment-handler && helm lint dcae-deployment-handler
+ cd components && helm dep up dcae-deployment-handler && helm lint dcae-deployment-handler
make-dcae-policy-handler:
- cd charts && helm dep up dcae-policy-handler && helm lint dcae-policy-handler
+ cd components && helm dep up dcae-policy-handler && helm lint dcae-policy-handler
make-dcae-dashboard:
- cd charts && helm dep up dcae-dashboard && helm lint dcae-dashboard
+ cd components && helm dep up dcae-dashboard && helm lint dcae-dashboard
+
+clean:
+ @find . -type f -name '*.tgz' -delete
+ @find . -type f -name '*.lock' -delete
apiVersion: v1
description: ONAP DCAE Bootstrap
name: dcae-bootstrap
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Cloudify Manager
name: dcae-cloudify-manager
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Config Binding Service
name: dcae-config-binding-service
-version: 5.0.0
\ No newline at end of file
+version: 6.0.0
appVersion: "1.0"
description: DCAE Dashboard
name: dcae-dashboard
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Deployment Handler
name: dcae-deployment-handler
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Health Check
name: dcae-healthcheck
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Inventory API Service
name: dcae-inventory-api
-version: 5.0.0
\ No newline at end of file
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Policy Handler
name: dcae-policy-handler
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Redis
name: dcae-redis
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Service Change Handler
name: dcae-servicechange-handler
-version: 5.0.0
\ No newline at end of file
+version: 6.0.0
- name: common
version: ~5.x-0
repository: '@local'
+ - name: dcae-bootstrap
+ version: ~6.x-0
+ repository: 'file://components/dcae-bootstrap'
+ condition: dcae-bootstrap.enabled
+ - name: dcae-cloudify-manager
+ version: ~6.x-0
+ repository: 'file://components/dcae-cloudify-manager'
+ condition: dcae-cloudify-manager.enabled
+ - name: dcae-config-binding-service
+ version: ~6.x-0
+ repository: 'file://components/dcae-config-binding-service'
+ condition: dcae-config-binding-service.enabled
+ - name: dcae-healthcheck
+ version: ~6.x-0
+ repository: 'file://components/dcae-healthcheck'
+ condition: dcae-healthcheck.enabled
+ - name: dcae-redis
+ version: ~6.x-0
+ repository: 'file://components/dcae-redis'
+ condition: dcae-redis.enabled
+ - name: dcae-servicechange-handler
+ version: ~6.x-0
+ repository: 'file://components/dcae-servicechange-handler'
+ condition: dcae-servicechange-handler.enabled
+ - name: dcae-inventory-api
+ version: ~6.x-0
+ repository: 'file://components/dcae-inventory-api'
+ condition: dcae-inventory-api.enabled
+ - name: dcae-deployment-handler
+ version: ~6.x-0
+ repository: 'file://components/dcae-deployment-handler'
+ condition: dcae-deployment-handler.enabled
+ - name: dcae-policy-handler
+ version: ~6.x-0
+ repository: 'file://components/dcae-policy-handler'
+ condition: dcae-policy-handler.enabled
+ - name: dcae-dashboard
+ version: ~6.x-0
+ repository: 'file://components/dcae-dashboard'
+ condition: dcae-dashboard.enabled
+
periodSeconds: 10
service:
- type: NodePort
+ type: ClusterIP
name: msb-consul
externalPort: 8500
internalPort: 8500
periodSeconds: 10
service:
- type: NodePort
+ type: ClusterIP
name: msb-discovery
externalPort: 10081
internalPort: 10081
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: http-{{ .Values.service.name }}
- port: {{ .Values.service.externalPortHttps }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePortHttps }}
name: https-{{ .Values.service.name }}
name: msb-eag
externalPort: 80
internalPort: 80
- nodePort: 82
externalPortHttps: 443
internalPortHttps: 443
nodePortHttps: 84
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: http-{{ .Values.service.name }}
- port: {{ .Values.service.externalPortHttps }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePortHttps }}
name: https-{{ .Values.service.name }}
+++ /dev/null
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
+++ /dev/null
-# Copyright (c) 2019 Lenovo
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: ONAP multicloud OpenStack Lenovo Plugin
-name: multicloud-lenovo
-version: 5.0.0
+++ /dev/null
-# Copyright (c) 2019 Lenovo Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-version: 1
-disable_existing_loggers: False
-
-loggers:
- thinkcloud:
- handlers: [thinkcloud_handler]
- level: "DEBUG"
- propagate: False
- newton_base:
- handlers: [thinkcloud_handler]
- level: "DEBUG"
- propagate: False
- common:
- handlers: [thinkcloud_handler]
- level: "DEBUG"
- propagate: False
-
-handlers:
- thinkcloud_handler:
- level: "DEBUG"
- class: "logging.handlers.RotatingFileHandler"
- filename: "/var/log/onap/multicloud/openstack/lenovo/thinkcloud.log"
- formatter: "mdcFormat"
- maxBytes: 1024*1024*50
- backupCount: 10
-
-formatters:
- standard:
- format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s"
- mdcFormat:
- format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t"
- mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}"
- datefmt: "%Y-%m-%d %H:%M:%S"
- (): onaplogging.mdcformatter.MDCFormatter
+++ /dev/null
-# Copyright (c) 2019 Lenovo
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
+++ /dev/null
-{{/*
-# Copyright (c) 2019 Lenovo
-# #
-# # Licensed under the Apache License, Version 2.0 (the "License");
-# # you may not use this file except in compliance with the License.
-# # You may obtain a copy of the License at
-# #
-# # http://www.apache.org/licenses/LICENSE-2.0
-# #
-# # Unless required by applicable law or agreed to in writing, software
-# # distributed under the License is distributed on an "AS IS" BASIS,
-# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# # See the License for the specific language governing permissions and
-# # limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-log-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }}
+++ /dev/null
-{{/*
-# Copyright (c) 2019 Lenovo
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- name: {{ include "common.name" . }}
- annotations:
- sidecar.istio.io/inject: "{{.Values.istioSidecar}}"
- spec:
- containers:
- - env:
- - name: MSB_ADDR
- value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}"
- - name: MSB_PORT
- value: "{{ .Values.config.msbPort }}"
- - name: AAI_ADDR
- value: aai.{{ include "common.namespace" . }}
- - name: AAI_PORT
- value: "{{ .Values.config.aai.port }}"
- - name: AAI_SCHEMA_VERSION
- value: "{{ .Values.config.aai.schemaVersion }}"
- - name: AAI_USERNAME
- value: "{{ .Values.config.aai.username }}"
- - name: AAI_PASSWORD
- value: "{{ .Values.config.aai.password }}"
- name: {{ include "common.name" . }}
- volumeMounts:
- - mountPath: /var/log/onap
- name: lenovo-log
- - mountPath: /opt/lenovo/thinkcloud/pub/config/log.yml
- name: lenovo-logconfig
- subPath: log.yml
- resources:
-{{ include "common.resources" . | indent 12 }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{ if .Values.liveness.enabled }}
- livenessProbe:
- httpGet:
- path: /api/multicloud-thinkcloud/v1/swagger.json
- port: {{ .Values.service.internalPort }}
- scheme: HTTP
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
- successThreshold: {{ .Values.liveness.successThreshold }}
- failureThreshold: {{ .Values.liveness.failureThreshold }}
- {{ end }}
- # side car containers
- - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: filebeat-onap
- volumeMounts:
- - mountPath: /usr/share/filebeat/filebeat.yml
- name: filebeat-conf
- subPath: filebeat.yml
- - mountPath: /var/log/onap
- name: lenovo-log
- - mountPath: /usr/share/filebeat/data
- name: lenovo-data-filebeat
-
- volumes:
- - name: lenovo-log
- emptyDir: {}
- - name: lenovo-data-filebeat
- emptyDir: {}
- - name: filebeat-conf
- configMap:
- name: multicloud-filebeat-configmap
- - name: lenovo-logconfig
- configMap:
- name: {{ include "common.fullname" . }}-log-configmap
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
- restartPolicy: Always
+++ /dev/null
-{{/*
-# Copyright (c) 2019 Lenovo
-# #
-# # Licensed under the Apache License, Version 2.0 (the "License");
-# # you may not use this file except in compliance with the License.
-# # You may obtain a copy of the License at
-# #
-# # http://www.apache.org/licenses/LICENSE-2.0
-# #
-# # Unless required by applicable law or agreed to in writing, software
-# # distributed under the License is distributed on an "AS IS" BASIS,
-# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# # See the License for the specific language governing permissions and
-# # limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
- annotations:
- msb.onap.org/service-info: '[
- {
- "serviceName": "multicloud-thinkcloud",
- "version": "v0",
- "url": "/api/multicloud-thinkcloud/v0",
- "protocol": "REST",
- "port": "{{ .Values.service.externalPort }}",
- "visualRange": "1"
- },
- {
- "serviceName": "multicloud-thinkcloud",
- "version": "v1",
- "url": "/api/multicloud-thinkcloud/v1",
- "protocol": "REST",
- "port": "{{ .Values.service.externalPort }}",
- "visualRange": "1"
- }
- ]'
-
-spec:
- ports:
- {{ if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- type: {{ .Values.service.type }}
+++ /dev/null
-# Copyright (c) 2019 Lenovo
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 304
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: onap/multicloud/openstack-lenovo:1.3.4
-pullPolicy: Always
-
-#Istio sidecar injection policy
-istioSidecar: true
-
-# application configuration
-config:
- msbgateway: msb-iag
- msbPort: 80
- aai:
- port: 8443
- schemaVersion: v13
- username: AAI
- password: AAI
-
-service:
- type: ClusterIP
- name: multicloud-thinkcloud
- portName: multicloud-thinkcloud
- externalPort: 9010
- internalPort: 9010
- nodePort: 86
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 30
- periodSeconds: 10
- timeoutSeconds: 10
- successThreshold: 1
- failureThreshold: 5
- enabled: true
-
-ingress:
- enabled: false
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 1
- memory: 4Gi
- requests:
- cpu: 10m
- memory: 1Gi
- large:
- limits:
- cpu: 2
- memory: 8Gi
- requests:
- cpu: 20m
- memory: 2Gi
- unlimited: {}
repository: '@local'
condition: contrib.enabled
- name: dcaegen2
- version: ~5.x-0
+ version: ~6.x-0
repository: '@local'
condition: dcaegen2.enabled
- name: dmaap
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=========================================================
{
- "name": "XacmlPdpGroup",
+ "name": "XacmlPdpParameters",
+ "pdpGroup": "defaultGroup",
"restServerParameters": {
"host": "0.0.0.0",
"port": 6969,
-Subproject commit 31450dcb11d18b81098b43d0d0b7ecdb0d69e238
+Subproject commit 6e38b492acd3ec44a869055092399b6f18c659b8
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: ONAP VID MariaDB Galera cluster
-name: vid_mariadb_galera
-version: 5.0.0
-keywords:
- - mariadb
- - mysql
- - database
- - sql
- - galera
- - cluster
\ No newline at end of file
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-MariaDB-Galera service can be accessed via port 3306 on the following DNS name from within your cluster:
-{{ include "common.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
-
-To connect to your database:
-
-1. Run a pod that you can use as a client:
-
- kubectl run {{ include "common.fullname" . }}-client --rm --tty -i --image mariadb --command -- bash
-
-2. Connect using the mysql cli, then provide your password:
- $ mysql -h {{ include "common.fullname" . }} {{- if .Values.mysqlRootPassword }} -p {{ .Values.mysqlRootPassword }}{{- end -}}
-
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-confd
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }}
----
-{{- if .Values.externalConfig }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-externalconfig
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
- my_extra.cnf: |-
- [mysqld]
- lower_case_table_names = 1
-
-#{{ toYaml .Values.externalConfig | indent 4 }}
-#{{- end -}}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-type: Opaque
-data:
- db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }}
- user-password: {{ default "" .Values.config.userPassword | b64enc | quote }}
\ No newline at end of file
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- annotations:
- service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
-# name: {{ include "common.servicename" . }}
- name: {{ .Values.service.name }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-spec:
- ports:
- - name: {{ .Values.service.portName }}
- port: {{ .Values.service.internalPort }}
- clusterIP: None
- selector:
- app: {{ include "common.fullname" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: apps/v1beta1
-kind: StatefulSet
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-spec:
-# serviceName: {{ include "common.fullname" . }}
- serviceName: {{ .Values.service.name }}
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.fullname" . }}
- release: {{ .Release.Name }}
- annotations:
- pod.alpha.kubernetes.io/initialized: "true"
- spec:
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 8 }}
- {{- end }}
- volumes:
- {{- if .Values.externalConfig }}
- - name: config
- configMap:
- name: {{ include "common.fullname" . }}-externalconfig
- {{- end}}
- - name: localtime
- hostPath:
- path: /etc/localtime
- imagePullSecrets:
- - name: {{ include "common.namespace" . }}-docker-registry-key
- containers:
- - name: {{ include "common.fullname" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy | quote}}
- env:
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- - name: MYSQL_USER
- value: {{ default "" .Values.config.userName | quote }}
- - name: MYSQL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: user-password
- - name: MYSQL_DATABASE
- value: {{ default "" .Values.config.mysqlDatabase | quote }}
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-root-password
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
- - containerPort: {{ .Values.service.sstPort }}
- name: {{ .Values.service.sstName }}
- - containerPort: {{ .Values.service.replicationPort }}
- name: {{ .Values.service.replicationName }}
- - containerPort: {{ .Values.service.istPort }}
- name: {{ .Values.service.istName }}
- readinessProbe:
- exec:
- command:
- - /usr/share/container-scripts/mysql/readiness-probe.sh
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- exec:
- command: ["mysqladmin", "ping"]
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
- {{- end }}
- resources:
-{{ include "common.resources" . | indent 12 }}
- volumeMounts:
- {{- if .Values.externalConfig }}
- - mountPath: /etc/config
- name: config
- {{- end}}
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
-{{- if .Values.persistence.enabled }}
- - mountPath: /var/lib/mysql
- name: {{ include "common.fullname" . }}-data
- subPath: data
- initContainers:
- - name: mariadb-galera-prepare
- image: "{{ include "common.repository" . }}/{{ .Values.imageInit }}"
- command: ["sh", "-c", "chown -R 27:27 /var/lib/mysql"]
- volumeMounts:
- - name: {{ include "common.fullname" . }}-data
- mountPath: /var/lib/mysql
- volumeClaimTemplates:
- - metadata:
- name: {{ include "common.fullname" . }}-data
- labels:
- name: {{ include "common.fullname" . }}
- annotations:
- {{- if .Values.persistence.storageClass }}
- volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass | quote }}
- {{- else }}
- volume.alpha.kubernetes.io/storage-class: default
- {{- end }}
- spec:
- accessModes:
- - {{ .Values.persistence.accessMode | quote }}
- resources:
- requests:
- storage: {{ .Values.persistence.size | quote }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
-{{- end }}
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
- repository: nexus3.onap.org:10001
-
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-
-#repository: mysql
-repository: nexus3.onap.org:10001
-image: adfinissygroup/k8s-mariadb-galera-centos:v004
-imageInit: busybox
-pullPolicy: IfNotPresent
-
-# application configuration
-config:
- mariadbRootPassword: secretpassword
-# userName: my-user
-# userPassword: my-password
-# mysqlDatabase: my-database
- userName: vidadmin
- userPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
- mysqlDatabase: vid_openecomp_epsdk
-
-
-# default number of instances in the StatefulSet
-replicaCount: 2
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 30
- periodSeconds: 10
- timeoutSeconds: 5
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: false
-
-readiness:
- initialDelaySeconds: 15
- periodSeconds: 10
-
-## Persist data to a persitent volume
-persistence:
- enabled: false
-
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
-
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- ##
- # storageClass: "-"
- accessMode: ReadWriteOnce
- size: 2Gi
-
-
-service:
- internalPort: 3306
- name: vid-galera
- portName: vid-galera
- sstPort: 4444
- sstName: sst
- replicationPort: 4567
- replicationName: replication
- istPort: 4568
- istName: ist
-
-ingress:
- enabled: false
-
-
-## Configure MariaDB-Galera with a custom my.cnf file
-## ref: https://mariadb.com/kb/en/mariadb/configuring-mariadb-with-mycnf/#example-of-configuration-file
-##
-#externalConfig: {}
-externalConfig: |-
- lower_case_table_names = 1
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 10m
- memory: 1Gi
- requests:
- cpu: 10m
- memory: 500Mi
- large:
- limits:
- cpu: 20m
- memory: 2Gi
- requests:
- cpu: 20m
- memory: 1Gi
- unlimited: {}
-# Name for mariadb-galera cluster - should be unique accross all projects or other clusters
-nameOverride: vid-mariadb-galera
-
-# DNS name for mariadb-galera cluster - should be unique accross all projects other clusters
-#dnsnameOverride: mariadb-galera
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: mariadb-galera
+ version: ~5.x-0
+ repository: '@local'
- name: VID_UEB_URL_LIST
value: message-router.{{ include "common.namespace" . }}
- name: VID_MYSQL_HOST
- value: "{{ .Values.config.vidmysqlhost }}"
+ value: {{ index .Values "mariadb-galera" "service" "name" }}
- name: VID_MYSQL_PORT
- value: "{{ .Values.config.vidmysqlport }}"
+ value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}"
- name: VID_MYSQL_DBNAME
- value: "{{ .Values.config.vidmysqldbname }}"
+ value: {{ index .Values "mariadb-galera" "config" "mysqlDatabase" }}
- name: VID_MYSQL_USER
- value: "{{ .Values.config.vidmysqluser }}"
+ value: {{ index .Values "mariadb-galera" "config" "userName" }}
- name: VID_MYSQL_PASS
- value: "{{ .Values.config.vidmysqlpassword }}"
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-db
+ key: db-user-password
#valueFrom:
# secretKeyRef: {name: {{ include "common.fullname" . }}, key: vid-password}
- name: VID_MYSQL_MAXCONNECTIONS
name: {{ include "common.fullname" . }}-log-configmap
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
-
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command:
- /root/ready.py
-{{- $fullname := include "common.fullname" . -}}
-{{- range $i,$t := until (int .Values.vid_mariadb_galera.replicaCount)}}
- --container-name
- - {{ $fullname }}-mariadb-galera-{{$i}}
-{{- end }}
+ - {{ index .Values "mariadb-galera" "service" "name" }}
env:
- name: NAMESPACE
valueFrom:
- /dbcmd-config/db_cmd.sh
env:
- name: MYSQL_PASSWORD
- value: "{{ .Values.config.vidmysqlpassword }}"
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-db
+ key: db-user-password
- name: MYSQL_HOST
- value: "{{ .Values.config.vidmysqlhost }}"
+ value: {{ index .Values "mariadb-galera" "service" "name" }}
- name: MYSQL_USER
- value: "{{ .Values.config.vidmysqluser }}"
+ value: {{ index .Values "mariadb-galera" "config" "userName" }}
- name: MYSQL_PORT
- value: "{{ .Values.config.vidmysqlport }}"
+ value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}"
restartPolicy: Never
volumes:
- name: {{ include "common.fullname" . }}-config
path: db_cmd.sh
- key: vid-pre-init.sql
path: vid-pre-init.sql
-
type: Opaque
data:
{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-db
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+type: Opaque
+data:
+ db-user-password: {{ index .Values "mariadb-galera" "config" "userPassword" | b64enc | quote }}
+ db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }}
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.1
+ readinessImage: readiness-check:2.0.2
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
vidmsopass: OBF:1ih71i271vny1yf41ymf1ylz1yf21vn41hzj1icz
msodme2serverurl: http://localhost:8081
vidcontactuslink: https://todo_contact_us_link.com
- vidmysqlhost: vid-galera
- vidmysqlport: "3306"
- vidmysqldbname: vid_openecomp_epsdk
- vidmysqluser: vidadmin
vidmysqlmaxconnections: "5"
logstashServiceName: log-ls
logstashPort: 5044
roleaccesscentralized: remote
-# subchart configuration
-vid_mariadb_galera:
-# nameOverride: vid-mariadb-galera
- replicaCount: 1
+mariadb-galera:
+ config:
+ userName: vidadmin
+ userPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+ mariadbRootPassword: kjgsdhjqhawxvnbpoiawsfgjsqhsgjhjhdqihhjqdvcbxkjchizpw
+ mysqlDatabase: vid_openecomp_epsdk
+ nameOverride: vid-galera
+ service:
+ name: vid-galera
+ portName: mysql-vid
+ internalPort: "3306"
+ replicaCount: 3
+ persistence:
+ enabled: true
+ mountSubPath: vid/maria/data
+ externalConfig: |-
+ lower_case_table_names = 1
# default number of instances
replicaCount: 1