+# Unit tests
+__snapshot__
+
# Application
kubernetes/config/onap-parameters.yaml
kubernetes/dist/*
# Mac OS
*DS_Store*
-
> sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm
-**Step 3.** Customize the helm charts like oom/kubernetes/onap/values.yaml or an override
-file like onap-all.yaml, onap-vfw.yaml or openstack.yaml file to suit your deployment with items like the
-OpenStack tenant information.
+**Step 3.** Customize the helm charts like `oom/kubernetes/onap/values.yaml` or an override
+file like `onap-all.yaml`, `onap-vfw.yaml` or `openstack.yaml` file to suit your deployment
+with items like the OpenStack tenant information.
.. note::
- Standard and example override files (e.g. onap-all.yaml, openstack.yaml) can be found in
- the oom/kubernetes/onap/resources/overrides/ directory.
+ Standard and example override files (e.g. `onap-all.yaml`, `openstack.yaml`) can be found in
+ the `oom/kubernetes/onap/resources/overrides/` directory.
a. You may want to selectively enable or disable ONAP components by changing
- the `enabled: true/false` flags.
+ the ``enabled: true/false`` flags.
- b. Encyrpt the OpenStack password using the shell tool for robot and put it in
- the robot helm charts or robot section of openstack.yaml
+ b. Encrypt the OpenStack password using the shell tool for robot and put it in
+ the robot helm charts or robot section of `openstack.yaml`
c. Encrypt the OpenStack password using the java based script for SO helm charts
- or SO section of openstack.yaml.
+ or SO section of `openstack.yaml`.
d. Update the OpenStack parameters that will be used by robot, SO and APPC helm
Here is an example of the nominal entries that need to be provided.
We have different values file available for different contexts.
-.. literalinclude:: onap-values.yaml
+.. literalinclude:: ../kubernetes/onap/values.yaml
:language: yaml
openssl algorithm that works with the python based Robot Framework.
.. note::
- To generate ROBOT openStackEncryptedPasswordHere :
+ To generate ROBOT ``openStackEncryptedPasswordHere``::
- ``cd so/resources/config/mso/``
-
- ``/oom/kubernetes/so/resources/config/mso# echo -n "<openstack tenant password>" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p``
+ cd so/resources/config/mso/
+ /oom/kubernetes/so/resources/config/mso# echo -n "<openstack tenant password>" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p``
c. Generating SO Encrypted Password:
The SO Encrypted Password uses a java based encryption utility since the
ROBOT uses in Dublin.
.. note::
- To generate SO openStackEncryptedPasswordHere and openStackSoEncryptedPassword:
-
- SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key`
-
- OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX
-
- git clone http://gerrit.onap.org/r/integration
+ To generate SO ``openStackEncryptedPasswordHere`` and ``openStackSoEncryptedPassword``
+ ensure `default-jdk` is installed::
- cd integration/deployment/heat/onap-rke/scripts
+ apt-get update; apt-get install default-jdk
+ Then execute::
- javac Crypto.java
+ SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key`
+ OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX
- [ if javac is not installed 'apt-get update ; apt-get install default-jdk' ]
-
- java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY"
+ git clone http://gerrit.onap.org/r/integration
+ cd integration/deployment/heat/onap-rke/scripts
+ javac Crypto.java
+ java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY"
d. Update the OpenStack parameters:
automation that can help confirm the setup is correct, please observe the following
constraints.
-openStackPublicNetId:
-
-This network should allow heat templates to add interfaces.
-This need not be an external network, floating IPs can be assigned to the ports on
-the VMs that are created by the heat template but its important that neutron allow
-ports to be created on them.
-
-openStackPrivateNetCidr: "10.0.0.0/16"
+``openStackPublicNetId:``
+ This network should allow heat templates to add interfaces.
+ This need not be an external network, floating IPs can be assigned to the ports on
+ the VMs that are created by the heat template but its important that neutron allow
+ ports to be created on them.
-This ip address block is used to assign OA&M addresses on VNFs to allow ONAP connectivity.
-The demonstration heat templates assume that 10.0 prefix can be used by the VNFs and the
-demonstration ip addressing plan embodied in the preload template prevent conflicts when
-instantiating the various VNFs. If you need to change this, you will need to modify the preload
-data in the robot helm chart like integration_preload_parametes.py and the demo/heat/preload_data
-in the robot container. The size of the CIDR should be sufficient for ONAP and the VMs you expect
-to create.
+``openStackPrivateNetCidr: "10.0.0.0/16"``
+ This ip address block is used to assign OA&M addresses on VNFs to allow ONAP connectivity.
+ The demonstration heat templates assume that 10.0 prefix can be used by the VNFs and the
+ demonstration ip addressing plan embodied in the preload template prevent conflicts when
+ instantiating the various VNFs. If you need to change this, you will need to modify the preload
+ data in the robot helm chart like integration_preload_parametes.py and the demo/heat/preload_data
+ in the robot container. The size of the CIDR should be sufficient for ONAP and the VMs you expect
+ to create.
-openStackOamNetworkCidrPrefix: "10.0"
-
-This ip prefix mush match the openStackPrivateNetCidr and is a helper variable to some of the
-robot scripts for demonstration. A production deployment need not worry about this
-setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix.
+``openStackOamNetworkCidrPrefix: "10.0"``
+ This ip prefix mush match the openStackPrivateNetCidr and is a helper variable to some of the
+ robot scripts for demonstration. A production deployment need not worry about this
+ setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix.
Example Keystone v2.0
+
.. literalinclude:: example-integration-override.yaml
:language: yaml
Example Keystone v3 (required for Rocky and later releases)
+
.. literalinclude:: example-integration-override-v3.yaml
:language: yaml
.. literalinclude:: helm-search.txt
.. note::
- The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use `make` to update your local Helm repository.
+ The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use ``make`` to update your local Helm repository.
**Step 8.** Once the repo is setup, installation of ONAP can be done with a
single command
.. note::
- The --timeout 900 is currently required in Dublin to address long running initialization tasks
+ The ``--timeout 900`` is currently required in Dublin to address long running initialization tasks
for DMaaP and SO. Without this timeout value both applications may fail to deploy.
To deploy all ONAP applications use this command::
All override files may be customized (or replaced by other overrides) as per needs.
-onap-all.yaml
-
+`onap-all.yaml`
Enables the modules in the ONAP deployment. As ONAP is very modular, it is possible to customize ONAP and disable some components through this configuration file.
-environment.yaml
-
+`environment.yaml`
Includes configuration values specific to the deployment environment.
Example: adapt readiness and liveness timers to the level of performance of your infrastructure
-openstack.yaml
-
+`openstack.yaml`
Includes all the Openstack related information for the default target tenant you want to use to deploy VNFs from ONAP and/or additional parameters for the embedded tests.
**Step 9.** Verify ONAP installation
.. note::
While all pods may be in a Running state, it is not a guarantee that all components are running fine.
- Launch the healthcheck tests using Robot to verify that the components are healthy.
+ Launch the healthcheck tests using Robot to verify that the components are healthy::
- > ~/oom/kubernetes/robot/ete-k8s.sh onap health
+ > ~/oom/kubernetes/robot/ete-k8s.sh onap health
-**Step 10.** Undeploy ONAP
+**Step 10.** Undeploy ONAP::
-> helm undeploy dev --purge
+ > helm undeploy dev --purge
More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins
The top level onap/values.yaml file contains the values required to be set
before deploying ONAP. Here is the contents of this file:
-.. include:: onap_values.yaml
+.. include:: ../kubernetes/onap/values.yaml
:code: yaml
One may wish to create a value file that is specific to a given deployment such
ONAP Operations Manager Release Notes
=====================================
+Version 5.0.1 (El Alto Release)
+----------------------------------
+
+:Release Date: 2019-10-10
+
+Summary
+-------
+
+The focus of this release was on maintanence and as such no new features were delivered.
+A list of issues resolved in this release can be found here: https://jira.onap.org/projects/OOM/versions/10726
+
+**New Features**
+
+**Bug Fixes**
+
+* 25 defects addressed (see link above)
+
+**Known Issues**
+
+The following known issues will be addressed in a future release:
+
+* [`OOM-1480 <https://jira.onap.org/browse/OOM-1480>`_] - postgres chart does not set root password when installing on an existing database instances
+* [`OOM-1966 <https://jira.onap.org/browse/OOM-1966>`_] - ONAP on HA Kubernetes Cluster - Documentation update
+* [`OOM-1995 <https://jira.onap.org/browse/OOM-1995>`_] - Mariadb Galera cluster pods keep failing
+* [`OOM-2061 <https://jira.onap.org/browse/OOM-2061>`_] - Details Missing for installing the kubectl section
+* [`OOM-2075 <https://jira.onap.org/browse/OOM-2075>`_] - Invalid MTU for Canal CNI interfaces
+* [`OOM-2080 <https://jira.onap.org/browse/OOM-2080>`_] - Need for "ReadWriteMany" access on storage when deploying on Kubernetes?
+* [`OOM-2091 <https://jira.onap.org/browse/OOM-2091>`_] - incorrect release deployed
+* [`OOM-2132 <https://jira.onap.org/browse/OOM-2132>`_] - Common Galera server.cnf does not contain Camunda required settings
+
+**Security Notes**
+
+*Fixed Security Issues*
+
+*Known Security Issues*
+
+* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_]
+* Hard coded password used for all oom deployments [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
+* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 <https://jira.onap.org/browse/OJSI-202>`_]
+
+*Known Vulnerabilities in Used Modules*
+
+OOM code has been formally scanned during build time using NexusIQ and no
+Critical vulnerability was found.
+
+Quick Links:
+
+ - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
+
+ - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
+
+
+
Version 5.0.0 (El Alto Early Drop)
----------------------------------
#Mount the remote NFS directory to the local one
sudo mount $MASTER_IP:/dockerdata-nfs /dockerdata-nfs/
-echo "$MASTER_IP:/dockerdata-nfs /dockerdata-nfs nfs auto,nofail,noatime,nolock,intr,tcp,actimeo=1800 0 0" | sudo tee -a /etc/fstab
+echo "$MASTER_IP:/dockerdata-nfs /dockerdata-nfs nfs auto,nofail,noatime,nolock,intr,tcp,actimeo=1800 0 0" | sudo tee -a /etc/fstab
PACKAGE_DIR := $(OUTPUT_DIR)/packages
SECRET_DIR := $(OUTPUT_DIR)/secrets
-EXCLUDES := config oneclick readiness test dist helm $(PARENT_CHART) dcae
+SUBMODS := robot aai
+EXCLUDES := config oneclick readiness test dist helm $(PARENT_CHART) dcae $(SUBMODS)
HELM_CHARTS := $(filter-out $(EXCLUDES), $(patsubst %/.,%,$(wildcard */.))) $(PARENT_CHART)
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+.PHONY: $(EXCLUDES) $(HELM_CHARTS) $(SUBMODS)
-all: $(COMMON_CHARTS_DIR) $(HELM_CHARTS) plugins
+all: $(COMMON_CHARTS_DIR) $(SUBMODS) $(HELM_CHARTS) plugins
$(COMMON_CHARTS):
@echo "\n[$@]"
@echo "\n[$@]"
@make package-$@
+$(SUBMODS):
+ @echo "\n[$@]"
+ @make submod-$@
+ @make package-$@
+
+submod-%:
+ @make $*/requirements.yaml
+
+%/requirements.yaml:
+ $(error Submodule $* needs to be retrieved from gerrit. See https://wiki.onap.org/display/DW/OOM+-+Development+workflow+after+code+transfer+to+tech+teams ); fi
+
+
make-%:
@if [ -f $*/Makefile ]; then make -C $*; fi
path: /etc/localtime
- name: aaf-status-vol
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-status-pvc
+ claimName: {{ .Release.Name }}-aaf-status
- name: aaf-cass-vol
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-pvc
+ claimName: {{ include "common.fullname" . }}-data
{{- else }}
emptyDir: {}
{{- end }}
# limitations under the License.
*/}}
-{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) }}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}-pv
+ name: {{ include "common.fullname" . }}-data
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
+{{- end -}}
{{- end -}}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
- name: {{ include "common.fullname" .}}-pvc
+ name: {{ include "common.fullname" .}}-data
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
+ storageClassName: {{ include "common.storageClass" . }}
{{- end -}}
enabled: false
# Configure resource requests and limits
-resources: {}
- # Following AAI's advice, and not trying to guess on Cass usage. Guessing just makes it slow
-# small:
-# limits:
-# cpu: "1000m"
-# memory: 4096Mi
-# requests:
-# cpu: 20m
-# memory: 2048Mi
-# large:
-# limits:
-# cpu: 400m
-# memory: 12000Mi
-# requests:
-# cpu: 40m
-# memory: 9000Mi
-# unlimited: {}
+resources:
+ small:
+ limits:
+ cpu: 2100m
+ memory: 1792Mi
+ requests:
+ cpu: 30m
+ memory: 1280Mi
+ large:
+ limits:
+ cpu: 4
+ memory: 12000Mi
+ requests:
+ cpu: 40m
+ memory: 9000Mi
+ unlimited: {}
persistence:
enabled: true
volumeReclaimPolicy: Retain
accessMode: ReadWriteOnce
size: 20Gi
- storageClass: "manual"
path: /etc/localtime
- name: aaf-status-vol
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-status-pvc
+ claimName: {{ .Release.Name }}-aaf-status
- name: aaf-config-vol
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-config-pvc
+ claimName: {{ .Release.Name }}-aaf-config
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+
+{{ include "common.ingress" . }}
+
+
ingress:
enabled: false
+ service:
+ - baseaddr: "aafcm"
+ name: "aaf-cm"
+ port: 8150
+ config:
+ ssl: "none"
# Configure resource requests and limits
-resources: {}
-# Allow END users to do this, if they want. Detrimental to Test services
-# small:
-# limits:
-# cpu: 200m
-# memory: 800Mi
-# requests:
-# cpu: 20m
-# memory: 500Mi
-# large:
-# limits:
-# cpu: 400m
-# memory: 1Gi
-# requests:
-# cpu: 40m
-# memory: 600Mi
-# unlimited: {}
+resources:
+ small:
+ limits:
+ cpu: 20m
+ memory: 300Mi
+ requests:
+ cpu: 1m
+ memory: 200Mi
+ large:
+ limits:
+ cpu: 400m
+ memory: 1Gi
+ requests:
+ cpu: 40m
+ memory: 600Mi
+ unlimited: {}
path: /etc/localtime
- name: aaf-status-vol
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-status-pvc
+ claimName: {{ .Release.Name }}-aaf-status
- name: aaf-config-vol
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-config-pvc
+ claimName: {{ .Release.Name }}-aaf-config
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+
+{{ include "common.ingress" . }}
+
+
ingress:
enabled: false
+ service:
+ - baseaddr: "aaffs"
+ name: "aaf-fs"
+ port: 8096
+ config:
+ ssl: "none"
# Configure resource requests and limits
-resources: {}
-# Allow END users to do this, if they want. Detrimental to Test services
-# small:
-# limits:
-# cpu: 200m
-# memory: 800Mi
-# requests:
-# cpu: 10m
-# memory: 300Mi
-# large:
-# limits:
-# cpu: 500m
-# memory: 700Mi
-# requests:
-# cpu: 100m
-# memory: 400Mi
-# unlimited: {}
+resources:
+ small:
+ limits:
+ cpu: 200m
+ memory: 110Mi
+ requests:
+ cpu: 1m
+ memory: 80Mi
+ large:
+ limits:
+ cpu: 500m
+ memory: 700Mi
+ requests:
+ cpu: 100m
+ memory: 400Mi
+ unlimited: {}
path: /etc/localtime
- name: aaf-status-vol
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-status-pvc
+ claimName: {{ .Release.Name }}-aaf-status
- name: aaf-config-vol
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-config-pvc
+ claimName: {{ .Release.Name }}-aaf-config
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+
+{{ include "common.ingress" . }}
+
+
ingress:
enabled: false
+ service:
+ - baseaddr: "aafgui"
+ name: "aaf-gui"
+ port: 8200
+ config:
+ ssl: "none"
# Configure resource requests and limits
-resources: {}
-# Allow END users to do this, if they want. Detrimental to Test services
-#resources:
-# small:
-# limits:
-# cpu: 100m
-# memory: 500Mi
-# requests:
-# cpu: 10m
-# memory: 200Mi
-# large:
-# limits:
-# cpu: 200m
-# memory: 1Gi
-# requests:
-# cpu: 100m
-# memory: 500Mi
-# unlimited: {}
+resources:
+ small:
+ limits:
+ cpu: 20m
+ memory: 280Mi
+ requests:
+ cpu: 1m
+ memory: 170Mi
+ large:
+ limits:
+ cpu: 200m
+ memory: 1Gi
+ requests:
+ cpu: 100m
+ memory: 500Mi
+ unlimited: {}
+{{- if ne 0 (int .Values.global.aaf.hello.replicas) }}
{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
#########
## ============LICENSE_START====================================================
## org.onap.aaf
- {{ .Values.persistence.config.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }}
hostPath:
- path: {{ .Values.persistence.config.mountPath }}
-{{- if .Values.persistence.config.storageClass }}
-{{- if (eq "-" .Values.persistence.config.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.config.storageClass }}"
-{{- end }}
-{{- end }}
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
+{{- end -}}
+{{- end -}}
{{- end -}}
+{{- if ne 0 (int .Values.global.aaf.hello.replicas) }}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
#########
## ============LICENSE_START====================================================
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}-hello
accessModes:
- {{ .Values.persistence.config.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.config.size }}
-{{- if .Values.persistence.config.storageClass }}
-{{- if (eq "-" .Values.persistence.config.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.config.storageClass }}"
-{{- end }}
-{{- end }}
+ storageClassName: {{ include "common.storageClass" . }}
+{{- end -}}
{{- end -}}
-
hostPath:
path: /etc/localtime
- name: aaf-hello-vol
+ {{- if and .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ .Release.Name }}-aaf-hello-pvc
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
initContainers:
--- /dev/null
+
+{{ include "common.ingress" . }}
+
+
persistence:
enabled: true
- config:
#existingClaim:
# You will want "Reatan" in non-Hello Example.
- volumeReclaimPolicy: Delete
- accessMode: ReadWriteMany
- size: 40M
- storageClass: "manual"
- mountPath: "/mnt/data/aaf/hello"
+ volumeReclaimPolicy: Delete
+ accessMode: ReadWriteMany
+ size: 40M
+ mountPath: /dockerdata-nfs
+ mountSubPath: aaf/hello
nodeSelector: {}
ingress:
enabled: false
+ service:
+ - baseaddr: "aafhello"
+ name: "aaf-hello"
+ port: 8130
+ config:
+ ssl: "none"
# Configure resource requests and limits
-resources: {}
-# Allow END users to do this, if they want. Detrimental to Test services
-#resources:
-# small:
-# limits:
-# cpu: 200m
-# memory: 500Mi
-# requests:
-# cpu: 10m
-# memory: 200Mi
-# large:
-# limits:
-# cpu: 400m
-# memory: 1Gi
-# requests:
-# cpu: 20m
-# memory: 500Mi
-# unlimited: {}
+resources:
+ small:
+ limits:
+ cpu: 200m
+ memory: 500Mi
+ requests:
+ cpu: 10m
+ memory: 200Mi
+ large:
+ limits:
+ cpu: 400m
+ memory: 1Gi
+ requests:
+ cpu: 20m
+ memory: 500Mi
+ unlimited: {}
path: /etc/localtime
- name: aaf-status-vol
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-status-pvc
+ claimName: {{ .Release.Name }}-aaf-status
- name: aaf-config-vol
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-config-pvc
+ claimName: {{ .Release.Name }}-aaf-config
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+
+{{ include "common.ingress" . }}
+
+
ingress:
enabled: false
+ service:
+ - baseaddr: "aaflocate"
+ name: "aaf-locate"
+ port: 8095
+ config:
+ ssl: "none"
# Configure resource requests and limits
-resources: {}
-# Allow END users to do this, if they want. Detrimental to Test services
-#resources:
-# small:
-# limits:
-# cpu: 200m
-# memory: 600Mi
-# requests:
-# cpu: 20m
-# memory: 300Mi
-# large:
-# limits:
-# cpu: 400m
-# memory: 1Gi
-# requests:
-# cpu: 40m
-# memory: 500Mi
-# unlimited: {}
+resources:
+ small:
+ limits:
+ cpu: 40m
+ memory: 320Mi
+ requests:
+ cpu: 1m
+ memory: 210Mi
+ large:
+ limits:
+ cpu: 400m
+ memory: 1Gi
+ requests:
+ cpu: 40m
+ memory: 500Mi
+ unlimited: {}
path: /etc/localtime
- name: aaf-status-vol
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-status-pvc
+ claimName: {{ .Release.Name }}-aaf-status
- name: aaf-config-vol
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-config-pvc
+ claimName: {{ .Release.Name }}-aaf-config
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
ingress:
enabled: false
+ service:
+ - baseaddr: "aafoauth"
+ name: "aaf-oauth"
+ port: 8140
+ config:
+ ssl: "none"
# Configure resource requests and limits
-resources: {}
-# Allow END users to do this, if they want. Detrimental to Test services
-#resources:
-# small:
-# limits:
-# cpu: 200m
-# memory: 400Mi
-# requests:
-# cpu: 20m
-# memory: 200Mi
-# large:
-# limits:
-# cpu: 400m
-# memory: 600Mi
-# requests:
-# cpu: 40m
-# memory: 200Mi
-# unlimited: {}
+resources:
+ small:
+ limits:
+ cpu: 40m
+ memory: 320Mi
+ requests:
+ cpu: 1m
+ memory: 210Mi
+ large:
+ limits:
+ cpu: 400m
+ memory: 600Mi
+ requests:
+ cpu: 40m
+ memory: 200Mi
+ unlimited: {}
path: /etc/localtime
- name: aaf-status-vol
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-status-pvc
+ claimName: {{ .Release.Name }}-aaf-status
- name: aaf-config-vol
persistentVolumeClaim:
- claimName: {{ .Release.Name }}-aaf-config-pvc
+ claimName: {{ .Release.Name }}-aaf-config
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+
+{{ include "common.ingress" . }}
+
+
ingress:
enabled: false
+ service:
+ - baseaddr: "aafservice"
+ name: "aaf-service"
+ port: 8100
+ config:
+ ssl: "none"
# Configure resource requests and limits
-resources: {}
-# Allow END users to do this, if they want. Detrimental to Test services
-#resources:
-# small:
-# limits:
-# cpu: 200m
-# memory: 800Mi
-# requests:
-# cpu: 20m
-# memory: 300Mi
-# large:
-# limits:
-# cpu: 400m
-# memory: 1Gi
-# requests:
-# cpu: 40m
-# memory: 300Mi
-# unlimited: {}
+resources:
+ small:
+ limits:
+ cpu: 250m
+ memory: 360Mi
+ requests:
+ cpu: 10m
+ memory: 250Mi
+ large:
+ limits:
+ cpu: 400m
+ memory: 1Gi
+ requests:
+ cpu: 40m
+ memory: 300Mi
+ unlimited: {}
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- $global := . }}
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) }}
+{{- range $i := until (int $global.Values.replicaCount)}}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
+ name: {{ include "common.fullname" $global }}-data-{{ $i }}
+ namespace: {{ include "common.namespace" $global }}
labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
+ app: {{ include "common.name" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}
spec:
capacity:
- storage: {{ .Values.persistence.size}}
+ storage: {{ $global.Values.persistence.size}}
accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ - {{ $global.Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
+---
+{{- end -}}
+{{- end -}}
+{{- end -}}
{{- end -}}
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
containers:
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
name: {{ include "common.name" . }}
- mountPath: /quorumclient/config.json
name: {{ include "common.name" .}}
subPath: config.json
+{{- if .Values.persistence.enabled }}
- mountPath: /quorumclient/auth
- name: {{ include "common.fullname" . }}-auth
+ name: {{ include "common.fullname" . }}-data
+{{- end }}
resources:
{{ include "common.resources" . | indent 10 }}
{{- if .Values.nodeSelector }}
- key: config.json
path: config.json
mode: 0755
- - name: {{ include "common.fullname" . }}-auth
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+{{- if .Values.persistence.enabled }}
+ volumeClaimTemplates:
+ - metadata:
+ name: {{ include "common.fullname" . }}-data
+ labels:
+ name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode | quote }}
+ storageClassName: {{ include "common.storageClass" . }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size | quote }}
+{{- end }}
resources:
small:
limits:
- cpu: 200m
- memory: 500Mi
+ cpu: 40m
+ memory: 40Mi
requests:
- cpu: 10m
+ cpu: 1m
memory: 10Mi
large:
limits:
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- $global := . }}
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) }}
+{{- range $i := until (int $global.Values.replicaCount)}}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
+ name: {{ include "common.fullname" $global }}-data-{{ $i }}
+ namespace: {{ include "common.namespace" $global }}
labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
+ app: {{ include "common.name" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}
spec:
capacity:
- storage: {{ .Values.persistence.size}}
+ storage: {{ $global.Values.persistence.size}}
accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ - {{ $global.Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
+---
+{{- end -}}
+{{- end -}}
+{{- end -}}
{{- end -}}
- name: http
containerPort: 8500
volumeMounts:
+{{- if .Values.persistence.enabled }}
- mountPath: /consul/data
- name: {{ include "common.fullname" . }}-consuldata
+ name: {{ include "common.fullname" . }}-data
+{{- end }}
- mountPath: /consul/config/config.json
name: {{ include "common.fullname" . }}-consulconfiguration
subPath: config.json
resources:
{{ include "common.resources" . | indent 10 }}
volumes:
- - name: {{ include "common.fullname" . }}-consuldata
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- name: {{ include "common.fullname" . }}-consulconfiguration
configMap:
name: {{ include "common.fullname" . }}-consul
hostPath:
path: /etc/localtime
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+{{- if .Values.persistence.enabled }}
+ volumeClaimTemplates:
+ - metadata:
+ name: {{ include "common.fullname" . }}-data
+ labels:
+ name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode | quote }}
+ storageClassName: {{ include "common.storageClass" . }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size | quote }}
+{{- end }}
resources:
small:
limits:
- cpu: 200m
- memory: 500Mi
+ cpu: 40m
+ memory: 40Mi
requests:
cpu: 10m
- memory: 10Mi
+ memory: 25Mi
large:
limits:
cpu: 400m
configMap:
name: {{ include "common.fullname" . }}
- name: {{ include "common.fullname" . }}-auth
+ {{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ include "common.fullname" . }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) }}
kind: PersistentVolume
apiVersion: v1
metadata:
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
+{{- end -}}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
+ storageClassName: {{ include "common.storageClass" . }}
{{- end -}}
resources:
small:
limits:
- cpu: 200m
- memory: 500Mi
+ cpu: 100m
+ memory: 15Mi
requests:
cpu: 10m
memory: 10Mi
resources:
small:
limits:
- cpu: 200m
- memory: 500Mi
+ cpu: 20m
+ memory: 50Mi
requests:
cpu: 10m
memory: 10Mi
*/}}
{{- if .Values.global.distcenter.enabled -}}
-
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) }}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-data
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
-
-{{- end -}}
\ No newline at end of file
+{{- end -}}
+{{- end -}}
*/}}
{{- if .Values.global.distcenter.enabled -}}
-
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
kind: PersistentVolumeClaim
apiVersion: v1
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
+ storageClassName: {{ include "common.storageClass" . }}
+{{- end -}}
{{- end -}}
-{{- end -}}
\ No newline at end of file
resources:
small:
limits:
- cpu: 200m
- memory: 500Mi
+ cpu: 20m
+ memory: 50Mi
requests:
cpu: 10m
memory: 10Mi
resources:
small:
limits:
- cpu: 200m
- memory: 500Mi
+ cpu: 20m
+ memory: 50Mi
requests:
cpu: 10m
memory: 10Mi
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) }}
kind: PersistentVolume
apiVersion: v1
metadata:
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.dataMountSubPath }}
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-dbus
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}-dbus
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.dbusMountSubPath }}
+{{- end -}}
{{- end -}}
--- /dev/null
+{{/*
+# Copyright 2018 Intel Corporation, Inc
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) }}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-dbus
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}-dbus
+spec:
+ capacity:
+ storage: {{ .Values.persistence.size}}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-dbus"
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.dbusMountSubPath }}
+{{- end -}}
+{{- end -}}
--- /dev/null
+{{/*
+# Copyright 2018 Intel Corporation, Inc
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-data
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size }}
+ storageClassName: {{ include "common.storageClass" . }}
+{{- end -}}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-dbus
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
+{{- if eq "True" (include "common.needPV" .) }}
+ storageClassName: "{{ include "common.fullname" . }}-dbus"
{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
+ storageClassName: {{ include "common.storageClass" . }}
{{- end }}
{{- end -}}
+++ /dev/null
-{{/*
-# Copyright 2018 Intel Corporation, Inc
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-data
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}-data
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
----
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-dbus
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}-dbus
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
resources:
small:
limits:
- cpu: 200m
- memory: 500Mi
+ cpu: 20m
+ memory: 50Mi
requests:
cpu: 10m
memory: 10Mi
+++ /dev/null
-{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
-#########
-## ============LICENSE_START====================================================
-## org.onap.aaf
-## ===========================================================================
-## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
-## ===========================================================================
-## Licensed under the Apache License, Version 2.0 (the "License");
-## you may not use this file except in compliance with the License.
-## You may obtain a copy of the License at
-##
-## http://www.apache.org/licenses/LICENSE-2.0
-##
-## Unless required by applicable law or agreed to in writing, software
-## distributed under the License is distributed on an "AS IS" BASIS,
-## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-## See the License for the specific language governing permissions and
-## limitations under the License.
-## ============LICENSE_END====================================================
-##
-
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ .Release.Name }}-aaf-config-pv
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ .Chart.Name }}-config
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.config.size}}
- accessModes:
- - {{ .Values.persistence.config.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.persistence.config.mountPath }}
-{{- if .Values.persistence.config.storageClass }}
-{{- if (eq "-" .Values.persistence.config.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.config.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
+++ /dev/null
-{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
-#########
-## ============LICENSE_START====================================================
-## org.onap.aaf
-## ===========================================================================
-## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
-## ===========================================================================
-## Licensed under the Apache License, Version 2.0 (the "License");
-## you may not use this file except in compliance with the License.
-## You may obtain a copy of the License at
-##
-## http://www.apache.org/licenses/LICENSE-2.0
-##
-## Unless required by applicable law or agreed to in writing, software
-## distributed under the License is distributed on an "AS IS" BASIS,
-## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-## See the License for the specific language governing permissions and
-## limitations under the License.
-## ============LICENSE_END====================================================
-##
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ .Release.Name }}-aaf-config-pvc
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}-config
- accessModes:
- - {{ .Values.persistence.config.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.config.size }}
-{{- if .Values.persistence.config.storageClass }}
-{{- if (eq "-" .Values.persistence.config.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.config.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
-
+++ /dev/null
-{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
-#########
-## ============LICENSE_START====================================================
-## org.onap.aaf
-## ===========================================================================
-## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
-## ===========================================================================
-## Licensed under the Apache License, Version 2.0 (the "License");
-## you may not use this file except in compliance with the License.
-## You may obtain a copy of the License at
-##
-## http://www.apache.org/licenses/LICENSE-2.0
-##
-## Unless required by applicable law or agreed to in writing, software
-## distributed under the License is distributed on an "AS IS" BASIS,
-## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-## See the License for the specific language governing permissions and
-## limitations under the License.
-## ============LICENSE_END====================================================
-##
-
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ .Release.Name }}-aaf-status-pv
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ .Chart.Name }}-status
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.status.size}}
- accessModes:
- - {{ .Values.persistence.status.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.status.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.persistence.status.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.status.mountSubPath }}
-{{- if .Values.persistence.status.storageClass }}
-{{- if (eq "-" .Values.persistence.status.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.status.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
+++ /dev/null
-{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
-#########
-## ============LICENSE_START====================================================
-## org.onap.aaf
-## ===========================================================================
-## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
-## ===========================================================================
-## Licensed under the Apache License, Version 2.0 (the "License");
-## you may not use this file except in compliance with the License.
-## You may obtain a copy of the License at
-##
-## http://www.apache.org/licenses/LICENSE-2.0
-##
-## Unless required by applicable law or agreed to in writing, software
-## distributed under the License is distributed on an "AS IS" BASIS,
-## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-## See the License for the specific language governing permissions and
-## limitations under the License.
-## ============LICENSE_END====================================================
-##
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ .Release.Name }}-aaf-status-pvc
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}-status
- accessModes:
- - {{ .Values.persistence.status.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.status.size }}
-{{- if .Values.persistence.status.storageClass }}
-{{- if (eq "-" .Values.persistence.status.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.status.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
-
--- /dev/null
+{{/*
+# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) }}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-config
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}-config
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.config.size}}
+ accessModes:
+ - {{ .Values.persistence.config.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.persistence.config.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.config.mountSubPath }}
+ storageClassName: "{{ include "common.fullname" . }}-config"
+{{- end -}}
+{{- end -}}
--- /dev/null
+{{/*
+# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) }}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-status
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}-status
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.status.size}}
+ accessModes:
+ - {{ .Values.persistence.status.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.status.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.persistence.status.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.status.mountSubPath }}
+ storageClassName: "{{ include "common.fullname" . }}-status"
+{{- end -}}
+{{- end -}}
--- /dev/null
+{{/*
+# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ .Release.Name }}-aaf-config
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ accessModes:
+ - {{ .Values.persistence.config.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.config.size }}
+{{- if eq "True" (include "common.needPV" .) }}
+ storageClassName: "{{ include "common.fullname" . }}-config"
+{{- else }}
+ storageClassName: {{ include "common.storageClass" . }}
+{{- end }}
+{{- end -}}
--- /dev/null
+{{/*
+# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ .Release.Name }}-aaf-status
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ accessModes:
+ - {{ .Values.persistence.status.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.status.size }}
+{{- if eq "True" (include "common.needPV" .) }}
+ storageClassName: "{{ include "common.fullname" . }}-status"
+{{- else }}
+ storageClassName: {{ include "common.storageClass" . }}
+{{- end }}
+{{- end -}}
volumeReclaimPolicy: Delete
accessMode: ReadWriteMany
size: 2Gi
- storageClass: "manual"
- mountPath: "/mnt/data/aaf/config"
+ mountPath: /dockerdata-nfs
+ mountSubPath: "config"
logs:
#existingClaim:
volumeReclaimPolicy: Retain
accessMode: ReadWriteMany
size: 2Gi
- storageClass: "manual"
mountPath: "/mnt/data/aaf/logs"
status:
volumeReclaimPolicy: Delete
accessMode: ReadWriteMany
size: 2M
- storageClass: "manual"
mountPath: /dockerdata-nfs
mountSubPath: "status"
cass:
volumeReclaimPolicy: Retain
accessMode: ReadWriteOnce
size: 10Gi
- storageClass: "manual"
mountPath: /dockerdata-nfs
mountSubPath: "cass"
-Subproject commit d68960684392a6da61805e4161ae032549db6102
+Subproject commit f636b1cc2bf7d391dc76956e906a6f497ef1b092
priv: provide_privated_key.pem
pub: provide_public_key.pem
-# RestServer authentication
-id: sdnc
-psswd: sdnc
-
# Mysql
host: {{.Values.config.mariadbGaleraSVCName}}
-user: appc
-passwd: appc
-db: ansible
# Playbooks
from_files: yes
*/}}
{{- $global := . }}
{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
{{- range $i, $t := until (int $global.Values.replicaCount)}}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" $global }}-playbook{{$i}}
+ name: {{ include "common.fullname" $global }}-playbook-{{$i}}
namespace: {{ include "common.namespace" $global }}
labels:
app: {{ include "common.fullname" $global }}
storage: {{ $global.Values.persistence.size}}
accessModes:
- {{ $global.Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" $global }}-playbook"
+ storageClassName: "{{ include "common.fullname" $global }}-data"
persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
hostPath:
path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
---
{{- end -}}
{{- end -}}
+{{- end -}}
+{{- end -}}
name: {{ include "common.fullname" . }}-playbook
labels:
name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
spec:
- accessModes: [ {{ .Values.persistence.accessMode }} ]
- storageClassName: {{ include "common.fullname" . }}-playbook
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
- accessMode: ReadWriteMany
+ accessMode: ReadWriteOnce
size: 1Gi
mountPath: /dockerdata-nfs
mountSubPath: appc/ansible
cpu: 1
memory: 1Gi
unlimited: {}
-
-
--- /dev/null
+{{ include "common.ingress" . }}
ingress:
enabled: false
+ service:
+ - baseaddr: appccdt
+ name: "appc-cdt"
+ port: 18080
+ config:
+ ssl: "none"
# Configure resource requests and limits
# ref: http://kubernetes.io/docs/user-guide/compute-resources/
echo "Starting cdt-proxy-service jar, logging to ${APPC_HOME}/cdt-proxy-service/jar.log"
java -jar ${APPC_HOME}/cdt-proxy-service/cdt-proxy-service.jar > ${APPC_HOME}/cdt-proxy-service/jar.log &
+echo "Starting dmaap-event-service jar, logging to ${APPC_HOME}/dmaap-event-service/jar.log"
+java -jar -Dorg_onap_appc_bootstrap_path=/opt/onap/appc/data/properties -Dorg_onap_appc_bootstrap_file=appc.properties ${APPC_HOME}/dmaap-event-service/dmaap-event-service.jar > ${APPC_HOME}/dmaap-event-service/jar.log &
+
echo "Adding a property system.properties for AAF cadi.properties location"
echo "" >> ${ODL_HOME}/etc/system.properties
echo "cadi_prop_files=${APPC_HOME}/data/properties/cadi.properties" >> ${ODL_HOME}/etc/system.properties
# Properties used by EventSenderDmaapImpl.java
DCAE.dmaap.event.topic.write=EventSenderTest
-DCAE.dmaap.appc.username=test
-DCAE.dmaap.appc.password=test
-DCAE.dmaap.event.pool.members=message-router.{{.Release.Namespace}}:3904
+DCAE.dmaap.event.username=test
+DCAE.dmaap.event.password=test
+DCAE.dmaap.event.poolMembers=message-router.{{.Release.Namespace}}:3904
#OAM Listener
appc.OAM.disabled=true
appc.OAM.provider.pass={{.Values.config.odlPassword}}
appc.asdc.env={{.Values.config.dmaapTopicEnv}}
+
+#Properties for communication between appc dmaap microservice and appc
+appc.srvcomm.messaging.username={{.Values.config.dmaapServiceUser}}
+appc.srvcomm.messaging.password={{.Values.config.dmaapServicePassword}}
+appc.srvcomm.messaging.url={{.Values.config.dmaapServiceUrl}}
--- /dev/null
+{{ include "common.ingress" . }}
*/}}
{{- $global := . }}
{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
{{- range $i, $t := until (int $global.Values.replicaCount)}}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" $global }}-data{{$i}}
+ name: {{ include "common.fullname" $global }}-data-{{$i}}
namespace: {{ include "common.namespace" $global }}
labels:
app: {{ include "common.fullname" $global }}
persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
hostPath:
path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
---
{{- end -}}
{{- end -}}
+{{- end -}}
+{{- end -}}
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.externalPort2 }}
readinessProbe:
- exec:
- command:
- - /opt/appc/bin/health_check.sh
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
name: {{ include "common.fullname" . }}-data
labels:
name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
spec:
- accessModes: [ {{ .Values.persistence.accessMode }} ]
- storageClassName: {{ include "common.fullname" . }}-data
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
openStackUserName: admin
openStackEncryptedPassword: enc:LDEbHEAvTF1R
odlUser: admin
+ dmaapServiceUrl: http://localhost:8080/publish
+ dmaapServiceUser: appc
+ dmaapServicePassword: onapappc
appc-ansible-server:
service:
ingress:
enabled: false
+ service:
+ - baseaddr: appc
+ name: "appc"
+ port: 8443
+ config:
+ ssl: "redirect"
# Configure resource requests and limits
# ref: http://kubernetes.io/docs/user-guide/compute-resources/
# Web server config
### START -Controller Blueprints Properties
# Load Resource Source Mappings
-resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,script=source-capability
+resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,vault-data=source-rest,script=source-capability
# Blueprint Processor File Execution and Handling Properties
blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy
blueprintsprocessor.restclient.aai-data.url=https://aai:8443
blueprintsprocessor.restclient.aai-data.username=aai@aai.onap.org
blueprintsprocessor.restclient.aai-data.password=demo123456!
+blueprintsprocessor.restclient.aai-data.additionalHeaders.X-TransactionId=cds-transaction-id
+blueprintsprocessor.restclient.aai-data.additionalHeaders.X-FromAppId=cds-app-id
+blueprintsprocessor.restclient.aai-data.additionalHeaders.Accept=application/json
# Self Service Request Kafka Message Consumer
blueprintsprocessor.messageconsumer.self-service-api.kafkaEnable=false
# Self Service Response Kafka Message Producer
blueprintsprocessor.messageproducer.self-service-api.bootstrapServers=message-router-kafka:9092
+
+
+# Used in Health Check
blueprintsprocessor.messageproducer.self-service-api.type=kafka-basic-auth
blueprintsprocessor.messageproducer.self-service-api.clientId=cds-client
blueprintsprocessor.messageproducer.self-service-api.topic=cds-producer
+
+blueprintprocessor.remoteScriptCommand.enabled=true
+
+#Encrypted username and password for health check service
+endpoints.user.name=eHbVUbJAj4AG2522cSbrOQ==
+endpoints.user.password=eHbVUbJAj4AG2522cSbrOQ==
+
+#BaseUrls for health check blueprint processor services
+blueprintprocessor.healthcheck.baseUrl=http://localhost:8080/
+blueprintprocessor.healthcheck.mapping-service-name-with-service-link=[Execution service,/api/v1/execution-service/health-check],[Resources service,/api/v1/resources/health-check],[Template service,/api/v1/template/health-check]
+
+#BaseUrls for health check Cds Listener services
+cdslistener.healthcheck.baseUrl=http://cds-sdc-listener:8080/
+cdslistener.healthcheck.mapping-service-name-with-service-link=[SDC Listener service,/api/v1/sdclistener/healthcheck]
+
+#Actuator properties
+management.endpoints.web.exposure.include=*
+management.endpoint.health.show-details=always
value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
{{ end }}
readinessProbe:
httpGet:
httpHeaders:
- name: Authorization
value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
volumeMounts:
- mountPath: /etc/localtime
name: localtime
--- /dev/null
+{{ include "common.ingress" . }}
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
{{- if not .Values.persistence.storageClass -}}
kind: PersistentVolume
apiVersion: v1
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
+{{- end -}}
{{ .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
-{{- if not .Values.persistence.storageClass }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}-blueprints
-{{- end }}
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
+ storageClassName: {{ include "common.storageClass" . }}
{{- end -}}
# probe configuration parameters
liveness:
initialDelaySeconds: 120
- periodSeconds: 10
+ periodSeconds: 20
+ timeoutSeconds: 20
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
initialDelaySeconds: 120
periodSeconds: 10
+ timeoutSeconds: 20
service:
http:
ingress:
enabled: false
+ service:
+ - baseaddr: "blueprintsprocessorhttp"
+ name: "blueprints-processor-http"
+ port: 8080
+ config:
+ ssl: "none"
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
port: {{ .Values.service.grpc.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
{{ end }}
readinessProbe:
tcpSocket:
port: {{ .Values.service.grpc.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
volumeMounts:
- mountPath: /etc/localtime
name: localtime
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
+ initialDelaySeconds: 20
+ periodSeconds: 20
+ timeoutSeconds: 20
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
initialDelaySeconds: 10
periodSeconds: 10
+ timeoutSeconds: 20
service:
type: ClusterIP
archivePath: /opt/app/onap/sdc-listener/
grpcAddress: cds-blueprints-processor-grpc
grpcPort: 9111
- authHeader: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
\ No newline at end of file
+ authHeader: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
+
+
+cdslistener:
+ healthcheck:
+ baseUrl: http://localhost:9000/
+ mapping-service-name-with-service-link: "[SDC Listener service,/api/v1/sdclistener/healthcheck]"
+
+
+management:
+ endpoint:
+ health:
+ show-details: always
+
+
+ endpoints:
+ web:
+ exposure:
+ include: "*"
+
+endpoints:
+ user:
+ name: eHbVUbJAj4AG2522cSbrOQ==
+ password: eHbVUbJAj4AG2522cSbrOQ==
value: {{ .Values.config.api.controller.http.baseUrl }}
- name: API_BLUEPRINT_CONTROLLER_HTTP_AUTH_TOKEN
value: {{ .Values.config.api.controller.http.authToken }}
- - name: API_BLUEPRINT_PROCESSOR_HHTP_BASE_URL
+ - name: API_BLUEPRINT_PROCESSOR_HTTP_BASE_URL
value: {{ .Values.config.api.processor.http.baseUrl }}
- name: API_BLUEPRINT_PROCESSOR_HTTP_AUTH_TOKEN
value: {{ .Values.config.api.processor.http.authToken }}
--- /dev/null
+{{ include "common.ingress" . }}
api:
controller:
http:
- baseUrl: http://cds-controller-blueprints:8080/api/v1
+ baseUrl: http://cds-blueprints-processor-http:8081/api/v1
authToken: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
processor:
http:
ingress:
enabled: false
+ service:
+ - baseaddr: "cdsui"
+ name: "cds-ui"
+ port: 8080
+ config:
+ ssl: "none"
+
# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
+ initialDelaySeconds: 20
+ periodSeconds: 20
+ timeoutSeconds: 20
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
# application image
repository: nexus3.onap.org:10001
-image: onap/clamp-backend:4.1.2
+image: onap/clamp-backend:4.1.3
pullPolicy: Always
# flag to enable debugging - application support required
springApplicationJson: >
{
"spring.datasource.cldsdb.url": "jdbc:mariadb:sequential://clampdb.{{ include "common.namespace" . }}:3306/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3",
+ "spring.profiles.active": "clamp-default,clamp-default-user,clamp-sdc-controller-new",
"clamp.config.sdc.catalog.url": "http://sdc-be.{{ include "common.namespace" . }}:8080/sdc/v1/catalog/",
"clamp.config.sdc.hostUrl": "http://sdc-be.{{ include "common.namespace" . }}:8080/",
"clamp.config.sdc.serviceUrl": "http://sdc-be.{{ include "common.namespace" . }}:8080/sdc/v1/catalog/services",
"clamp.config.sdc.serviceUsername": "clamp",
"clamp.config.sdc.servicePassword": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981",
"clamp.config.files.sdcController": "file:/opt/clamp/sdc-controllers-config.json",
- "clamp.config.dcae.inventory.url": "https://inventory.{{ include "common.namespace" . }}:8080",
+ "clamp.config.dcae.inventory.url": "https4://inventory.{{ include "common.namespace" . }}:8080",
"clamp.config.dcae.dispatcher.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443",
"clamp.config.dcae.deployment.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443",
"clamp.config.dcae.deployment.userName": "none",
# limitations under the License.
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-data
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
storage: {{ .Values.persistence.size}}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
+{{- end -}}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
# application image
repository: nexus3.onap.org:10001
-image: onap/clamp-dashboard-kibana:4.1.2
+image: onap/clamp-dashboard-kibana:4.1.3
pullPolicy: Always
# flag to enable debugging - application support required
# application image
repository: nexus3.onap.org:10001
-image: onap/clamp-dashboard-logstash:4.1.2
+image: onap/clamp-dashboard-logstash:4.1.3
pullPolicy: Always
# flag to enable debugging - application support required
# ================================================================================
# Copyright (C) 2017 AT&T Intellectual Property. All rights
# reserved.
-# Modifications Copyright © 2018 Amdocs,Bell Canada
-# Modifications Copyright © 2019 AT&T
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
# ============LICENSE_END============================================
# ===================================================================
-# ECOMP is a trademark and service mark of AT&T Intellectual Property.
+#
###
-cd /docker-entrypoint-initdb.d/bulkload
-### Keep previous DB for now (SOON DEPRECATED)
-mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < clds-create-db-objects.sql
-mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < clds-stored-procedures.sql
-## New model creation
-mysql -uroot -p$MYSQL_ROOT_PASSWORD -f cldsdb4 < create-tables.sql
+mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < /docker-entrypoint-initdb.d/bulkload/create-db.sql
+## New model creation
+mysql -uroot -p$MYSQL_ROOT_PASSWORD -f cldsdb4 < /docker-entrypoint-initdb.d/bulkload/create-tables.sql
+++ /dev/null
-/* Copyright © 2017-2019 AT&T, Amdocs, Bell Canada
-*
-* Licensed under the Apache License, Version 2.0 (the "License");
-* you may not use this file except in compliance with the License.
-* You may obtain a copy of the License at
-*
-* http://www.apache.org/licenses/LICENSE-2.0
-*
-* Unless required by applicable law or agreed to in writing, software
-* distributed under the License is distributed on an "AS IS" BASIS,
-* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-* See the License for the specific language governing permissions and
-* limitations under the License.
-*/
-
-#
-# Create CLDS database objects (tables, etc.)
-#
-#
-CREATE DATABASE `cldsdb4`;
-USE `cldsdb4`;
-DROP USER 'clds';
-CREATE USER 'clds';
-GRANT ALL on cldsdb4.* to 'clds' identified by 'sidnnd83K' with GRANT OPTION;
-GRANT SELECT on mysql.proc TO 'clds';
-FLUSH PRIVILEGES;
-
-
-CREATE TABLE template (
- template_id VARCHAR(36) NOT NULL,
- template_name VARCHAR(80) NOT NULL,
- template_bpmn_id VARCHAR(36) NULL,
- template_image_id VARCHAR(36) NULL,
- template_doc_id VARCHAR(36) NULL,
- PRIMARY KEY (template_id),
- UNIQUE (template_name)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
-
-CREATE TABLE template_bpmn (
- template_bpmn_id VARCHAR(36) NOT NULL,
- template_id VARCHAR(36) NOT NULL,
- template_bpmn_text MEDIUMTEXT NOT NULL,
- user_id VARCHAR(80),
- timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
- PRIMARY KEY (template_bpmn_id)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
-
-CREATE TABLE template_image (
- template_image_id VARCHAR(36) NOT NULL,
- template_id VARCHAR(36) NOT NULL,
- template_image_text MEDIUMTEXT NULL,
- user_id VARCHAR(80),
- timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
- PRIMARY KEY (template_image_id)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
-
-CREATE TABLE template_doc (
- template_doc_id VARCHAR(36) NOT NULL,
- template_id VARCHAR(36) NOT NULL,
- template_doc_text MEDIUMTEXT NULL,
- user_id VARCHAR(80),
- timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
- PRIMARY KEY (template_doc_id)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
-
-CREATE TABLE model (
- model_id VARCHAR(36) NOT NULL,
- model_name VARCHAR(80) NOT NULL,
- template_id VARCHAR(36) NULL,
- model_prop_id VARCHAR(36) NULL,
- model_blueprint_id VARCHAR(36) NULL,
- event_id VARCHAR(36) NULL,
- control_name_prefix VARCHAR(80) NULL,
- control_name_uuid VARCHAR(36) NOT NULL,
- service_type_id VARCHAR(80) NULL,
- deployment_id VARCHAR(80) NULL,
- deployment_status_url VARCHAR(300) NULL,
- PRIMARY KEY (model_id),
- UNIQUE (model_name),
- UNIQUE (control_name_uuid),
- UNIQUE (service_type_id),
- UNIQUE (deployment_id)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
-
-CREATE TABLE model_properties (
- model_prop_id VARCHAR(36) NOT NULL,
- model_id VARCHAR(36) NOT NULL,
- model_prop_text MEDIUMTEXT NULL,
- user_id VARCHAR(80),
- timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
- PRIMARY KEY (model_prop_id)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
-
-CREATE TABLE model_blueprint (
- model_blueprint_id VARCHAR(36) NOT NULL,
- model_id VARCHAR(36) NOT NULL,
- model_blueprint_text MEDIUMTEXT NULL,
- user_id VARCHAR(80),
- timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
- PRIMARY KEY (model_blueprint_id)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
-
-CREATE TABLE model_instance (
- model_instance_id VARCHAR(36) NOT NULL,
- model_id VARCHAR(36) NOT NULL,
- vm_name VARCHAR(250) NOT NULL,
- location VARCHAR(250) NULL,
- timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
- PRIMARY KEY (model_instance_id),
- UNIQUE (model_id, vm_name)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
-
-CREATE TABLE event (
- event_id VARCHAR(36) NOT NULL,
- model_id VARCHAR(36) NULL,
- action_cd VARCHAR(80) NOT NULL,
- action_state_cd VARCHAR(80) NULL,
- prev_event_id VARCHAR(36) NULL,
- process_instance_id VARCHAR(80) NULL,
- user_id VARCHAR(80) NULL,
- timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
- PRIMARY KEY (event_id)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
-
-CREATE TABLE IF NOT EXISTS tosca_model (
- tosca_model_id VARCHAR(36) NOT NULL,
- tosca_model_name VARCHAR(80) NOT NULL,
- policy_type VARCHAR(80) NULL,
- user_id VARCHAR(80),
- timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
- PRIMARY KEY (tosca_model_id)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
-
-CREATE TABLE IF NOT EXISTS tosca_model_revision (
- tosca_model_revision_id VARCHAR(36) NOT NULL,
- tosca_model_id VARCHAR(36) NOT NULL,
- version DOUBLE NOT NULL DEFAULT 1,
- tosca_model_yaml MEDIUMTEXT NULL,
- tosca_model_json MEDIUMTEXT NULL,
- user_id VARCHAR(80),
- createdTimestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
- lastUpdatedTimestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
- PRIMARY KEY (tosca_model_revision_id),
- CONSTRAINT tosca_model_revision_ukey UNIQUE KEY (tosca_model_id, version),
- CONSTRAINT tosca_model_revision_fkey01 FOREIGN KEY (tosca_model_id) REFERENCES tosca_model (tosca_model_id)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
-
-CREATE TABLE IF NOT EXISTS dictionary (
- dictionary_id VARCHAR(36) NOT NULL,
- dictionary_name VARCHAR(80) NOT NULL,
- created_by VARCHAR(80),
- modified_by VARCHAR(80),
- timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
- PRIMARY KEY (dictionary_id)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
-
-CREATE TABLE IF NOT EXISTS dictionary_elements (
- dict_element_id VARCHAR(36) NOT NULL,
- dictionary_id VARCHAR(36) NOT NULL,
- dict_element_name VARCHAR(250) NOT NULL,
- dict_element_short_name VARCHAR(80) NOT NULL,
- dict_element_description VARCHAR(250),
- dict_element_type VARCHAR(80) NOT NULL,
- created_by VARCHAR(80),
- modified_by VARCHAR(80),
- timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
- PRIMARY KEY (dict_element_id),
- CONSTRAINT dictionary_elements_ukey UNIQUE KEY (dict_element_name, dict_element_short_name),
- CONSTRAINT dictionary_elements_ukey_fkey01 FOREIGN KEY (dictionary_id) REFERENCES dictionary (dictionary_id)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
-
-ALTER TABLE template
- ADD CONSTRAINT template_bpmn_id_fkey01
- FOREIGN KEY (template_bpmn_id)
- REFERENCES template_bpmn (template_bpmn_id);
-
-ALTER TABLE template
- ADD CONSTRAINT template_image_id_fkey01
- FOREIGN KEY (template_image_id)
- REFERENCES template_image (template_image_id);
-
-ALTER TABLE template
- ADD CONSTRAINT template_doc_id_fkey01
- FOREIGN KEY (template_doc_id)
- REFERENCES template_doc (template_doc_id);
-
-ALTER TABLE template_bpmn
- ADD CONSTRAINT template_id_fkey02
- FOREIGN KEY (template_id)
- REFERENCES template (template_id);
-
-ALTER TABLE template_image
- ADD CONSTRAINT template_id_fkey03
- FOREIGN KEY (template_id)
- REFERENCES template (template_id);
-
-ALTER TABLE template_doc
- ADD CONSTRAINT template_id_fkey04
- FOREIGN KEY (template_id)
- REFERENCES template (template_id);
-
-ALTER TABLE model
- ADD CONSTRAINT template_id_fkey01
- FOREIGN KEY (template_id)
- REFERENCES template (template_id);
-
-ALTER TABLE model
- ADD CONSTRAINT model_prop_id_fkey01
- FOREIGN KEY (model_prop_id)
- REFERENCES model_properties (model_prop_id);
-
-ALTER TABLE model
- ADD CONSTRAINT model_blueprint_id_fkey01
- FOREIGN KEY (model_blueprint_id)
- REFERENCES model_blueprint (model_blueprint_id);
-
-ALTER TABLE model
- ADD CONSTRAINT event_id_fkey01
- FOREIGN KEY (event_id)
- REFERENCES event (event_id);
-
-ALTER TABLE model_properties
- ADD CONSTRAINT model_id_fkey01
- FOREIGN KEY (model_id)
- REFERENCES model (model_id);
-
-ALTER TABLE model_blueprint
- ADD CONSTRAINT model_id_fkey02
- FOREIGN KEY (model_id)
- REFERENCES model (model_id);
-
-ALTER TABLE model_instance
- ADD CONSTRAINT model_id_fkey04
- FOREIGN KEY (model_id)
- REFERENCES model (model_id);
-
-ALTER TABLE event
- ADD CONSTRAINT model_id_fkey03
- FOREIGN KEY (model_id)
- REFERENCES model (model_id);
+++ /dev/null
-/* Copyright © 2017 AT&T, Amdocs, Bell Canada
-*
-* Licensed under the Apache License, Version 2.0 (the "License");
-* you may not use this file except in compliance with the License.
-* You may obtain a copy of the License at
-*
-* http://www.apache.org/licenses/LICENSE-2.0
-*
-* Unless required by applicable law or agreed to in writing, software
-* distributed under the License is distributed on an "AS IS" BASIS,
-* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-* See the License for the specific language governing permissions and
-* limitations under the License.
-*/
-
-#
-# CLDS stored procedures
-#
-
-USE cldsdb4;
-
-DROP PROCEDURE IF EXISTS upd_event;
-DROP PROCEDURE IF EXISTS ins_event;
-DROP PROCEDURE IF EXISTS del_all_model_instances;
-DROP PROCEDURE IF EXISTS del_model_instance;
-DROP PROCEDURE IF EXISTS ins_model_instance;
-DROP PROCEDURE IF EXISTS set_model;
-DROP PROCEDURE IF EXISTS get_model;
-DROP PROCEDURE IF EXISTS get_model_template;
-DROP PROCEDURE IF EXISTS set_template;
-DROP PROCEDURE IF EXISTS get_template;
-DROP PROCEDURE IF EXISTS del_model;
-DROP PROCEDURE IF EXISTS set_new_tosca_model_version;
-DROP PROCEDURE IF EXISTS set_tosca_model;
-DROP PROCEDURE IF EXISTS set_dictionary;
-DROP PROCEDURE IF EXISTS set_dictionary_elements;
-DELIMITER //
-CREATE PROCEDURE get_template
- (IN v_template_name VARCHAR(80),
- OUT v_template_id VARCHAR(36),
- OUT v_template_bpmn_id VARCHAR(36),
- OUT v_template_bpmn_user_id VARCHAR(80),
- OUT v_template_bpmn_text MEDIUMTEXT,
- OUT v_template_image_id VARCHAR(36),
- OUT v_template_image_user_id VARCHAR(80),
- OUT v_template_image_text MEDIUMTEXT,
- OUT v_template_doc_id VARCHAR(36),
- OUT v_template_doc_user_id VARCHAR(80),
- OUT v_template_doc_text MEDIUMTEXT)
-BEGIN
- SELECT t.template_id,
- tb.template_bpmn_id,
- tb.user_id,
- tb.template_bpmn_text,
- ti.template_image_id,
- ti.user_id,
- ti.template_image_text,
- td.template_doc_id,
- td.user_id,
- td.template_doc_text
- INTO v_template_id,
- v_template_bpmn_id,
- v_template_bpmn_user_id,
- v_template_bpmn_text,
- v_template_image_id,
- v_template_image_user_id,
- v_template_image_text,
- v_template_doc_id,
- v_template_doc_user_id,
- v_template_doc_text
- FROM template t,
- template_bpmn tb,
- template_image ti,
- template_doc td
- WHERE t.template_bpmn_id = tb.template_bpmn_id
- AND t.template_image_id = ti.template_image_id
- AND t.template_doc_id = td.template_doc_id
- AND t.template_name = v_template_name;
-END;
-CREATE PROCEDURE set_template
- (IN v_template_name VARCHAR(80),
- IN v_user_id VARCHAR(80),
- IN v_template_bpmn_text MEDIUMTEXT,
- IN v_template_image_text MEDIUMTEXT,
- IN v_template_doc_text MEDIUMTEXT,
- OUT v_template_id VARCHAR(36),
- OUT v_template_bpmn_id VARCHAR(36),
- OUT v_template_bpmn_user_id VARCHAR(80),
- OUT v_template_image_id VARCHAR(36),
- OUT v_template_image_user_id VARCHAR(80),
- OUT v_template_doc_id VARCHAR(36),
- OUT v_template_doc_user_id VARCHAR(80))
-BEGIN
- DECLARE v_old_template_bpmn_text MEDIUMTEXT;
- DECLARE v_old_template_image_text MEDIUMTEXT;
- DECLARE v_old_template_doc_text MEDIUMTEXT;
- SET v_template_id = NULL;
- CALL get_template(
- v_template_name,
- v_template_id,
- v_template_bpmn_id,
- v_template_bpmn_user_id,
- v_old_template_bpmn_text,
- v_template_image_id,
- v_template_image_user_id,
- v_old_template_image_text,
- v_template_doc_id,
- v_template_doc_user_id,
- v_old_template_doc_text);
- IF v_template_id IS NULL THEN
- BEGIN
- SET v_template_id = UUID();
- INSERT INTO template
- (template_id, template_name)
- VALUES (v_template_id, v_template_name);
- END;
- END IF;
- IF v_template_bpmn_id IS NULL OR v_template_bpmn_text <> v_old_template_bpmn_text THEN
- SET v_template_bpmn_id = UUID();
- INSERT INTO template_bpmn
- (template_bpmn_id, template_id, template_bpmn_text, user_id)
- VALUES (v_template_bpmn_id, v_template_id, v_template_bpmn_text, v_user_id);
- SET v_template_bpmn_user_id = v_user_id;
- END IF;
- IF v_template_image_id IS NULL OR v_template_image_text <> v_old_template_image_text THEN
- SET v_template_image_id = UUID();
- INSERT INTO template_image
- (template_image_id, template_id, template_image_text, user_id)
- VALUES (v_template_image_id, v_template_id, v_template_image_text, v_user_id);
- SET v_template_image_user_id = v_user_id;
- END IF;
- IF v_template_doc_id IS NULL OR v_template_doc_text <> v_old_template_doc_text THEN
- SET v_template_doc_id = UUID();
- INSERT INTO template_doc
- (template_doc_id, template_id, template_doc_text, user_id)
- VALUES (v_template_doc_id, v_template_id, v_template_doc_text, v_user_id);
- SET v_template_doc_user_id = v_user_id;
- END IF;
- UPDATE template
- SET template_bpmn_id = v_template_bpmn_id,
- template_image_id = v_template_image_id,
- template_doc_id = v_template_doc_id
- WHERE template_id = v_template_id;
-END;
-CREATE PROCEDURE get_model
- (IN v_model_name VARCHAR(80),
- OUT v_control_name_prefix VARCHAR(80),
- INOUT v_control_name_uuid VARCHAR(36),
- OUT v_model_id VARCHAR(36),
- OUT v_service_type_id VARCHAR(80),
- OUT v_deployment_id VARCHAR(80),
- OUT v_deployment_status_url VARCHAR(300),
- OUT v_template_name VARCHAR(80),
- OUT v_template_id VARCHAR(36),
- OUT v_model_prop_id VARCHAR(36),
- OUT v_model_prop_user_id VARCHAR(80),
- OUT v_model_prop_text MEDIUMTEXT,
- OUT v_model_blueprint_id VARCHAR(36),
- OUT v_model_blueprint_user_id VARCHAR(80),
- OUT v_model_blueprint_text MEDIUMTEXT,
- OUT v_event_id VARCHAR(36),
- OUT v_action_cd VARCHAR(80),
- OUT v_action_state_cd VARCHAR(80),
- OUT v_event_process_instance_id VARCHAR(80),
- OUT v_event_user_id VARCHAR(80))
-BEGIN
- SELECT m.control_name_prefix,
- m.control_name_uuid,
- m.model_id,
- m.service_type_id,
- m.deployment_id,
- m.deployment_status_url,
- t.template_name,
- m.template_id,
- mp.model_prop_id,
- mp.user_id,
- mp.model_prop_text,
- mb.model_blueprint_id,
- mb.user_id,
- mb.model_blueprint_text,
- e.event_id,
- e.action_cd,
- e.action_state_cd,
- e.process_instance_id,
- e.user_id
- INTO v_control_name_prefix,
- v_control_name_uuid,
- v_model_id,
- v_service_type_id,
- v_deployment_id,
- v_deployment_status_url,
- v_template_name,
- v_template_id,
- v_model_prop_id,
- v_model_prop_user_id,
- v_model_prop_text,
- v_model_blueprint_id,
- v_model_blueprint_user_id,
- v_model_blueprint_text,
- v_event_id,
- v_action_cd,
- v_action_state_cd,
- v_event_process_instance_id,
- v_event_user_id
- FROM model m,
- template t,
- model_properties mp,
- model_blueprint mb,
- event e
- WHERE m.template_id = t.template_id
- AND m.model_prop_id = mp.model_prop_id
- AND m.model_blueprint_id = mb.model_blueprint_id
- AND m.event_id = e.event_id
- AND (m.model_name = v_model_name
- OR m.control_name_uuid = v_control_name_uuid);
- SELECT model_instance_id,
- vm_name,
- location,
- timestamp
- FROM model_instance
- WHERE model_id = v_model_id
- ORDER BY 2;
-END;
-CREATE PROCEDURE get_model_template
- (IN v_model_name VARCHAR(80),
- OUT v_control_name_prefix VARCHAR(80),
- INOUT v_control_name_uuid VARCHAR(36),
- OUT v_model_id VARCHAR(36),
- OUT v_service_type_id VARCHAR(80),
- OUT v_deployment_id VARCHAR(80),
- OUT v_deployment_status_url VARCHAR(300),
- OUT v_template_name VARCHAR(80),
- OUT v_template_id VARCHAR(36),
- OUT v_model_prop_id VARCHAR(36),
- OUT v_model_prop_user_id VARCHAR(80),
- OUT v_model_prop_text MEDIUMTEXT,
- OUT v_model_blueprint_id VARCHAR(36),
- OUT v_model_blueprint_user_id VARCHAR(80),
- OUT v_model_blueprint_text MEDIUMTEXT,
- OUT v_template_bpmn_id VARCHAR(36),
- OUT v_template_bpmn_user_id VARCHAR(80),
- OUT v_template_bpmn_text MEDIUMTEXT,
- OUT v_template_image_id VARCHAR(36),
- OUT v_template_image_user_id VARCHAR(80),
- OUT v_template_image_text MEDIUMTEXT,
- OUT v_template_doc_id VARCHAR(36),
- OUT v_template_doc_user_id VARCHAR(80),
- OUT v_template_doc_text MEDIUMTEXT,
- OUT v_event_id VARCHAR(36),
- OUT v_action_cd VARCHAR(80),
- OUT v_action_state_cd VARCHAR(80),
- OUT v_event_process_instance_id VARCHAR(80),
- OUT v_event_user_id VARCHAR(80))
-BEGIN
- CALL get_model(
- v_model_name,
- v_control_name_prefix,
- v_control_name_uuid,
- v_model_id,
- v_service_type_id,
- v_deployment_id,
- v_deployment_status_url,
- v_template_name,
- v_template_id,
- v_model_prop_id,
- v_model_prop_user_id,
- v_model_prop_text,
- v_model_blueprint_id,
- v_model_blueprint_user_id,
- v_model_blueprint_text,
- v_event_id,
- v_action_cd,
- v_action_state_cd,
- v_event_process_instance_id,
- v_event_user_id);
- CALL get_template(
- v_template_name,
- v_template_id,
- v_template_bpmn_id,
- v_template_bpmn_user_id,
- v_template_bpmn_text,
- v_template_image_id,
- v_template_image_user_id,
- v_template_image_text,
- v_template_doc_id,
- v_template_doc_user_id,
- v_template_doc_text);
- END;
-CREATE PROCEDURE set_model
- (IN v_model_name VARCHAR(80),
- IN v_template_id VARCHAR(36),
- IN v_user_id VARCHAR(80),
- IN v_model_prop_text MEDIUMTEXT,
- IN v_model_blueprint_text MEDIUMTEXT,
- IN v_service_type_id VARCHAR(80),
- IN v_deployment_id VARCHAR(80),
- IN v_deployment_status_url VARCHAR(300),
- INOUT v_control_name_prefix VARCHAR(80),
- INOUT v_control_name_uuid VARCHAR(36),
- OUT v_model_id VARCHAR(36),
- OUT v_model_prop_id VARCHAR(36),
- OUT v_model_prop_user_id VARCHAR(80),
- OUT v_model_blueprint_id VARCHAR(36),
- OUT v_model_blueprint_user_id VARCHAR(80),
- OUT v_event_id VARCHAR(36),
- OUT v_action_cd VARCHAR(80),
- OUT v_action_state_cd VARCHAR(80),
- OUT v_event_process_instance_id VARCHAR(80),
- OUT v_event_user_id VARCHAR(80))
-BEGIN
- DECLARE v_old_template_name VARCHAR(80);
- DECLARE v_old_template_id VARCHAR(36);
- DECLARE v_old_control_name_prefix VARCHAR(80);
- DECLARE v_old_control_name_uuid VARCHAR(36);
- DECLARE v_old_model_prop_text MEDIUMTEXT;
- DECLARE v_old_model_blueprint_text MEDIUMTEXT;
- DECLARE v_old_service_type_id VARCHAR(80);
- DECLARE v_old_deployment_id VARCHAR(80);
- DECLARE v_old_deployment_status_url VARCHAR(300);
- SET v_model_id = NULL;
- CALL get_model(
- v_model_name,
- v_old_control_name_prefix,
- v_old_control_name_uuid,
- v_model_id,
- v_old_service_type_id,
- v_old_deployment_id,
- v_old_deployment_status_url,
- v_old_template_name,
- v_old_template_id,
- v_model_prop_id,
- v_model_prop_user_id,
- v_old_model_prop_text,
- v_model_blueprint_id,
- v_model_blueprint_user_id,
- v_old_model_blueprint_text,
- v_event_id,
- v_action_cd,
- v_action_state_cd,
- v_event_process_instance_id,
- v_event_user_id);
- IF v_model_id IS NULL THEN
- BEGIN
- # UUID can be provided initially but cannot be updated
- # if not provided (this is expected) then it will be set here
- IF v_control_name_uuid IS NULL THEN
- SET v_control_name_uuid = UUID();
- END IF;
- SET v_model_id = v_control_name_uuid;
- INSERT INTO model
- (model_id, model_name, template_id, control_name_prefix, control_name_uuid, service_type_id, deployment_id, deployment_status_url)
- VALUES (v_model_id, v_model_name, v_template_id, v_control_name_prefix, v_control_name_uuid, v_service_type_id, v_deployment_id,v_deployment_status_url);
- # since just created model, insert CREATED event as initial default event
- SET v_action_cd = 'CREATE';
- SET v_action_state_cd = 'COMPLETED';
- SET v_event_user_id = v_user_id;
- SET v_event_id = UUID();
- INSERT INTO event
- (event_id, model_id, action_cd, action_state_cd, user_id)
- VALUES (v_event_id, v_model_id, v_action_cd, v_action_state_cd, v_event_user_id);
- UPDATE model
- SET event_id = v_event_id
- WHERE model_id = v_model_id;
- END;
- ELSE
- BEGIN
- # use old control_name_prefix if null value is provided
- IF v_control_name_prefix IS NULL THEN
- SET v_control_name_prefix = v_old_control_name_prefix;
- END IF;
- # UUID can not be updated after initial insert
- SET v_control_name_uuid = v_old_control_name_uuid;
- END;
- END IF;
- IF v_model_prop_id IS NULL OR v_model_prop_text <> v_old_model_prop_text THEN
- SET v_model_prop_id = UUID();
- INSERT INTO model_properties
- (model_prop_id, model_id, model_prop_text, user_id)
- VALUES (v_model_prop_id, v_model_id, v_model_prop_text, v_user_id);
- SET v_model_prop_user_id = v_user_id;
- END IF;
- IF v_model_blueprint_id IS NULL OR v_model_blueprint_text <> v_old_model_blueprint_text THEN
- SET v_model_blueprint_id = UUID();
- INSERT INTO model_blueprint
- (model_blueprint_id, model_id, model_blueprint_text, user_id)
- VALUES (v_model_blueprint_id, v_model_id, v_model_blueprint_text, v_user_id);
- SET v_model_blueprint_user_id = v_user_id;
- END IF;
- UPDATE model
- SET control_name_prefix = v_control_name_prefix,
- model_prop_id = v_model_prop_id,
- model_blueprint_id = v_model_blueprint_id,
- service_type_id = v_service_type_id,
- deployment_id = v_deployment_id,
- deployment_status_url = v_deployment_status_url
- WHERE model_id = v_model_id;
-END;
-CREATE PROCEDURE ins_model_instance
- (IN v_control_name_uuid VARCHAR(36),
- IN v_vm_name VARCHAR(250),
- IN v_location VARCHAR(250),
- OUT v_model_id VARCHAR(36),
- OUT v_model_instance_id VARCHAR(36))
-BEGIN
- SELECT m.model_id
- INTO v_model_id
- FROM model m
- WHERE m.control_name_uuid = v_control_name_uuid;
- SET v_model_instance_id = UUID();
- INSERT INTO model_instance
- (model_instance_id, model_id, vm_name, location)
- VALUES (v_model_instance_id, v_model_id, v_vm_name, v_location);
-END;
-CREATE PROCEDURE del_model_instance
- (IN v_control_name_uuid VARCHAR(36),
- IN v_vm_name VARCHAR(250),
- OUT v_model_id VARCHAR(36),
- OUT v_model_instance_id VARCHAR(36))
-BEGIN
- SELECT m.model_id, i.model_instance_id
- INTO v_model_id,
- v_model_instance_id
- FROM model m,
- model_instance i
- WHERE m.model_id = i.model_id
- AND m.control_name_uuid = v_control_name_uuid
- AND i.vm_name = v_vm_name;
- DELETE FROM model_instance
- WHERE model_instance_id = v_model_instance_id;
-END;
-CREATE PROCEDURE del_all_model_instances
- (IN v_control_name_uuid VARCHAR(36),
- OUT v_model_id VARCHAR(36))
-BEGIN
- SELECT m.model_id
- INTO v_model_id
- FROM model m
- WHERE m.control_name_uuid = v_control_name_uuid;
- DELETE FROM model_instance
- WHERE model_id = v_model_id;
-END;
-CREATE PROCEDURE ins_event
- (IN v_model_name VARCHAR(80),
- IN v_control_name_prefix VARCHAR(80),
- IN v_control_name_uuid VARCHAR(36),
- IN v_user_id VARCHAR(80),
- IN v_action_cd VARCHAR(80),
- IN v_action_state_cd VARCHAR(80),
- IN v_process_instance_id VARCHAR(80),
- OUT v_model_id VARCHAR(36),
- OUT v_event_id VARCHAR(36))
-BEGIN
- DECLARE v_prev_event_id VARCHAR(36);
- SELECT m.model_id,
- m.event_id
- INTO v_model_id,
- v_prev_event_id
- FROM model m
- WHERE m.model_name = v_model_name
- OR m.control_name_uuid = v_control_name_uuid;
- SET v_event_id = UUID();
- INSERT INTO event
- (event_id, model_id, action_cd, action_state_cd, prev_event_id, process_instance_id, user_id)
- VALUES (v_event_id, v_model_id, v_action_cd, v_action_state_cd, v_prev_event_id, v_process_instance_id, v_user_id);
- UPDATE model
- SET event_id = v_event_id
- WHERE model_id = v_model_id;
-END;
-CREATE PROCEDURE upd_event
- (IN v_event_id VARCHAR(36),
- IN v_process_instance_id VARCHAR(80))
-BEGIN
- UPDATE event
- SET process_instance_id = v_process_instance_id
- WHERE event_id = v_event_id;
-END;
-CREATE PROCEDURE del_model
-(IN v_model_name VARCHAR(80))
-BEGIN
- DECLARE v_model_id VARCHAR(36);
- SELECT model_id INTO v_model_id from model where model_name = v_model_name;
- UPDATE model set event_id = null, model_blueprint_id = null, model_prop_id = null where model_id = v_model_id;
- DELETE from event where model_id = v_model_id;
- DELETE from model_blueprint where model_id = v_model_id;
- DELETE from model_properties where model_id = v_model_id;
- DELETE from model where model_id = v_model_id;
-END;
-
-CREATE PROCEDURE set_new_tosca_model_version
- (IN v_tosca_model_id VARCHAR(36),
- IN v_version DOUBLE,
- IN v_tosca_model_yaml MEDIUMTEXT,
- IN v_tosca_model_json MEDIUMTEXT,
- IN v_user_id VARCHAR(80),
- OUT v_revision_id VARCHAR(36))
-BEGIN
- SET v_revision_id = UUID();
- INSERT INTO tosca_model_revision
- (tosca_model_revision_id, tosca_model_id, version, tosca_model_yaml, tosca_model_json, user_id)
- VALUES (v_revision_id, v_tosca_model_id, v_version, v_tosca_model_yaml, v_tosca_model_json, v_user_id);
-END;
-
-CREATE PROCEDURE set_tosca_model
- (IN v_tosca_model_name VARCHAR(80),
- IN v_policy_type VARCHAR(80),
- IN v_user_id VARCHAR(80),
- IN v_tosca_model_yaml MEDIUMTEXT,
- IN v_tosca_model_json MEDIUMTEXT,
- IN v_version DOUBLE,
- OUT v_tosca_model_id VARCHAR(36),
- OUT v_revision_id VARCHAR(36))
-BEGIN
- SET v_tosca_model_id = UUID();
- INSERT INTO tosca_model
- (tosca_model_id, tosca_model_name, policy_type, user_id)
- VALUES (v_tosca_model_id, v_tosca_model_name, v_policy_type, v_user_id);
- SET v_revision_id = UUID();
- INSERT INTO tosca_model_revision
- (tosca_model_revision_id, tosca_model_id, version, tosca_model_yaml, tosca_model_json, user_id)
- VALUES (v_revision_id, v_tosca_model_id, v_version, v_tosca_model_yaml, v_tosca_model_json, v_user_id);
-END;
-
-CREATE PROCEDURE set_dictionary
- (IN v_dictionary_name VARCHAR(80),
- IN v_user_id VARCHAR(80),
- OUT v_dictionary_id VARCHAR(36))
-BEGIN
- SET v_dictionary_id = UUID();
- INSERT INTO dictionary
- (dictionary_id, dictionary_name, created_by, modified_by)
- VALUES (v_dictionary_id, v_dictionary_name, v_user_id, v_user_id);
-END;
-
-CREATE PROCEDURE set_dictionary_elements
- (IN v_dictionary_id VARCHAR(36),
- IN v_dict_element_name VARCHAR(250),
- IN v_dict_element_short_name VARCHAR(80),
- IN v_dict_element_description VARCHAR(250),
- IN v_dict_element_type VARCHAR(80),
- IN v_user_id VARCHAR(80),
- OUT v_dict_element_id VARCHAR(36))
-BEGIN
- SET v_dict_element_id = UUID();
- INSERT INTO dictionary_elements
- (dict_element_id, dictionary_id, dict_element_name, dict_element_short_name, dict_element_description, dict_element_type, created_by, modified_by)
- VALUES (v_dict_element_id, v_dictionary_id, v_dict_element_name, v_dict_element_short_name, v_dict_element_description, v_dict_element_type, v_user_id, v_user_id);
-END;
-//
-DELIMITER ;
--- /dev/null
+#
+# Create CLDS database objects (tables, etc.)
+#
+#
+CREATE DATABASE `cldsdb4`;
+USE `cldsdb4`;
+DROP USER 'clds';
+CREATE USER 'clds';
+GRANT ALL on cldsdb4.* to 'clds' identified by 'sidnnd83K' with GRANT OPTION;
+FLUSH PRIVILEGES;
+
-/* Copyright © 2019 AT&T
-*
-* Licensed under the Apache License, Version 2.0 (the "License");
-* you may not use this file except in compliance with the License.
-* You may obtain a copy of the License at
-*
-* http://www.apache.org/licenses/LICENSE-2.0
-*
-* Unless required by applicable law or agreed to in writing, software
-* distributed under the License is distributed on an "AS IS" BASIS,
-* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-* See the License for the specific language governing permissions and
-* limitations under the License.
-*/
+
create table hibernate_sequence (
next_val bigint
) engine=InnoDB;
+++ /dev/null
-/* Copyright © 2017 AT&T, Amdocs, Bell Canada
-*
-* Licensed under the Apache License, Version 2.0 (the "License");
-* you may not use this file except in compliance with the License.
-* You may obtain a copy of the License at
-*
-* http://www.apache.org/licenses/LICENSE-2.0
-*
-* Unless required by applicable law or agreed to in writing, software
-* distributed under the License is distributed on an "AS IS" BASIS,
-* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-* See the License for the specific language governing permissions and
-* limitations under the License.
-*/
-
-#
-# Drop CLDS database objects (tables, etc.)
-#
-
-
-ALTER TABLE template
- DROP FOREIGN KEY template_image_id_fkey01;
-ALTER TABLE template
- DROP FOREIGN KEY template_bpmn_id_fkey01;
-ALTER TABLE template
- DROP FOREIGN KEY template_doc_id_fkey01;
-
-ALTER TABLE model
- DROP FOREIGN KEY template_id_fkey01;
-ALTER TABLE model
- DROP FOREIGN KEY model_prop_id_fkey01;
-ALTER TABLE model
- DROP FOREIGN KEY model_blueprint_id_fkey01;
-ALTER TABLE model
- DROP FOREIGN KEY event_id_fkey01;
-
-DROP TABLE clds_service_cache;
-
-DROP TABLE model_instance;
-DROP TABLE model_blueprint;
-DROP TABLE model_properties;
-DROP TABLE event;
-DROP TABLE model;
-
-DROP TABLE template_doc;
-DROP TABLE template_image;
-DROP TABLE template_bpmn;
-DROP TABLE template;
-
-DROP TABLE dictionary_elements;
-DROP TABLE dictionary;
-DROP TABLE tosca_model_revision;
-DROP TABLE tosca_model;
-
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-data
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
storage: {{ .Values.persistence.size}}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
+{{- end -}}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
+ storageClassName: {{ include "common.storageClass" . }}
{{- end -}}
## GKE, AWS & OpenStack)
##
# storageClass: "-"
- accessMode: ReadWriteMany
+ accessMode: ReadWriteOnce
size: 2Gi
mountPath: /dockerdata-nfs
mountSubPath: clamp/mariadb/data
ssl_protocols TLSv1.2;
ssl_certificate /etc/ssl/clamp.pem;
ssl_certificate_key /etc/ssl/clamp.key;
+ ssl_verify_client optional_no_ca;
location /restservices/clds/ {
proxy_pass https://clamp-backend:443;
+ proxy_set_header X-SSL-Cert $ssl_client_escaped_cert;
}
location / {
--- /dev/null
+{{ include "common.ingress" . }}
# application image
repository: nexus3.onap.org:10001
-image: onap/clamp-frontend:4.1.2
+image: onap/clamp-frontend:4.1.3
pullPolicy: Always
# flag to enable debugging - application support required
ingress:
enabled: false
+ service:
+ - baseaddr: "clamp"
+ name: "clamp"
+ port: 443
+ config:
+ ssl: "redirect"
#resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
--- /dev/null
+{{ include "common.ingress" . }}
ingress:
enabled: false
+ service:
+ - baseaddr: "cli"
+ name: "cli"
+ port: 8080
+ - baseaddr: "cli2"
+ name: cli
+ port: 9090
+ config:
+ ssl: "none"
# Configure resource requests and limits
# ref: http://kubernetes.io/docs/user-guide/compute-resources/
echo "Executing cleanup!!"
command="nodetool cleanup"
- /root/exec.py -p "cassandra" -c "$command"
+ /root/exec.py -p "cassandra" -c "$command"
echo "Cleaned Node!! Backing up database now!!!"
command="nodetool snapshot -t $curr_time"
if [ 1 ] {{- range $t, $keyspace := $root.Values.backup.keyspacesToSkip }} && [ "{{ $keyspace.name }}" != "$keyspace_name" ] {{- end }}; then
/root/restore.sh -b $backup_dir/cassandra-{{ $i }}/data -s /onap-data/cassandra-{{ $i }}/data/$keyspace_name -k $keyspace_name -t $curr_time &
pids="$pids $!"
- fi
+ fi
done
{{- end }}
echo "Failed" > /backup/backup.log
exit 0
fi
-
+
mv /backup/temp /backup/backup-${curr_time}
echo "Success" > /backup/backup.log
echo "Cassandra Backup Succeeded"
- mountPath: /etc/localtime
name: localtime
readOnly: true
- - mountPath: /onap-data
- name: data-dir
+ {{- range $i := until (int .Values.replicaCount)}}
+ - mountPath: /onap-data/cassandra-{{ $i }}
+ name: data-dir-{{ $i }}
+ {{- end }}
- mountPath: /backup
name: backup-dir
- name: scripts
subPath: restore.sh
- name: scripts
mountPath: /root/exec.py
- subPath: exec.py
+ subPath: exec.py
containers:
- name: cassandra-backup-validate
image: "{{ .Values.image }}"
done
kill -9 $CASS_PID
{{- end }}
- echo "Validation Successful!!!"
+ echo "Validation Successful!!!"
cd /backup
totalFiles=`ls -t | grep "backup-" | wc -l`
if [ $totalFiles -gt {{ .Values.backup.retentionPeriod }} ]; then
path: /etc/localtime
- name: scripts
configMap:
- name: {{ include "common.fullname" $ }}-configmap
+ name: {{ include "common.fullname" . }}-configmap
defaultMode: 0755
- - name: data-dir
+ {{- range $i := until (int .Values.replicaCount)}}
+ - name: data-dir-{{ $i }}
persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-db-data
+ claimName: {{ include "common.fullname" . }}-data-{{ $i }}
+ {{- end }}
- name: backup-dir
persistentVolumeClaim:
claimName: {{ include "common.fullname" . }}-backup-data
{{- end -}}
-
{{/*
-# Copyright © 2019 Amdocs, Bell Canada, AT&T
+# Copyright © 2019 Amdocs, Bell Canada, AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
*/}}
{{- if .Values.backup.enabled }}
-{{ if .Values.persistence.enabled }}
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: {{ include "common.fullname" . }}-db-data
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- heritage: {{ .Release.Service }}
- name: {{ include "common.fullname" . }}-db-data
-spec:
- capacity:
- storage: {{ .Values.persistence.size }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
---
apiVersion: v1
kind: PersistentVolume
storage: {{ .Values.persistence.size }}
accessModes:
- {{ .Values.persistence.accessMode }}
- hostPath:
- path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" $ }}/{{ include "common.fullname" $ }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
-{{ end }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
+ hostPath:
+ path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" . }}/{{ include "common.fullname" . }}
+{{- end -}}
+{{- end -}}
{{- end -}}
-
*/}}
{{- if .Values.backup.enabled }}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-db-data
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}-backup
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}-db-data
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
---
kind: PersistentVolumeClaim
apiVersion: v1
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}-backup-data
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
+ storageClassName: {{ include "common.storageClass" . }}
{{- end -}}
{{- end -}}
# See the License for the specific language governing permissions and
# limitations under the License.
-{{ if .Values.persistence.enabled }}
-{{- $root := . -}}
-{{ range $i, $e := until (int $root.Values.replicaCount) }}
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
---
apiVersion: v1
kind: PersistentVolume
metadata:
- name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }}
- namespace: {{ $root.Release.Namespace }}
+ name: {{ $global.Release.Name }}-{{ $global.Values.service.name }}-{{ $i }}
+ namespace: {{ $global.Release.Namespace }}
labels:
- type: {{ $root.Values.persistence.storageType }}
- app: {{ $root.Values.service.name }}
- chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }}
- release: {{ $root.Release.Name }}
- heritage: {{ $root.Release.Service }}
+ type: {{ $global.Values.persistence.storageType }}
+ app: {{ $global.Values.service.name }}
+ chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}
+ release: {{ $global.Release.Name }}
+ heritage: {{ $global.Release.Service }}
spec:
capacity:
- storage: {{ $root.Values.persistence.size }}
+ storage: {{ $global.Values.persistence.size }}
accessModes:
- - {{ $root.Values.persistence.accessMode }}
+ {{- if $global.Values.backup.enabled }}
+ - ReadWriteMany
+ {{- else }}
+ - ReadWriteOnce
+ {{- end }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
hostPath:
- path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }}
- persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }}
-{{ end }}
-{{ end }}
+ path: {{ $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }}
+{{- end -}}
+{{- end -}}
+{{- end -}}
- containerPort: {{ $ports.port }}
{{- end }}
volumeMounts:
- - name: cassandra-data
+ - name: {{ include "common.fullname" . }}-data
mountPath: /var/lib/cassandra
- name: localtime
mountPath: /etc/localtime
name: {{ include "common.fullname" . }}-entrypoint
defaultMode: 0755
{{- if not .Values.persistence.enabled }}
- - name: cassandra-data
+ - name: {{ include "common.fullname" . }}-data
emptyDir: {}
{{- else }}
volumeClaimTemplates:
- metadata:
- name: cassandra-data
+ name: {{ include "common.fullname" . }}-data
labels:
- app: {{ template "common.fullname" . }}
+ name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
- annotations:
- volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass }}
spec:
accessModes:
- - {{ .Values.persistence.accessMode | quote }}
+ {{- if .Values.backup.enabled }}
+ - ReadWriteMany
+ {{- else }}
+ - ReadWriteOnce
+ {{- end }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
- selector:
- matchLabels:
- release: "{{ .Release.Name }}"
{{- end }}
config:
cluster_domain: cluster.local
heap:
- max: 512M
+ max: 2048M
min: 100M
jvmOpts: -Dcassandra.consistent.rangemovement=false
clusterName: cassandra
## GKE, AWS & OpenStack)
##
## storageClass: "-"
- accessMode: ReadWriteOnce
+ ## Not set as it depends of the backup enabledment or not.
+ #accessMode: ReadWriteOnce
size: 2Gi
mountPath: /dockerdata-nfs
mountSubPath: cassandra
storageType: local
- storageClass: ""
backup:
mountPath: /dockerdata-nfs/backup
--- /dev/null
+{{/*
+# Copyright © 2019 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+ Resolve the master password to be used to derive other passwords. The value of
+ .Values.masterPassword is used by default, unless either override mechanism is
+ used:
+
+ - .Values.global.masterPassword : override default master password for all charts
+ - .Values.masterPasswordOverride : override global and default masterPassword on a per chart basis
+*/}}
+{{- define "common.masterPassword" -}}
+ {{ if .Values.masterPasswordOverride }}
+ {{- printf "%d" .Values.masterPasswordOverride -}}
+ {{ else if .Values.global.masterPassword }}
+ {{- printf "%d" .Values.global.masterPassword -}}
+ {{ else if .Values.masterPassword }}
+ {{- printf "%d" .Values.masterPassword -}}
+ {{ else }}
+ {{ fail "masterPassword not provided" }}
+ {{ end }}
+{{- end -}}
+
+{{/*
+ Generate a new password based on masterPassword. The new password is not
+ random, it is derived from masterPassword, fully qualified chart name and
+ additional uid provided by the user. This ensures that every time when we
+ run this function from the same place, with the same password and uid we
+ get the same results. This allows to avoid password changes while you are
+ doing upgrade.
+
+ The function can take from one to three arguments (inside a dictionary):
+ - .dot : environment (.)
+ - .uid : unique identifier of password to be generated within this particular chart. Use only when you create more than a single password within one chart
+ - .strength : complexity of derived password. See derivePassword documentation for more details
+
+ Example calls:
+
+ {{ include "common.createPassword" . }}
+ {{ include "common.createPassword" (dict "dot" . "uid" "mysqlRootPasswd") }}
+
+*/}}
+{{- define "common.createPassword" -}}
+ {{- $dot := default . .dot -}}
+ {{- $uid := default "onap" .uid -}}
+ {{- $strength := default "long" .strength -}}
+ {{- $mp := include "common.masterPassword" $dot -}}
+ {{- derivePassword 1 $strength $mp (include "common.fullname" $dot) $uid -}}
+{{- end -}}
{{- define "ingress.config.port" -}}
{{- if .Values.ingress -}}
-{{- if .Values.ingress.service -}}
+{{- if or (not .Values.global.ingress.virtualhost) (not .Values.global.ingress.virtualhost.enabled) -}}
+ - http:
+ paths:
{{- range .Values.ingress.service }}
- - path: {{ .path }}
+ - path: {{ printf "/%s" (required "baseaddr" .baseaddr) }}
backend:
serviceName: {{ .name }}
servicePort: {{ .port }}
{{- end -}}
+{{- else if .Values.ingress.service -}}
+{{- $burl := (required "baseurl" .Values.global.ingress.virtualhost.baseurl) -}}
+{{ range .Values.ingress.service }}
+ - host: {{ printf "%s.%s" (required "baseaddr" .baseaddr) $burl }}
+ http:
+ paths:
+ - backend:
+ serviceName: {{ .name }}
+ servicePort: {{ .port }}
+{{- end -}}
{{- else -}}
- path: {{ printf "/%s" .Chart.Name }}
backend:
{{- end -}}
+{{- define "ingress.config.annotations.ssl" -}}
+{{- if .Values.ingress.config -}}
+{{- if .Values.ingress.config.ssl -}}
+{{- if eq .Values.ingress.config.ssl "redirect" -}}
+kubernetes.io/ingress.class: nginx
+nginx.ingress.kubernetes.io/ssl-passthrough: "true"
+nginx.ingress.kubernetes.io/ssl-redirect: "true"
+{{- else if eq .Values.ingress.config.ssl "native" -}}
+nginx.ingress.kubernetes.io/ssl-redirect: "true"
+{{- else if eq .Values.ingress.config.ssl "none" -}}
+nginx.ingress.kubernetes.io/ssl-redirect: "false"
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+
{{- define "ingress.config.annotations" -}}
{{- if .Values.ingress -}}
{{- if .Values.ingress.annotations -}}
{{ toYaml .Values.ingress.annotations | indent 4 | trim }}
{{- end -}}
{{- end -}}
+{{ include "ingress.config.annotations.ssl" . | indent 4 | trim }}
{{- end -}}
{{- define "common.ingress" -}}
{{- if .Values.ingress -}}
-{{- if .Values.ingress.enabled -}}
+{{- if .Values.global.ingress -}}
+{{- if and .Values.ingress.enabled .Values.global.ingress.enabled -}}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
heritage: {{ .Release.Service }}
spec:
rules:
- - http:
- paths:
- {{- include "ingress.config.port" . }}
+ {{ include "ingress.config.port" . | trim }}
{{- if .Values.ingress.tls }}
tls:
{{ toYaml .Values.ingress.tls | indent 4 }}
{{- end -}}
{{- end -}}
{{- end -}}
-
+{{- end -}}
\ No newline at end of file
--- /dev/null
+{{/*
+# Copyright © 2019 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+ Choose the name of the mariadb service to use.
+*/}}
+{{- define "common.mariadbService" -}}
+ {{- if .Values.global.mariadbGalera.localCluster -}}
+ {{- index .Values "mariadb-galera" "service" "name" -}}
+ {{- else -}}
+ {{- .Values.global.mariadbGalera.service -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+ Choose the value of mariadb port to use.
+*/}}
+{{- define "common.mariadbPort" -}}
+ {{- if .Values.global.mariadbGalera.localCluster -}}
+ {{- index .Values "mariadb-galera" "service" "internalPort" -}}
+ {{- else -}}
+ {{- .Values.global.mariadbGalera.internalPort -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+ Choose the value of secret to retrieve user value.
+*/}}
+{{- define "common.mariadbSecret" -}}
+ {{- if .Values.global.mariadbGalera.localCluster -}}
+ {{ printf "%s-%s-db-user-credentials" (include "common.fullname" .) (index .Values "mariadb-galera" "nameOverride") -}}
+ {{- else -}}
+ {{ printf "%s-%s" (.Release.Name) (index .Values "mariadb-init" "nameOverride") -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+ Choose the value of secret param to retrieve user value.
+*/}}
+{{- define "common.mariadbSecretParam" -}}
+ {{- if .Values.global.mariadbGalera.localCluster -}}
+ {{ printf "password" -}}
+ {{- else -}}
+ {{ printf "db-user-password" -}}
+ {{- end -}}
+{{- end -}}
{{- define "common.fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
+
+{{/*
+ Retrieve the "original" release from the component release:
+ if ONAP is deploy with "helm deploy --name toto", then cassandra components
+ will have "toto-cassandra" as release name.
+ this function would answer back "toto".
+*/}}
+{{- define "common.release" -}}
+ {{- regexReplaceAll "-[a-zA-Z0-9]*$" .Release.Name "" }}
+{{- end -}}
--- /dev/null
+{{/*
+# Copyright © 2019 AT&T, Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+ For internal use only!
+
+ Generates a secret header with given name and desired labels.
+
+ The template takes two arguments:
+ - .global: environment (.)
+ - .name: name of the secret
+
+ Example call:
+ {{ include "common.secret._header" (dict "global" . "name" "myFancyName") }}
+*/}}
+{{- define "common.secret._header" -}}
+{{- $global := .global }}
+{{- $name := .name }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ $name }}
+ namespace: {{ include "common.namespace" $global }}
+ labels:
+ app: {{ include "common.name" $global }}
+ chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}
+ release: {{ $global.Release.Name }}
+ heritage: {{ $global.Release.Service }}
+type: Opaque
+{{- end -}}
+
+{{/*
+ For internal use only!
+
+ Pick a value based on "user input" and generation policy.
+
+ The template takes below arguments:
+ - .global: environment (.)
+ - .secretName: name of the secret where the value will be placed
+ - .secretEnv: map of values which configures this secret. This can contain below keys:
+ - value: Value of secret key provided by user (can be a template inside a string)
+ - policy: What to do if value is missing or empty. Possible options are:
+ - generate: Generate a new password deriving it from master password
+ - required: Fail the deployment if value has not been provided
+ Defaults to generate.
+ - name: Name of the key to which this value should be assigned
+*/}}
+{{- define "common.secret._value" -}}
+ {{- $global := .global }}
+ {{- $name := .secretName }}
+ {{- $secretEnv := .secretEnv }}
+ {{- $value := tpl $secretEnv.value $global }}
+ {{- $policy := default "generate" $secretEnv.policy }}
+
+ {{- if $value }}
+ {{- $value | quote }}
+ {{- else if eq $policy "generate" }}
+ {{- include "common.createPassword" (dict "dot" $global "uid" $name) | quote }}
+ {{- else }}
+ {{- fail (printf "Value for %s secret %s key not provided" $name $secretEnv.name) }}
+ {{- end }}
+{{- end -}}
+
+
+{{/*
+ For internal use only!
+
+ Generate a secret name based on provided name or UID.
+ If UID is provided then the name is generated by appending this UID right after
+ the chart name. If name is provided, it overrides the name generation algorith
+ and is used right away. Both name and uid strings may contain a template to be
+ resolved.
+
+ The template takes below arguments:
+ - .global: environment (.)
+ - .uid: string that uniquely identifies this secret within a helm chart
+ - .name: string that can be used to override default name generation algorithm
+ and provide a custom name for the secret
+*/}}
+{{- define "common.secret._genName" -}}
+ {{- $global := .global }}
+ {{- $uid := tpl (default "" .uid) $global }}
+ {{- $name := tpl (default "" .name) $global }}
+ {{- default (printf "%s-%s" (include "common.fullname" $global) $uid) $name }}
+{{- end -}}
+
+{{/*
+ Get the real secret name by UID or name, based on the configuration provided by user.
+ User may decide to not create a new secret but reuse existing one for this deployment
+ (aka externalSecret). In this case the real name of secret to be used is different
+ than the one declared in secret definition. This easily retrieve current secret real
+ name based on declared name or UID even if it has been overrided by the user using
+ externalSecret option. You should use this template always when you need to reference
+ a secret created using common.secret template by name.
+
+ The template takes below arguments:
+ - .global: environment (.)
+ - .uid: string that uniquely identifies this secret within a helm chart
+ (can be omitted if name has been provided)
+ - .name: name which was used to declare a secret
+ (can be omitted if uid has been provided)
+*/}}
+{{- define "common.secret.getSecretName" -}}
+ {{- $global := .global }}
+ {{- $targetName := include "common.secret._genName" (dict "global" $global "uid" .uid "name" .name) }}
+ {{- range $secret := $global.Values.secrets }}
+ {{- $currName := include "common.secret._genName" (dict "global" $global "uid" $secret.uid "name" $secret.name) }}
+ {{- if eq $currName $targetName }}
+ {{- $externalSecret := tpl (default "" $secret.externalSecret) $global }}
+ {{- default $currName $externalSecret }}
+ {{- end }}
+ {{- end }}
+{{- end -}}
+
+{{/*
+ Convenience template which can be used to easily set the value of environment variable
+ to the value of a key in a secret.
+
+ It takes care of all name mangling, usage of external secrets etc.
+
+ The template takes below arguments:
+ - .global: environment (.)
+ - .uid: string that uniquely identifies this secret within a helm chart
+ (can be omitted if name has been provided)
+ - .name: name which was used to declare a secret
+ (can be omitted if uid has been provided)
+ - .key: Key within this secret which value should be assigned to this variable
+
+ Example usage:
+ env:
+ - name: SECRET_PASSWORD
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "secret" "key" "password") | indent 8}}
+*/}}
+{{- define "common.secret.envFromSecret" -}}
+ {{- $key := .key }}
+valueFrom:
+ secretKeyRef:
+ name: {{ include "common.secret.getSecretName" . }}
+ key: {{ $key }}
+{{- end -}}
+
+{{/*
+ Define secrets to be used by chart.
+ Every secret has a type which is one of:
+ - generic:
+ Generic secret template that allows to input some raw data (from files).
+ File Input can be passed as list of files (filePaths) or as a single string
+ (filePath)
+ - genericKV:
+ Type of secret which allows you to define a list of key value pairs.
+ The list is assiged to envs value. Every item may define below items:
+ - name:
+ Identifier of this value within secret
+ - value:
+ String that defines a value associated with given key.
+ This can be a simple string or a template.
+ - policy:
+ Defines what to do if value is not provided by the user.
+ Available options are:
+ - generate:
+ Generate a value by derriving it from master password
+ - required:
+ Fail the deployment
+ - password:
+ Type of secret that holds only the password.
+ Only two items can be defined for this type:
+ - password:
+ Equivalent of value field from genericKV
+ - policy:
+ The same meaning as for genericKV policy field
+ - basicAuth:
+ Type of secret that holds both username and password.
+ Below fields are available:
+ - login:
+ The value for login key.
+ This can be a simple string or a template.
+ Providing a value for login is always required.
+ - password:
+ The value for password key.
+ This can be a simple string or a template.
+ - passwordPolicy:
+ The same meaning as the policy field in genericKV.
+ Only the policy for password can be set.
+
+ Every secret can be identified using:
+ - uid:
+ A string to be appended to the chart fullname to generate a secret name.
+ - name:
+ Overrides default secret name generation and allows to set immutable
+ and globaly unique name
+
+ To allow sharing a secret between the components and allow to pre-deploy secrets
+ before ONAP deployment it is possible to use already existing secret instead of
+ creating a new one. For this purpose externalSecret field can be used. If value of
+ this field is evaluated to true no new secret is created, only the name of the
+ secret is aliased to the external one.
+
+ Example usage:
+ secrets.yaml:
+ {{ include "common.secret" . }}
+
+ values.yaml:
+ mysqlLogin: "root"
+
+ mysqlExternalSecret: "some-other-secret-name"
+
+ secrets:
+ - uid: "mysql"
+ externalSecret: '{{ tpl .Values.passExternalSecret . }}'
+ type: basicAuth
+ login: '{{ .Values.mysqlLogin }}'
+ mysqlPassword: '{{ .Values.mysqlPassword }}'
+ passwordPolicy: generate
+
+ In the above example new secret is not going to be created.
+ Already existing one (some-other-secret-name) is going to be used.
+ To force creating a new one, just make sure that mysqlExternalSecret
+ is not set.
+
+*/}}
+{{- define "common.secret" -}}
+ {{- $global := . }}
+ {{- range $secret := .Values.secrets }}
+ {{- $name := include "common.secret._genName" (dict "global" $global "uid" $secret.uid "name" $secret.name) }}
+ {{- $type := default "generic" $secret.type }}
+ {{- $externalSecret := tpl (default "" $secret.externalSecret) $global }}
+ {{- if not $externalSecret }}
+---
+ {{ include "common.secret._header" (dict "global" $global "name" $name) }}
+
+ {{- if eq $type "generic" }}
+data:
+ {{- range $curFilePath := $secret.filePaths }}
+ {{ tpl ($global.Files.Glob $curFilePath).AsSecrets $global | indent 2 }}
+ {{- end }}
+ {{- if $secret.filePath }}
+ {{ tpl ($global.Files.Glob $secret.filePath).AsSecrets $global | indent 2 }}
+ {{- end }}
+ {{- else if eq $type "genericKV" }}
+stringData:
+ {{- if $secret.envs }}
+ {{- range $secretEnv := $secret.envs }}
+ {{- $valueDesc := (dict "global" $global "secretName" $name "secretEnv" $secretEnv) }}
+ {{ $secretEnv.name }}: {{ include "common.secret._value" $valueDesc }}
+ {{- end }}
+ {{- end }}
+ {{- else if eq $type "password" }}
+ {{- $secretEnv := (dict "policy" (default "generate" $secret.policy) "name" "password" "value" $secret.password) }}
+ {{- $valueDesc := (dict "global" $global "secretName" $name "secretEnv" $secretEnv) }}
+stringData:
+ password: {{ include "common.secret._value" $valueDesc }}
+ {{- else if eq $type "basicAuth" }}
+stringData:
+ {{- $secretEnv := (dict "policy" "required" "name" "login" "value" $secret.login) }}
+ {{- $valueDesc := (dict "global" $global "secretName" $name "secretEnv" $secretEnv) }}
+ login: {{ include "common.secret._value" $valueDesc }}
+ {{- $secretEnv := (dict "policy" (default "generate" $secret.passwordPolicy) "name" "password" "value" $secret.password) }}
+ {{- $valueDesc := (dict "global" $global "secretName" $name "secretEnv" $secretEnv) }}
+ password: {{ include "common.secret._value" $valueDesc }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+{{- end -}}
--- /dev/null
+{{/*
+# Copyright © 2019 Amdocs, Bell Canada, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+ Expand the name of the storage class.
+ The value "common.fullname"-data is used by default,
+ unless either override mechanism is used.
+
+ - .Values.global.persistence.storageClass : override default storageClass for all charts
+ - .Values.persistence.storageClassOverride : override global and default storage class on a per chart basis
+ - .Values.persistence.storageClass : override default storage class on a per chart basis
+*/}}
+{{- define "common.storageClass" -}}
+ {{- if .Values.persistence.storageClassOverride -}}
+ {{- if ne "-" .Values.persistence.storageClassOverride -}}
+ {{- printf "%s" .Values.persistence.storageClassOverride -}}
+ {{- else -}}
+ {{- $storage_class := "" -}}
+ {{- printf "%q" $storage_class -}}
+ {{- end -}}
+ {{- else -}}
+ {{- if or .Values.persistence.storageClass .Values.global.persistence.storageClass }}
+ {{- if ne "-" (default .Values.persistence.storageClass .Values.global.persistence.storageClass) -}}
+ {{- printf "%s" (default .Values.persistence.storageClass .Values.global.persistence.storageClass) -}}
+ {{- else -}}
+ {{- $storage_class := "" -}}
+ {{- printf "%q" $storage_class -}}
+ {{- end -}}
+ {{- else -}}
+ {{- printf "%s-data" (include "common.fullname" .) -}}
+ {{- end -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+ Calculate if we need a PV. If a storageClass is provided, then we don't need.
+*/}}
+{{- define "common.needPV" -}}
+{{- if or (or .Values.persistence.storageClassOverride .Values.persistence.storageClass) .Values.global.persistence.storageClass -}}
+ False
+{{- else -}}
+ True
+{{- end -}}
+{{- end -}}
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
+
+apiVersion: v1
name: etcd
home: https://github.com/coreos/etcd
version: 5.0.0
# See the License for the specific language governing permissions and
# limitations under the License.
-{{ if .Values.persistence.enabled }}
-{{- $root := . -}}
-{{ range $i, $e := until (int $root.Values.replicaCount) }}
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
---
apiVersion: v1
kind: PersistentVolume
metadata:
- name: {{ include "common.fullname" $root }}-data-{{ $i }}
- namespace: {{ $root.Release.Namespace }}
+ name: {{ include "common.fullname" $global }}-data-{{ $i }}
+ namespace: {{ include "common.namespace" $global }}
labels:
- type: {{ $root.Values.persistence.storageType }}
- app: {{ include "common.fullname" $root }}
- chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }}
- release: {{ $root.Release.Name }}
- heritage: {{ $root.Release.Service }}
+ app: {{ include "common.fullname" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}
spec:
capacity:
- storage: {{ $root.Values.persistence.storage }}
+ storage: {{ $global.Values.persistence.storage }}
accessModes:
- - {{ $root.Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" $root }}-data"
+ - {{ $global.Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
hostPath:
- path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }}
- persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }}
-{{ end }}
-{{ end }}
-
+ path: {{ $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }}
+{{if ne $i (int $global.Values.replicaCount) }}
+---
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
volumeClaimTemplates:
- metadata:
name: {{ include "common.fullname" . }}-data
+ labels:
+ name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
spec:
accessModes:
- - "{{ .Values.persistence.accessMode }}"
+ - "{{ .Values.persistence.accessMode }}"
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
# upstream recommended max is 700M
storage: "{{ .Values.persistence.storage }}"
- storageClassName: {{ include "common.fullname" . }}-data
{{- else }}
volumes:
- name: {{ include "common.fullname" . }}-data
emptyDir: {}
{{- end }}
{{- end }}
-
enabled: true
persistence:
- enabled: false
+ enabled: true
## etcd data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
affinity: {}
extraEnv: []
resources: {}
-
.project
.idea/
*.tmproj
+
+# Unit tests folder
+tests
{{/*
-# Copyright © 2019 Amdocs, Bell Canada
+# Copyright © 2019 Amdocs, Bell Canada, Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
echo "Backup Successful!!!"
env:
- name: DB_PASS
- valueFrom:
- secretKeyRef:
- name: {{ include "common.fullname" . }}
- key: db-root-password
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}}
volumeMounts:
- - name: backup-data
+ - name: backup-dir
mountPath: /backup
- - name: db-data
- mountPath: /var/lib/mysql
containers:
- name: mariadb-backup-validate
image: "{{ include "common.repository" . }}/{{ .Values.backupImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ include "common.fullname" . }}
- key: db-root-password
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}}
command:
- /bin/bash
- -c
remove_dir $target_dir
exit 0
fi
-
+
/docker-entrypoint.sh mysqld &
count=0
- mountPath: /etc/localtime
name: localtime
readOnly: true
- - name: backup-data
+ - name: backup-dir
mountPath: /backup
volumes:
- name: localtime
hostPath:
path: /etc/localtime
- - name: db-data
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-db-data
- - name: backup-data
+ - name: backup-dir
persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-backup
+ claimName: {{ include "common.fullname" . }}-backup-data
{{- end }}
{{/*
-# Copyright © 2019 Amdocs, Bell Canada
+# Copyright © 2019 Amdocs, Bell Canada, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
*/}}
{{- if .Values.backup.enabled }}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-backup
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}-backup
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" . }}/{{include "common.name" . }}
+{{- if eq "True" (include "common.needPV" .) -}}
---
-kind: PersistentVolume
apiVersion: v1
+kind: PersistentVolume
metadata:
- name: {{ include "common.fullname" . }}-db-data
+ name: {{ include "common.fullname" . }}-backup-data
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}-db-data
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ heritage: {{ .Release.Service }}
+ name: {{ include "common.fullname" . }}-backup-data
spec:
capacity:
- storage: {{ .Values.persistence.size}}
+ storage: {{ .Values.persistence.size }}
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data-backup"
hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}{{ sub .Values.replicaCount 1 }}
+ path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" $ }}/{{ include "common.fullname" $ }}
+{{- end -}}
{{- end -}}
{{- end -}}
-
{{/*
-# Copyright © 2019 Amdocs, Bell Canada
+# Copyright © 2019 Amdocs, Bell Canada, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
*/}}
{{- if .Values.backup.enabled }}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-backup
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}-backup
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}-backup
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}-db-data
+ name: {{ include "common.fullname" . }}-backup-data
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.name" . }}-db-data
+ app: {{ include "common.name" . }}-backup
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}-db-data
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
+{{- if eq "True" (include "common.needPV" .) -}}
+ storageClassName: "{{ include "common.fullname" . }}-data-backup"
{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
+ storageClassName: {{ include "common.storageClass" . }}
+{{- end -}}
{{- end -}}
{{- end -}}
-
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-confd
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }}
----
{{- if .Values.externalConfig }}
apiVersion: v1
kind: ConfigMap
data:
my_extra.cnf: |
{{ .Values.externalConfig | indent 4 }}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2019 Amdocs, Bell Canada, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
*/}}
{{- $global := . }}
-{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) -}}
-{{- range $i, $t := until (int $global.Values.replicaCount)}}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" $global }}-data{{$i}}
+ name: {{ include "common.fullname" $global }}-data-{{ $i }}
namespace: {{ include "common.namespace" $global }}
labels:
app: {{ include "common.fullname" $global }}
persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
storageClassName: "{{ include "common.fullname" $global }}-data"
hostPath:
- path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}{{$i}}
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
---
{{- end -}}
{{- end -}}
+{{- end -}}
+{{- end -}}
# Copyright © 2018 Amdocs, Bell Canada
+# Copyright © 2019 Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-type: Opaque
-data:
- db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }}
- user-password: {{ default "" .Values.config.userPassword | b64enc | quote }}
\ No newline at end of file
+{{ include "common.secret" . }}
-# Copyright © 2018 Amdocs, Bell Canada
+# Copyright © 2019 Amdocs, Bell Canada, Orange, Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
apiVersion: v1
fieldPath: metadata.namespace
- name: MYSQL_USER
- value: {{ default "" .Values.config.userName | quote }}
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-credentials" "key" "login") | indent 14}}
- name: MYSQL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: user-password
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-user-credentials" "key" "password") | indent 14}}
- name: MYSQL_DATABASE
value: {{ default "" .Values.config.mysqlDatabase | quote }}
- name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-root-password
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-password" "key" "password") | indent 14}}
ports:
- containerPort: {{ .Values.service.internalPort }}
name: {{ .Values.service.portName }}
- mountPath: /var/lib/mysql
name: {{ include "common.fullname" . }}-data
initContainers:
- - name: mariadb-galera-prepare
+ - name: {{ include "common.name" . }}-prepare
image: "{{ include "common.repository" . }}/{{ .Values.imageInit }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy | quote}}
command: ["sh", "-c", "chown -R 27:27 /var/lib/mysql"]
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
- storageClassName: {{ include "common.fullname" . }}-data
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
{{- end }}
--- /dev/null
+---
+suite: test pv behavior
+templates:
+ - pv.yaml
+tests:
+ - it: 'should render "" (global case))'
+ values:
+ - ./values/persistence.yaml
+ set:
+ global.persistence.storageClass: "-"
+ asserts:
+ - isEmpty:
+
+ - it: 'should "" (override case)'
+ values:
+ - ./values/persistence.yaml
+ set:
+ global.persistence.storageClass: "global"
+ persistence.storageClassOverride: "-"
+ asserts:
+ - isEmpty:
+
+ - it: 'should "" (local case)'
+ values:
+ - ./values/persistence.yaml
+ set:
+ persistence.storageClass: "-"
+ asserts:
+ - isEmpty:
+
+ - it: 'should render "RELEASE-NAME-mariadb-galera-data" as storageClassname'
+ asserts:
+ - equal:
+ path: spec.storageClassName
+ value: "RELEASE-NAME-mariadb-galera-data"
--- /dev/null
+---
+suite: test storage class behavior
+templates:
+ - statefulset.yaml
+tests:
+ - it: 'should render "" as storageClassname (global case)'
+ values:
+ - ./values/persistence.yaml
+ set:
+ global.persistence.storageClass: "-"
+ asserts:
+ - isEmpty:
+ path: spec.volumeClaimTemplates[0].spec.storageClassName
+
+ - it: 'should "" as storageClassname (override case)'
+ values:
+ - ./values/persistence.yaml
+ set:
+ global.persistence.storageClass: "global"
+ persistence.storageClassOverride: "-"
+ asserts:
+ - isEmpty:
+ path: spec.volumeClaimTemplates[0].spec.storageClassName
+
+ - it: 'should "" as storageClassname (local case)'
+ values:
+ - ./values/persistence.yaml
+ set:
+ persistence.storageClass: "-"
+ asserts:
+ - isEmpty:
+ path: spec.volumeClaimTemplates[0].spec.storageClassName
+
+ - it: 'should render "global" as storageClassname'
+ values:
+ - ./values/persistence.yaml
+ set:
+ global.persistence.storageClass: "global"
+ asserts:
+ - equal:
+ path: spec.volumeClaimTemplates[0].spec.storageClassName
+ value: "global"
+
+ - it: 'should render "local" as storageClassname'
+ values:
+ - ./values/persistence.yaml
+ asserts:
+ - equal:
+ path: spec.volumeClaimTemplates[0].spec.storageClassName
+ value: "local"
+
+ - it: 'should render "override" as storageClassname'
+ values:
+ - ./values/persistence.yaml
+ set:
+ global.persistence.storageClass: "global"
+ persistence.storageClassOverride: "override"
+ asserts:
+ - equal:
+ path: spec.volumeClaimTemplates[0].spec.storageClassName
+ value: "override"
+
+ - it: 'should render "RELEASE-NAME-mariadb-galera-data" as storageClassname'
+ asserts:
+ - equal:
+ path: spec.volumeClaimTemplates[0].spec.storageClassName
+ value: "RELEASE-NAME-mariadb-galera-data"
--- /dev/null
+---
+persistence:
+ enabled: true
+ existingClaim: false
+ size: 10Gb
+ storageClass: "local"
# Copyright © 2018 Amdocs, Bell Canada
+# Copyright © 2019 Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: "db-root-password"
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}'
+ password: '{{ .Values.config.mariadbRootPassword }}'
+ - uid: "db-user-credentials"
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.userName }}'
+ password: '{{ .Values.config.userPassword }}'
+
+
#################################################################
# Global configuration defaults.
#################################################################
#repository: mysql
repository: nexus3.onap.org:10001
image: adfinissygroup/k8s-mariadb-galera-centos:v002
-backupImage: library/mariadb:10.1.38
+backupImage: library/mariadb:10.1.38
imageInit: busybox
pullPolicy: IfNotPresent
# application configuration
config:
+ # .mariadbRootPasswordExternalSecret: 'some-external-secret'
mariadbRootPassword: secretpassword
+ # .userCredentialsExternalSecret: 'some-external-secret'
userName: my-user
userPassword: my-password
mysqlDatabase: my-database
mountSubPath: "mariadb-galera/data"
mysqlPath: /var/lib/mysql
backup:
- mountPath: /dockerdata-nfs/backup
+ mountPath: /dockerdata-nfs/backup{{- if or (or .Values.storageClassOverride .Values.persistence.storageClass) .Values.global.persistence.storageClass -}}
service:
internalPort: 3306
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+
+tests
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2018 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
apiVersion: v1
-description: MySQL Server
-name: mysql
+description: Chart for MariaDB Galera init job
+name: mariadb-init
version: 5.0.0
--- /dev/null
+# Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~5.x-0
+ repository: 'file://../common'
\ No newline at end of file
--- /dev/null
+#!/bin/bash
+# Copyright © 2019 Orange
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+while read DB ; do
+ USER_VAR="MYSQL_USER_${DB^^}"
+ PASS_VAR="MYSQL_PASSWORD_${DB^^}"
+ USER=${!USER_VAR}
+ PASS=${!PASS_VAR}
+ MYSQL_OPTS=( -h ${DB_HOST} -P ${DB_PORT} -uroot -p${MYSQL_ROOT_PASSWORD} )
+
+ echo "Creating database ${DB} and user ${USER}..."
+
+ mysql "${MYSQL_OPTS[@]}" -e "CREATE OR REPLACE USER '${USER}'@'%' IDENTIFIED BY '${PASS}'"
+ mysql "${MYSQL_OPTS[@]}" -e "CREATE DATABASE IF NOT EXISTS ${DB}"
+ mysql "${MYSQL_OPTS[@]}" -e "GRANT ALL PRIVILEGES ON ${DB}.* TO '${USER}'@'%'"
+
+ echo "Created database ${DB} and user ${USER}."
+done <<EOF
+{{ .Values.config.mysqlDatabase }}
+{{- range $db, $_value := .Values.config.mysqlAdditionalDatabases }}
+{{ $db }}
+{{- end }}
+EOF
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2019 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
*/}}
-{{ if not .Values.disableNfsProvisioner }}
-kind: StorageClass
-apiVersion: storage.k8s.io/v1
-metadata:
- name: "{{ include "common.fullname" . }}-data"
- namespace: {{ include "common.namespace" . }}
-provisioner: {{ include "common.fullname" . }}/nfs
-{{ end }}
+{{/*
+ Choose the name of the configmap to use.
+*/}}
+{{- define "mariadbInit.configMap" -}}
+ {{- if (eq "default" .Values.config.config_map) -}}
+ {{- include "common.fullname" . -}}
+ {{- else -}}
+ {{- printf "%s-%s" (include "common.release" .) .Values.config.config_map -}}
+ {{- end -}}
+{{- end -}}
--- /dev/null
+{{/*
+# Copyright © 2019 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+ Choose the name of the mariadb secret to use.
+*/}}
+{{- define "mariadbInit.mariadbClusterSecret" -}}
+ {{- if (eq "default" .Values.global.mariadbGalera.userRootSecret) -}}
+ {{- printf "%s-mariadb-galera-%s-db-root-password" (include "common.release" .) .Values.global.mariadbGalera.nameOverride -}}
+ {{- else -}}
+ {{- .Values.global.mariadbGalera.userRootSecret -}}
+ {{- end -}}
+{{- end -}}
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2019 Orange
+# Modifications Copyright © 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-*/}}
apiVersion: v1
-kind: Secret
+kind: ConfigMap
metadata:
name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.fullname" . }}
+ app: {{ include "common.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
-type: Opaque
data:
- db-root-password: {{ .Values.config.dbRootPassword | b64enc | quote }}
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
--- /dev/null
+# Copyright © 2019 Orange
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-config-job
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ backoffLimit: 20
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - {{ .Values.global.mariadbGalera.nameOverride }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - bash
+ - /db_init/db_init.sh
+ env:
+ - name: DB_HOST
+ value: "{{ .Values.global.mariadbGalera.nameOverride }}"
+ - name: DB_PORT
+ value: "{{ .Values.global.mariadbGalera.servicePort }}"
+ - name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mariadbInit.mariadbClusterSecret" . }}
+ key: {{ .Values.global.mariadbGalera.userRootSecretKey }}
+ - name: {{ printf "MYSQL_USER_%s" .Values.config.mysqlDatabase | upper }}
+ value: "{{ .Values.config.userName }}"
+ - name: {{ printf "MYSQL_PASSWORD_%s" .Values.config.mysqlDatabase | upper }}
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: db-user-password
+{{- $root := . }}
+{{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases }}
+ - name: {{ printf "MYSQL_USER_%s" $db | upper }}
+ value: {{ $dbInfos.user }}
+ - name: {{ printf "MYSQL_PASSWORD_%s" $db | upper }}
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" $root }}-secret
+ key: {{ printf "db-%s-user-password" $db }}
+{{ end }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - name: mariadb-conf
+ mountPath: /db_init/
+ readOnly: true
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: mariadb-conf
+ configMap:
+ name: {{ include "mariadbInit.configMap" . }}
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ restartPolicy: Never
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
apiVersion: v1
kind: Secret
metadata:
- name: {{ include "common.fullname" . }}-secret
+ name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
heritage: {{ .Release.Service }}
type: Opaque
data:
- db-user-password: {{ .Values.mariadb.config.db.password | b64enc | quote }}
- db-root-password: {{ .Values.mariadb.config.db.root_password | b64enc | quote }}
+ db-user-password: {{ index .Values.config.userPassword | b64enc | quote }}
+{{ range $db, $dbInfos := .Values.config.mysqlAdditionalDatabases }}
+ {{ printf "db-%s-user-password" $db}}: {{ $dbInfos.password | b64enc | quote }}
+{{ end }}
--- /dev/null
+---
+suite: test configmap behavior
+templates:
+ - configmap.yaml
+tests:
+ - it: "should render with default value"
+ asserts:
+ - isKind:
+ of: ConfigMap
+ - equal:
+ path: metadata.name
+ value: RELEASE-NAME-mariadb-init
+ - equal:
+ path: metadata.namespace
+ value: NAMESPACE
+ - matchRegex:
+ path: metadata.labels.app
+ pattern: mariadb-init
+ - equal:
+ path: data
+ value:
+ db_init.sh: |
+ #!/bin/sh
+ # Copyright © 2019 Orange
+ #
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+
+ echo "Creating database ynsaUCru6mUNwGal and user u5WZ1GMSIS1wHZF..."
+
+ mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+ CREATE OR REPLACE USER 'u5WZ1GMSIS1wHZF'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD}';
+ CREATE OR REPLACE USER 'u5WZ1GMSIS1wHZF'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}';
+ CREATE DATABASE IF NOT EXISTS ynsaUCru6mUNwGal;
+ GRANT ALL PRIVILEGES ON ynsaUCru6mUNwGal.* TO 'u5WZ1GMSIS1wHZF'@'%';
+ GRANT ALL PRIVILEGES ON ynsaUCru6mUNwGal.* TO 'u5WZ1GMSIS1wHZF'@'localhost';
+ EOF
+
+ echo "Created database ynsaUCru6mUNwGal and user u5WZ1GMSIS1wHZF."
+ - it: "shoud render with other databases"
+ set:
+ config:
+ userName: testUser
+ mysqlDatabase: testDB
+ mysqlAdditionalDatabases:
+ dbOne:
+ user: one
+ password: pwd1
+ dbTwo:
+ user: two
+ password: pwd2
+ asserts:
+ - equal:
+ path: data
+ value:
+ db_init.sh: |
+ #!/bin/sh
+ # Copyright © 2019 Orange
+ #
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+
+ echo "Creating database testDB and user testUser..."
+
+ mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+ CREATE OR REPLACE USER 'testUser'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD}';
+ CREATE OR REPLACE USER 'testUser'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}';
+ CREATE DATABASE IF NOT EXISTS testDB;
+ GRANT ALL PRIVILEGES ON testDB.* TO 'testUser'@'%';
+ GRANT ALL PRIVILEGES ON testDB.* TO 'testUser'@'localhost';
+ EOF
+
+ echo "Created database testDB and user testUser."
+
+ echo "Creating database dbOne and user one..."
+
+ mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+ CREATE OR REPLACE USER 'one'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD_DBONE}';
+ CREATE OR REPLACE USER 'one'@'%' IDENTIFIED BY '${MYSQL_PASSWORD_DBONE}';
+ CREATE DATABASE IF NOT EXISTS dbOne;
+ GRANT ALL PRIVILEGES ON dbOne.* TO 'one'@'%';
+ GRANT ALL PRIVILEGES ON dbOne.* TO 'one'@'localhost';
+ EOF
+
+ echo "Created database dbOne and user one."
+ echo "Creating database dbTwo and user two..."
+
+ mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+ CREATE OR REPLACE USER 'two'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD_DBTWO}';
+ CREATE OR REPLACE USER 'two'@'%' IDENTIFIED BY '${MYSQL_PASSWORD_DBTWO}';
+ CREATE DATABASE IF NOT EXISTS dbTwo;
+ GRANT ALL PRIVILEGES ON dbTwo.* TO 'two'@'%';
+ GRANT ALL PRIVILEGES ON dbTwo.* TO 'two'@'localhost';
+ EOF
+
+ echo "Created database dbTwo and user two."
--- /dev/null
+---
+suite: test job behavior
+templates:
+ - job.yaml
+tests:
+ - it: "should render with default value (global)"
+ asserts:
+ - isKind:
+ of: Job
+ - matchRegex:
+ path: metadata.name
+ pattern: -mariadb-init-config-job$
+ - equal:
+ path: metadata.namespace
+ value: NAMESPACE
+ - matchRegex:
+ path: metadata.labels.app
+ pattern: mariadb-init
+ - matchRegex:
+ path: spec.template.metadata.labels.app
+ pattern: mariadb-init
+ - matchRegex:
+ path: spec.template.metadata.name
+ pattern: mariadb-init
+ - isNull:
+ path: spec.template.spec.nodeSelector
+ - isNull:
+ path: spec.template.spec.affinity
+ - it: "should render with default value (init container)"
+ asserts:
+ - matchRegex:
+ path: spec.template.spec.initContainers[0].name
+ pattern: mariadb-init-readiness
+ - contains:
+ path: spec.template.spec.initContainers[0].args
+ content: mariadb-galera
+ - equal:
+ path: spec.template.spec.initContainers[0].image
+ value: oomk8s/readiness-check:2.0.2
+ - equal:
+ path: spec.template.spec.initContainers[0].imagePullPolicy
+ value: IfNotPresent
+ - it: "should render with default value (container)"
+ asserts:
+ - matchRegex:
+ path: spec.template.spec.containers[0].name
+ pattern: mariadb-init
+ - equal:
+ path: spec.template.spec.containers[0].image
+ value: nexus3.onap.org:10001/mariadb:10.1.38
+ - equal:
+ path: spec.template.spec.containers[0].imagePullPolicy
+ value: IfNotPresent
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_HOST
+ value: mariadb-galera
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_PORT
+ value: "3306"
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-galera-mariadb-galera
+ key: db-root-password
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-init-secret
+ key: db-user-password
+ - contains:
+ path: spec.template.spec.containers[0].volumeMounts
+ content:
+ name: mariadb-conf
+ mountPath: /db_init/
+ readOnly: true
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.cpu
+ value: 100m
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.memory
+ value: 500Mbi
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.cpu
+ value: 10m
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.memory
+ value: 10Mbi
+ - it: "should render with default value (volumes)"
+ asserts:
+ - contains:
+ path: spec.template.spec.volumes
+ content:
+ name: mariadb-conf
+ configMap:
+ name: RELEASE-NAME-mariadb-init
+
+ - it: "should render with nameOverride set"
+ set:
+ nameOverride: myJob
+ asserts:
+ - matchRegex:
+ path: metadata.name
+ pattern: -myJob-config-job$
+ - matchRegex:
+ path: metadata.labels.app
+ pattern: myJob
+ - matchRegex:
+ path: spec.template.metadata.labels.app
+ pattern: myJob
+ - matchRegex:
+ path: spec.template.metadata.name
+ pattern: myJob
+ - matchRegex:
+ path: spec.template.spec.initContainers[0].name
+ pattern: myJob-readiness
+ - matchRegex:
+ path: spec.template.spec.containers[0].name
+ pattern: myJob
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ # replicating name from mariadb galera cluster, kind of hardcoded...
+ name: RELEASE-NAME-myJob-secret
+ key: db-user-password
+ - contains:
+ path: spec.template.spec.volumes
+ content:
+ name: mariadb-conf
+ configMap:
+ name: RELEASE-NAME-myJob
+
+ - it: "should render with configmap set"
+ set:
+ config:
+ config_map: myCM
+ asserts:
+ - contains:
+ path: spec.template.spec.volumes
+ content:
+ name: mariadb-conf
+ configMap:
+ name: RELEASE-NAME-myCM
+
+ - it: "should render with mariadbGalera changes"
+ set:
+ global:
+ mariadbGalera:
+ nameOverride: myMaria
+ servicePort: 545
+ asserts:
+ - contains:
+ path: spec.template.spec.initContainers[0].args
+ content: myMaria
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_HOST
+ value: myMaria
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_PORT
+ value: "545"
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-galera-myMaria
+ key: db-root-password
+
+ - it: "should render with full mariadbGalera changes"
+ set:
+ global:
+ mariadbGalera:
+ nameOverride: myMaria
+ servicePort: 545
+ userRootSecret: galera-secret
+ userRootSecretKey: root-password
+ asserts:
+ - contains:
+ path: spec.template.spec.initContainers[0].args
+ content: myMaria
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_HOST
+ value: myMaria
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DB_PORT
+ value: "545"
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: galera-secret
+ key: root-password
+
+ - it: "should set the right nodeSelector"
+ set:
+ nodeSelector:
+ disktype: ssd
+ asserts:
+ - equal:
+ path: spec.template.spec.nodeSelector.disktype
+ value: ssd
+
+ - it: "should set the right affinity"
+ set:
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: kubernetes.io/e2e-az-name
+ operator: In
+ values:
+ - e2e-az1
+ - e2e-az2
+ asserts:
+ - equal:
+ path: spec.template.spec.affinity
+ value:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: kubernetes.io/e2e-az-name
+ operator: In
+ values:
+ - e2e-az1
+ - e2e-az2
+ - it: "should use large flavor"
+ set:
+ flavor: large
+ asserts:
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.cpu
+ value: 200m
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.memory
+ value: 500Mbi
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.cpu
+ value: 20m
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.memory
+ value: 20Mbi
+ - it: "should use unlimited flavor"
+ set:
+ flavor: unlimited
+ asserts:
+ - isEmpty:
+ path: spec.template.spec.containers[0].resources
+ - it: "shoud render with other databases"
+ set:
+ config:
+ mysqlAdditionalDatabases:
+ dbOne:
+ user: one
+ password: pwd1
+ dbTwo:
+ user: two
+ password: pwd2
+ asserts:
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-init-secret
+ key: db-user-password
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_PASSWORD_DBONE
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-init-secret
+ key: db-dbOne-user-password
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MYSQL_PASSWORD_DBTWO
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-mariadb-init-secret
+ key: db-dbTwo-user-password
--- /dev/null
+---
+suite: test secret behavior
+templates:
+ - secret.yaml
+tests:
+ - it: "should render with default values"
+ asserts:
+ - isKind:
+ of: Secret
+ - equal:
+ path: metadata.name
+ value: RELEASE-NAME-mariadb-init
+ - equal:
+ path: metadata.namespace
+ value: NAMESPACE
+ - matchRegex:
+ path: metadata.labels.app
+ pattern: mariadb-init-config-job
+ - equal:
+ path: data.db-user-password
+ value: Q2lAc2hzT2QzcGt5MVZqaQ==
+ - it: "should render specific password value base64 encoded"
+ set:
+ config:
+ userPassword: yolo
+ asserts:
+ - equal:
+ path: data.db-user-password
+ value: eW9sbw==
+ - it: "shoud render with other databases"
+ set:
+ config:
+ mysqlAdditionalDatabases:
+ dbOne:
+ user: one
+ password: pwd1
+ dbTwo:
+ user: two
+ password: pwd2
+ asserts:
+ - equal:
+ path: data.db-user-password
+ value: Q2lAc2hzT2QzcGt5MVZqaQ==
+ - equal:
+ path: data.db-dbOne-user-password
+ value: cHdkMQ==
+ - equal:
+ path: data.db-dbTwo-user-password
+ value: cHdkMg==
--- /dev/null
+# Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ repository: nexus3.onap.org:10001
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ mariadbGalera:
+ nameOverride: mariadb-galera
+ servicePort: 3306
+ # set these two values if you want to access an 'out of ONAP' mariadb
+ userRootSecret: default
+ userRootSecretKey: password
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+
+image: mariadb:10.1.38
+pullPolicy: IfNotPresent
+
+# Set it if you want to change the name of the different components
+# nameOverride:
+
+config:
+ userPassword: Ci@shsOd3pky1Vji
+ userName: u5WZ1GMSIS1wHZF
+ mysqlDatabase: ynsaUCru6mUNwGal
+ mysqlAdditionalDatabases: {}
+ # add addtional dabases
+ # this is an dict
+ # Example:
+ # mysqlAdditionalDatabases:
+ # dbOne:
+ # user: one
+ # password: pwd1
+ # dbTwo:
+ # user: two
+ # password: pwd2
+ config_map: default
+
+nodeSelector: {}
+
+affinity: {}
+
+#resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+flavor: small
+resources:
+ small:
+ limits:
+ cpu: 100m
+ memory: 500Mi
+ requests:
+ cpu: 10m
+ memory: 10Mi
+ large:
+ limits:
+ cpu: 200m
+ memory: 500Mi
+ requests:
+ cpu: 20m
+ memory: 20Mi
+ unlimited: {}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ if not .Values.disableNfsProvisioner }}
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- #replicas: {{ .Values.replicaCount }}
- strategy:
- type: Recreate
- template:
- metadata:
- labels:
- app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- release: {{ .Release.Name }}
- spec:
- containers:
- - name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- image: "{{ .Values.global.nfsprovisionerRepository | default .Values.nfsprovisionerRepository }}/{{ .Values.nfsprovisionerImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - name: nfs
- containerPort: {{ .Values.service.nfsPort }}
- - name: mountd
- containerPort: {{ .Values.service.mountdPort }}
- - name: rpcbind
- containerPort: {{ .Values.service.rpcbindPort }}
- - name: rpcbind-udp
- containerPort: {{ .Values.service.rpcbindUdpPort }}
- protocol: UDP
- securityContext:
- capabilities:
- add:
- - DAC_READ_SEARCH
- - SYS_RESOURCE
- args:
- - "-provisioner={{ include "common.fullname" . }}/nfs"
- env:
- - name: POD_IP
- valueFrom:
- fieldRef:
- fieldPath: status.podIP
- - name: SERVICE_NAME
- value: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - name: export-volume
- mountPath: /export
- volumes:
- - name: export-volume
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{ end }}
# limitations under the License.
*/}}
-{{- if (and (and (.Values.persistence.enabled) (not .Values.persistence.existingClaim)) ( .Values.disableNfsProvisioner)) -}}
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}-data
- namespace: {{ include "common.namespace" . }}
+ name: {{ include "common.fullname" $global }}-data-{{ $i }}
+ namespace: {{ include "common.namespace" $global }}
labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
+ app: {{ include "common.fullname" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}
spec:
capacity:
- storage: {{ .Values.persistence.size}}
+ storage: {{ $global.Values.persistence.size}}
accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ - {{ $global.Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
+---
+{{- end -}}
+{{- end -}}
+{{- end -}}
{{- end -}}
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
clusterIP: None
-#{{ if not .Values.disableNfsProvisioner }}
----
-kind: Service
-apiVersion: v1
-metadata:
- name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
-spec:
- ports:
- - name: nfs
- port: {{ .Values.service.nfsPort }}
- - name: mountd
- port: {{ .Values.service.mountdPort }}
- - name: rpcbind
- port: {{ .Values.service.rpcbindPort }}
- - name: rpcbind-udp
- port: {{ .Values.service.rpcbindUdpPort }}
- protocol: UDP
- selector:
- app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
-#{{ end }}
---
# Client service for connecting to any Mongo instance for reads.
apiVersion: v1
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
- initContainers:
-#{{ if not .Values.disableNfsProvisioner }}
- - name: {{ include "common.name" . }}-readiness
- command:
- - /root/ready.py
- args:
- - --container-name
- - {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-#{{ end }}
-
containers:
- name: {{ include "common.name" . }}
image: "{{ .Values.dockerHubRepository }}/{{ .Values.image }}"
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
- - mountPath: /var/lib/mongo
- name: {{ include "common.fullname" . }}-data
+ - name: {{ include "common.fullname" . }}-data
+ mountPath: /var/lib/mongo
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
- name: localtime
hostPath:
path: /etc/localtime
+ {{- if .Values.persistence.enabled }}
+ volumeClaimTemplates:
+ - metadata:
+ name: {{ include "common.fullname" . }}-data
+ labels:
+ name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode | quote }}
+ storageClassName: {{ include "common.storageClass" . }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size | quote }}
+ {{- else }}
+ volumes:
- name: {{ include "common.fullname" . }}-data
-#{{ if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-data
-#{{ else }}
emptyDir: {}
-#{{ end }}
+ {{- end }}
affinity: {}
-disableNfsProvisioner: true
-
# probe configuration parameters
liveness:
initialDelaySeconds: 30
# cpu: 2
# memory: 4Gi
-
-nfsprovisionerRepository: quay.io
-nfsprovisionerImage: kubernetes_incubator/nfs-provisioner:v1.0.8
-nfsprovisionerPrefix: mongo
-
sdnctlPrefix: mongo
geoEnabled: false
--- /dev/null
+{{/*
+# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" $global }}-data-{{ $i }}
+ namespace: {{ include "common.namespace" $global }}
+ labels:
+ app: {{ include "common.fullname" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}
+spec:
+ capacity:
+ storage: {{ $global.Values.persistence.size}}
+ accessModes:
+ - {{ $global.Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
+ hostPath:
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
+---
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
+# Copyright © 2019 AT&T, Amdocs, Bell Canada, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
valueFrom:
fieldRef:
fieldPath: status.podIP
+{{- if .Values.persistence.enabled }}
volumeMounts:
- - name: {{ template "common.name" . }}-data
+ - name: {{ include "common.fullname" . }}-data
mountPath: /var/lib/cassandra
+{{- end }}
resources:
-{{ toYaml .Values.resources | indent 10 }}
+{{ include "common.resources" . | indent 12 }}
volumes:
- name: localtime
hostPath:
path: /etc/localtime
- {{- if not .Values.persistence.enabled }}
- - name: {{ template "common.name" . }}-data
- emptyDir: {}
- {{- else }}
+{{- if .Values.persistence.enabled }}
volumeClaimTemplates:
- - metadata:
- name: {{ template "common.name" . }}-data
- labels:
- app: {{ template "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- annotations:
- volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass }}
- spec:
- storageClassName: {{ .Values.persistence.storageClass }}
- accessModes:
- - {{ .Values.persistence.accessMode | quote }}
- resources:
- requests:
- storage: {{ .Values.persistence.size | quote }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- release: "{{ .Release.Name }}"
- {{- end }}
+ - metadata:
+ name: {{ include "common.fullname" . }}-data
+ labels:
+ name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode | quote }}
+ storageClassName: {{ include "common.storageClass" . }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size | quote }}
+{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
+++ /dev/null
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ if .Values.persistence.enabled }}
-{{- $root := . -}}
-{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }}
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }}
- namespace: {{ $root.Release.Namespace }}
- labels:
- type: {{ $root.Values.persistence.storageType }}
- app: {{ $root.Values.service.name }}
- chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }}
- release: {{ $root.Release.Name }}
- heritage: {{ $root.Release.Service }}
-spec:
- capacity:
- storage: {{ $root.Values.persistence.size }}
- accessModes:
- - {{ $root.Values.persistence.accessMode }}
- hostPath:
- path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{$i}}
- persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }}
- podAntiAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- podAffinityTerm:
- labelSelector:
- matchExpressions:
- - key: app
- operator: In
- values:
- - "{{ $root.Chart.Name }}"
- topologyKey: kubernetes.io/hostname
-{{ end }}
-{{ end }}
size: 2Gi
mountPath: /dockerdata-nfs/
mountSubPath: common/cassandra/data
- storageType: local
- storageClass: ""
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
resources:
- limits:
- cpu: 4
- memory: 8Gi
- requests:
- cpu: 2
- memory: 4Gi
+ small:
+ limits:
+ cpu: 500m
+ memory: 1.2Gi
+ requests:
+ cpu: 160m
+ memory: 900Mi
+ large:
+ limits:
+ cpu: 4
+ memory: 10Gi
+ requests:
+ cpu: 2
+ memory: 6Gi
+ unlimited: {}
- /root/ready.py
args:
- --container-name
- - zookeeper
+ - zookeeper
env:
- name: NAMESPACE
valueFrom:
mountPath: /opt/app/music/etc/music.properties
subPath: music.properties
resources:
-{{ toYaml .Values.resources | indent 10 }}
+{{ include "common.resources" . | indent 12 }}
volumes:
- name: shared-data
emptyDir: {}
ingress:
enabled: false
-#resources: {}
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
resources:
- limits:
- cpu: 2
- memory: 2Gi
- requests:
- cpu: 2
- memory: 1Gi
+ small:
+ limits:
+ cpu: 900m
+ memory: 460Mi
+ requests:
+ cpu: 550m
+ memory: 360Mi
+ large:
+ limits:
+ cpu: 4
+ memory: 2Gi
+ requests:
+ cpu: 2
+ memory: 1Gi
+ unlimited: {}
+
properties:
# Admin API
# ONAP AAF
aafAdminUrl:
-
--- /dev/null
+{{/*
+# Copyright © 2019 Amdocs, Bell Canada, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" $global }}-data-{{ $i }}
+ namespace: {{ include "common.namespace" $global }}
+ labels:
+ app: {{ include "common.fullname" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}
+spec:
+ capacity:
+ storage: {{ $global.Values.persistence.size}}
+ accessModes:
+ - {{ $global.Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
+ hostPath:
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
+---
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
resources:
{{ include "common.resources" . }}
volumeMounts:
- - name: zookeeper-data
+ - name: {{ include "common.fullname" . }}-data
mountPath: /var/lib/zookeeper
{{- if .Values.exporters.jmx.enabled }}
configMap:
name: {{ .Release.Name }}-jmx-exporter
{{- end }}
- {{- if not .Values.persistence.enabled }}
- - name: zookeeper-data
- emptyDir: {}
- {{- end }}
{{- end }}
{{- if .Values.persistence.enabled }}
volumeClaimTemplates:
- - metadata:
- name: zookeeper-data
- labels:
- app: {{ .Chart.Name }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- annotations:
- volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass }}
- spec:
- storageClassName: {{ .Values.persistence.storageClass }}
- accessModes:
- - {{ .Values.persistence.accessMode | quote }}
- resources:
- requests:
- storage: {{ .Values.persistence.size | quote }}
- selector:
- matchLabels:
- release: "{{ .Release.Name }}"
+ - metadata:
+ name: {{ include "common.fullname" . }}-data
+ labels:
+ name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode | quote }}
+ storageClassName: {{ include "common.storageClass" . }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size | quote }}
{{- end }}
+++ /dev/null
-{{ if .Values.persistence.enabled }}
-{{- $root := . -}}
-{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }}
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }}
- namespace: {{ $root.Release.Namespace }}
- labels:
- type: {{ $root.Values.persistence.storageType }}
- app: {{ $root.Values.service.name }}
- chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }}
- release: {{ $root.Release.Name }}
- heritage: {{ $root.Release.Service }}
-spec:
- capacity:
- storage: {{ $root.Values.persistence.size }}
- accessModes:
- - {{ $root.Values.persistence.accessMode }}
- hostPath:
- path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{$i}}
- persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }}
-{{ end }}
-{{ end }}
protocol: TCP # Protocol for zookeeper container server port.
# Resource Limit flavor -By Default using small
-flavor: large
+flavor: small
# Segregation for Different environment (Small and Large)
resources:
small:
limits:
- cpu: 1
- memory: 1Gi
+ cpu: 500m
+ memory: 900Mi
requests:
- cpu: 500m
- memory: 500Mi
+ cpu: 10m
+ memory: 730Mi
large:
limits:
cpu: 3
memory: 2Gi
requests:
- cpu: 2
- memory: 1Gi
+ cpu: 2
+ memory: 1Gi
unlimited: {}
nodeSelector: {} # Node label-values required to run zookeeper pods.
tolerations: [] # Node taint overrides for zookeeper pods.
affinity: {} # Criteria by which pod label-values influence scheduling for zookeeper pods.
-affinity:
+affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- topologyKey: "kubernetes.io/hostname"
accessMode: ReadWriteOnce
mountPath: /dockerdata-nfs
mountSubPath: music/zookeeper
- storageType: local
- storageClass: ""
size: 4Gi
## Exporters query apps for metrics and make those metrics available for
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-db-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
- master.cnf: |
- # Apply this config only on the master.
- [mysqld]
- sql_mode = "NO_ENGINE_SUBSTITUTION"
- log-bin
- [localpathprefix]
- master
- slave.cnf: |
- # Apply this config only on slaves.
- [mysqld]
- sql_mode = "NO_ENGINE_SUBSTITUTION"
- super-read-only
- [localpathprefix]
- slave
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ if not .Values.disableNfsProvisioner }}
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- #replicas: {{ .Values.replicaCount }}
- strategy:
- type: Recreate
- template:
- metadata:
- labels:
- app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- release: {{ .Release.Name }}
- spec:
- containers:
- - name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- image: "{{ .Values.global.nfsprovisionerRepository | default .Values.nfsprovisionerRepository }}/{{ .Values.nfsprovisionerImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - name: nfs
- containerPort: {{ .Values.service.nfsPort }}
- - name: mountd
- containerPort: {{ .Values.service.mountdPort }}
- - name: rpcbind
- containerPort: {{ .Values.service.rpcbindPort }}
- - name: rpcbind-udp
- containerPort: {{ .Values.service.rpcbindUdpPort }}
- protocol: UDP
- securityContext:
- capabilities:
- add:
- - DAC_READ_SEARCH
- - SYS_RESOURCE
- args:
- - "-provisioner={{ include "common.fullname" . }}/nfs"
- env:
- - name: POD_IP
- valueFrom:
- fieldRef:
- fieldPath: status.podIP
- - name: SERVICE_NAME
- value: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - name: export-volume
- mountPath: /export
- volumes:
- - name: export-volume
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{ end }}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if (and (and (.Values.persistence.enabled) (not .Values.persistence.existingClaim)) ( .Values.disableNfsProvisioner)) -}}
-{{ $pvNum := default 1 .Values.replicaCount | int }}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-mysql0
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-mysql"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}0
-{{ if gt $pvNum 1 }}
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-mysql1
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-mysql"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}1
-{{ end }}
-{{- end -}}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- clusterIP: None
-#{{ if not .Values.disableNfsProvisioner }}
----
-kind: Service
-apiVersion: v1
-metadata:
- name: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - name: nfs
- port: {{ .Values.service.nfsPort }}
- - name: mountd
- port: {{ .Values.service.mountdPort }}
- - name: rpcbind
- port: {{ .Values.service.rpcbindPort }}
- - name: rpcbind-udp
- port: {{ .Values.service.rpcbindUdpPort }}
- protocol: UDP
- selector:
- app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
-#{{ end }}
----
-# Client service for connecting to any MySQL instance for reads.
-# Only master: sdnc-dbhost-0 accepts the write request.
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}-read
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.sdnctlPrefix }}-sdnctldb01
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- clusterIP: None
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.sdnctlPrefix }}-sdnctldb02
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- clusterIP: None
----
-{{ if .Values.geoEnabled }}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}-nodeport
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-0
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - name: {{ .Values.service.portName | default .Values.service.name }}-1
- port: {{ .Values.service.internalPort }}
- targetPort: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodeport1 }}
- - name: {{ .Values.service.portName | default .Values.service.name }}-2
- port: {{ .Values.xtrabackup.internalPort }}
- targetPort: {{ .Values.xtrabackup.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodeport2 }}
- type: {{ .Values.service.type }}
- selector:
- statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-0
- release: {{ .Release.Name }}
-{{ end }}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1beta1
-kind: StatefulSet
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- serviceName: {{ .Values.service.name }}
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
- spec:
- initContainers:
-#{{ if not .Values.disableNfsProvisioner }}
- - name: {{ include "common.name" . }}-readiness
- command:
- - /root/ready.py
- args:
- - --container-name
- - {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-#{{ end }}
- - name: init-mysql
- image: "{{ .Values.dockerHubRepository }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - bash
- - "-c"
- - |
- set -ex
- # Generate mysql server-id from pod ordinal index.
- [[ `hostname` =~ -([0-9]+)$ ]] || exit 1
- ordinal=${BASH_REMATCH[1]}
- siteId={{ .Values.geoSiteId }}
- echo BASH_REMATCH=${BASH_REMATCH}
- echo [mysqld] > /mnt/conf.d/server-id.cnf
- # Add an offset to avoid reserved server-id=0 value.
- echo server-id=$(($siteId*100 + $ordinal)) >> /mnt/conf.d/server-id.cnf
- # Copy appropriate conf.d files from config-map to emptyDir.
- if [[ $ordinal -eq 0 ]]; then
- cp /mnt/config-map/master.cnf /mnt/conf.d/
- else
- cp /mnt/config-map/slave.cnf /mnt/conf.d/
- fi
- volumeMounts:
- - name: conf
- mountPath: /mnt/conf.d
- - name: config-map
- mountPath: /mnt/config-map
-
- - name: clone-mysql
- image: "{{ .Values.global.xtrabackupRepository | default .Values.xtrabackupRepository }}/{{ .Values.xtrabackupImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- env:
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-root-password
- command:
- - bash
- - "-c"
- - |
- set -ex
- # Skip the clone if data already exists.
- [[ -d /var/lib/mysql/mysql ]] && exit 0
- # Skip the clone on master (ordinal index 0).
- [[ `hostname` =~ -([0-9]+)$ ]] || exit 1
- ordinal=${BASH_REMATCH[1]}
- echo ${BASH_REMATCH}
- [[ $ordinal -eq 0 ]] && exit 0
- # Clone data from previous peer.
- ncat --recv-only {{ include "common.fullname" . }}-$(($ordinal-1)).{{ .Values.service.name }}.{{ include "common.namespace" . }} 3307 | xbstream -x -C {{ .Values.persistence.mysqlPath }}
- # Prepare the backup.
- xtrabackup --user=root --password=$MYSQL_ROOT_PASSWORD --prepare --target-dir=/var/lib/mysql
- ls -l {{ .Values.persistence.mysqlPath }}
- volumeMounts:
- - name: {{ include "common.fullname" . }}-mysql
- mountPath: {{ .Values.persistence.mysqlPath }}
- - name: conf
- mountPath: /etc/mysql/conf.d
-
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ .Values.dockerHubRepository }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- exec:
- command: ["mysqladmin", "ping"]
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
- {{end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-root-password
- - name: MYSQL_ROOT_HOST
- value: '%'
- - name: MYSQL_ALLOW_EMPTY_PASSWORD
- value: {{ .Values.config.dbAllowEmptyPassword | default "0" | quote }}
- volumeMounts:
- - mountPath: {{ .Values.persistence.mysqlPath }}
- name: {{ include "common.fullname" . }}-mysql
- - mountPath: /etc/mysql/conf.d
- name: conf
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
-
- - name: xtrabackup
- image: "{{ .Values.global.xtrabackupRepository | default .Values.xtrabackupRepository }}/{{ .Values.xtrabackupImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- env:
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-root-password
- ports:
- - containerPort: {{ .Values.xtrabackup.internalPort }}
- name: xtrabackup
- command:
- - bash
- - "-c"
- - |
- set -ex
- cd {{ .Values.persistence.mysqlPath }}
- ls -l
- # Determine binlog position of cloned data, if any.
- if [[ -f xtrabackup_slave_info ]]; then
- echo "Inside xtrabackup_slave_info"
- # XtraBackup already generated a partial "CHANGE MASTER TO" query
- # because we're cloning from an existing slave.
- mv xtrabackup_slave_info change_master_to.sql.in
- # Ignore xtrabackup_binlog_info in this case (it's useless).
- rm -f xtrabackup_binlog_info
- elif [[ -f xtrabackup_binlog_info ]]; then
- echo "Inside xtrabackup_binlog_info"
- # We're cloning directly from master. Parse binlog position.
- [[ `cat xtrabackup_binlog_info` =~ ^(.*?)[[:space:]]+(.*?)$ ]] || exit 1
- rm xtrabackup_binlog_info
- echo "CHANGE MASTER TO MASTER_LOG_FILE='${BASH_REMATCH[1]}',\
- MASTER_LOG_POS=${BASH_REMATCH[2]}" > change_master_to.sql.in
- fi
-
- [[ `hostname` =~ -([0-9]+)$ ]] || exit 1
- ordinal=${BASH_REMATCH[1]}
- echo $ordinal
-
- mysqlhost={{ include "common.fullname" . }}-$(($ordinal)).{{ .Values.service.name }}.{{ include "common.namespace" . }}
- echo $mysqlhost
-
- # Check if we need to complete a clone by starting replication.
- if [[ -f change_master_to.sql.in ]]; then
- echo "Waiting for mysqld to be ready (accepting connections)"
- until mysql --user=root --password=$MYSQL_ROOT_PASSWORD -h $mysqlhost -e "SELECT 1"; do sleep 1; done
-
- echo "Initializing replication from clone position"
- # In case of container restart, attempt this at-most-once.
- mv change_master_to.sql.in change_master_to.sql.orig
- mysql --user=root --password=$MYSQL_ROOT_PASSWORD -h $mysqlhost <<EOF
- $(<change_master_to.sql.orig),
- MASTER_HOST="{{ include "common.fullname" . }}-0.{{ .Values.service.name }}.{{ include "common.namespace" . }}",
- MASTER_USER="root",
- MASTER_PASSWORD="$MYSQL_ROOT_PASSWORD",
- MASTER_CONNECT_RETRY=10;
- START SLAVE;
- EOF
- fi
-
- # Start a server to send backups when requested by peers.
- exec ncat --listen --keep-open --send-only --max-conns=1 3307 -c \
- "xtrabackup --user=root --password=$MYSQL_ROOT_PASSWORD --backup --slave-info --stream=xbstream --host=$mysqlhost"
- volumeMounts:
- - name: {{ include "common.fullname" . }}-mysql
- mountPath: {{ .Values.persistence.mysqlPath }}
- - name: conf
- mountPath: /etc/mysql/conf.d
- volumes:
- - name: conf
- emptyDir: {}
- - name: config-map
- configMap:
- name: {{ include "common.fullname" . }}-db-configmap
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ include "common.fullname" . }}-mysql
- {{ if not .Values.persistence.enabled }}
- - name: {{ include "common.fullname" . }}-mysql
- emptyDir: {}
- {{ else }}
- volumeClaimTemplates:
- - metadata:
- name: {{ include "common.fullname" . }}-mysql
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
- name: {{ include "common.fullname" . }}
- spec:
- accessModes: [ {{ .Values.persistence.accessMode }} ]
- storageClassName: {{ include "common.fullname" . }}-mysql
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
- {{ end }}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ if not .Values.disableNfsProvisioner }}
-kind: StorageClass
-apiVersion: storage.k8s.io/v1
-metadata:
- name: "{{ include "common.fullname" . }}-mysql"
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-provisioner: {{ include "common.fullname" . }}/nfs
-{{ end }}
+++ /dev/null
-{{/*
-# Copyright © 2019 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- strategy:
- type: Recreate
- template:
- metadata:
- labels:
- app: {{ include "common.fullname" . }}
- release: {{ .Release.Name }}
- spec:
- containers:
- - name: {{ include "common.fullname" . }}
- image: "{{ .Values.global.nfsprovisionerRepository | default .Values.nfsprovisionerRepository }}/{{ .Values.nfsprovisionerImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - name: nfs
- containerPort: {{ .Values.service.nfsPort }}
- - name: mountd
- containerPort: {{ .Values.service.mountdPort }}
- - name: rpcbind
- containerPort: {{ .Values.service.rpcbindPort }}
- - name: rpcbind-udp
- containerPort: {{ .Values.service.rpcbindUdpPort }}
- protocol: UDP
- securityContext:
- capabilities:
- add:
- - DAC_READ_SEARCH
- - SYS_RESOURCE
- args:
- - "-provisioner={{ include "common.namespace" . }}/nfs"
- env:
- - name: POD_IP
- valueFrom:
- fieldRef:
- fieldPath: status.podIP
- - name: SERVICE_NAME
- value: {{ include "common.servicename" . }}
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- volumeMounts:
- - name: export-volume
- mountPath: /export
- {{- if .Values.affinity }}
- affinity:
- {{ toYaml .Values.affinity | indent 8 }}
- {{- end }}
- volumes:
- - name: export-volume
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}
+++ /dev/null
-{{/*
-# Copyright © 2019 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-kind: Service
-apiVersion: v1
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - name: nfs
- port: {{ .Values.service.nfsPort }}
- - name: mountd
- port: {{ .Values.service.mountdPort }}
- - name: rpcbind
- port: {{ .Values.service.rpcbindPort }}
- - name: rpcbind-udp
- port: {{ .Values.service.rpcbindUdpPort }}
- protocol: UDP
- selector:
- app: {{ include "common.fullname" . }}
\ No newline at end of file
-# Copyright © 2017 Amdocs, Bell Canada, Orange
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
apiVersion: v1
-description: ONAP NBI MariaDB Service
-name: mariadb
+description: ONAP Postgres Server
+name: postgres-legacy
version: 5.0.0
-# Copyright © 2019 Amdocs, Bell Canada
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
apiVersion: v1
-description: NFS provisioner
-name: nfs-provisioner
+description: ONAP Postgres Server
+name: pgpool
version: 5.0.0
--- /dev/null
+# ----------------------------
+# pgPool-II configuration file a custom version
+# ----------------------------
+#
+# This file consists of lines of the form:
+#
+# name = value
+#
+# Whitespace may be used. Comments are introduced with "#" anywhere on a line.
+# The complete list of parameter names and allowed values can be found in the
+# pgPool-II documentation.
+#
+# This file is read on server startup and when the server receives a SIGHUP
+# signal. If you edit the file on a running system, you have to SIGHUP the
+# server for the changes to take effect, or use "pgpool reload". Some
+# parameters, which are marked below, require a server shutdown and restart to
+# take effect.
+#
+
+
+#------------------------------------------------------------------------------
+# CONNECTIONS
+#------------------------------------------------------------------------------
+
+# - pgpool Connection Settings -
+
+listen_addresses = '*'
+ # Host name or IP address to listen on:
+ # '*' for all, '' for no TCP/IP connections
+ # (change requires restart)
+#port = 9999
+port = 5432
+ # Port number
+ # (change requires restart)
+socket_dir = '/tmp'
+ # Unix domain socket path
+ # The Debian package defaults to
+ # /var/run/postgresql
+ # (change requires restart)
+
+
+# - pgpool Communication Manager Connection Settings -
+
+pcp_port = 9898
+ # Port number for pcp
+ # (change requires restart)
+pcp_socket_dir = '/tmp'
+ # Unix domain socket path for pcp
+ # The Debian package defaults to
+ # /var/run/postgresql
+ # (change requires restart)
+
+# - Backend Connection Settings -
+
+backend_hostname0 = '{{.Values.container.name.primary}}'
+backend_port0 = 5432
+backend_weight0= 1
+backend_flag0= 'DISALLOW_TO_FAILOVER'
+
+backend_hostname1 = '{{.Values.container.name.replica}}'
+backend_port1 = 5432
+backend_weight1= 1
+backend_flag1= 'DISALLOW_TO_FAILOVER'
+
+#backend_hostname0 = 'master'
+ # Host name or IP address to connect to for backend 0
+#backend_port0 = 5432
+ # Port number for backend 0
+#backend_weight0 = 1
+ # Weight for backend 0 (only in load balancing mode)
+#backend_data_directory0 = '/data'
+ # Data directory for backend 0
+#backend_flag0 = 'ALLOW_TO_FAILOVER'
+ # Controls various backend behavior
+ # ALLOW_TO_FAILOVER or DISALLOW_TO_FAILOVER
+#backend_hostname1 = 'standby'
+#backend_port1 = 5432
+#backend_weight1 = 1
+#backend_data_directory1 = '/data1'
+#backend_flag1 = 'ALLOW_TO_FAILOVER'
+
+# - Authentication -
+
+enable_pool_hba = on
+ # Use pool_hba.conf for client authentication
+pool_passwd = 'pool_passwd'
+ # File name of pool_passwd for md5 authentication.
+ # "" disables pool_passwd.
+ # (change requires restart)
+authentication_timeout = 60
+ # Delay in seconds to complete client authentication
+ # 0 means no timeout.
+
+# - SSL Connections -
+
+ssl = off
+ # Enable SSL support
+ # (change requires restart)
+#ssl_key = './server.key'
+ # Path to the SSL private key file
+ # (change requires restart)
+#ssl_cert = './server.cert'
+ # Path to the SSL public certificate file
+ # (change requires restart)
+#ssl_ca_cert = ''
+ # Path to a single PEM format file
+ # containing CA root certificate(s)
+ # (change requires restart)
+#ssl_ca_cert_dir = ''
+ # Directory containing CA root certificate(s)
+ # (change requires restart)
+
+
+#------------------------------------------------------------------------------
+# POOLS
+#------------------------------------------------------------------------------
+
+# - Pool size -
+
+num_init_children = 5
+ # Number of pools
+ # (change requires restart)
+max_pool = 1
+ # Number of connections per pool
+ # (change requires restart)
+
+# - Life time -
+
+child_life_time = 300
+ # Pool exits after being idle for this many seconds
+child_max_connections = 0
+ # Pool exits after receiving that many connections
+ # 0 means no exit
+connection_life_time = 0
+ # Connection to backend closes after being idle for this many seconds
+ # 0 means no close
+client_idle_limit = 0
+ # Client is disconnected after being idle for that many seconds
+ # (even inside an explicit transactions!)
+ # 0 means no disconnection
+
+
+#------------------------------------------------------------------------------
+# LOGS
+#------------------------------------------------------------------------------
+
+# - Where to log -
+
+log_destination = 'stderr'
+ # Where to log
+ # Valid values are combinations of stderr,
+ # and syslog. Default to stderr.
+
+# - What to log -
+
+print_timestamp = on
+ # Print timestamp on each line
+ # (change requires restart)
+
+log_connections = on
+ # Log connections
+log_hostname = on
+ # Hostname will be shown in ps status
+ # and in logs if connections are logged
+log_statement = on
+ # Log all statements
+log_per_node_statement = off
+ # Log all statements
+ # with node and backend informations
+log_standby_delay = 'if_over_threshold'
+ # Log standby delay
+ # Valid values are combinations of always,
+ # if_over_threshold, none
+
+# - Syslog specific -
+
+syslog_facility = 'LOCAL0'
+ # Syslog local facility. Default to LOCAL0
+syslog_ident = 'pgpool'
+ # Syslog program identification string
+ # Default to 'pgpool'
+
+# - Debug -
+
+debug_level = 1
+ # Debug message verbosity level
+ # 0 means no message, 1 or more mean verbose
+
+
+#------------------------------------------------------------------------------
+# FILE LOCATIONS
+#------------------------------------------------------------------------------
+
+pid_file_name = '/tmp/pgpool.pid'
+ # PID file name
+ # (change requires restart)
+logdir = '/tmp'
+ # Directory of pgPool status file
+ # (change requires restart)
+
+
+#------------------------------------------------------------------------------
+# CONNECTION POOLING
+#------------------------------------------------------------------------------
+
+connection_cache = off
+ # Activate connection pools
+ # (change requires restart)
+
+ # Semicolon separated list of queries
+ # to be issued at the end of a session
+ # The default is for 8.3 and later
+reset_query_list = 'ABORT; DISCARD ALL'
+ # The following one is for 8.2 and before
+#reset_query_list = 'ABORT; RESET ALL; SET SESSION AUTHORIZATION DEFAULT'
+
+
+#------------------------------------------------------------------------------
+# REPLICATION MODE
+#------------------------------------------------------------------------------
+
+replication_mode = off
+ # Activate replication mode
+ # (change requires restart)
+replicate_select = off
+ # Replicate SELECT statements
+ # when in replication or parallel mode
+ # replicate_select is higher priority than
+ # load_balance_mode.
+
+insert_lock = off
+ # Automatically locks a dummy row or a table
+ # with INSERT statements to keep SERIAL data
+ # consistency
+ # Without SERIAL, no lock will be issued
+lobj_lock_table = ''
+ # When rewriting lo_creat command in
+ # replication mode, specify table name to
+ # lock
+
+# - Degenerate handling -
+
+replication_stop_on_mismatch = off
+ # On disagreement with the packet kind
+ # sent from backend, degenerate the node
+ # which is most likely "minority"
+ # If off, just force to exit this session
+
+failover_if_affected_tuples_mismatch = off
+ # On disagreement with the number of affected
+ # tuples in UPDATE/DELETE queries, then
+ # degenerate the node which is most likely
+ # "minority".
+ # If off, just abort the transaction to
+ # keep the consistency
+
+
+#------------------------------------------------------------------------------
+# LOAD BALANCING MODE
+#------------------------------------------------------------------------------
+
+load_balance_mode = on
+ # Activate load balancing mode
+ # (change requires restart)
+ignore_leading_white_space = on
+ # Ignore leading white spaces of each query
+white_function_list = ''
+ # Comma separated list of function names
+ # that don't write to database
+ # Regexp are accepted
+black_function_list = 'currval,lastval,nextval,setval'
+ # Comma separated list of function names
+ # that write to database
+ # Regexp are accepted
+
+
+#------------------------------------------------------------------------------
+# MASTER/SLAVE MODE
+#------------------------------------------------------------------------------
+
+master_slave_mode = on
+ # Activate master/slave mode
+ # (change requires restart)
+master_slave_sub_mode = 'stream'
+ # Master/slave sub mode
+ # Valid values are combinations slony or
+ # stream. Default is slony.
+ # (change requires restart)
+
+# - Streaming -
+
+sr_check_period = 10
+ # Streaming replication check period
+ # Disabled (0) by default
+sr_check_user = '{{.Values.credentials.pgusername}}'
+ # Streaming replication check user
+ # This is neccessary even if you disable streaming
+ # replication delay check by sr_check_period = 0
+sr_check_password = '{{.Values.credentials.pgpassword}}'
+ # Password for streaming replication check user
+delay_threshold = 10000000
+ # Threshold before not dispatching query to standby node
+ # Unit is in bytes
+ # Disabled (0) by default
+
+# - Special commands -
+
+follow_master_command = ''
+ # Executes this command after master failover
+ # Special values:
+ # %d = node id
+ # %h = host name
+ # %p = port number
+ # %D = database cluster path
+ # %m = new master node id
+ # %H = hostname of the new master node
+ # %M = old master node id
+ # %P = old primary node id
+ # %r = new master port number
+ # %R = new master database cluster path
+ # %% = '%' character
+
+
+#------------------------------------------------------------------------------
+# PARALLEL MODE
+#------------------------------------------------------------------------------
+
+parallel_mode = off
+ # Activates parallel query mode
+ # (change requires restart)
+pgpool2_hostname = ''
+ # Set pgpool2 hostname
+ # (change requires restart)
+
+# - System DB info -
+
+#system_db_hostname = 'localhost'
+ # (change requires restart)
+#system_db_port = 5432
+ # (change requires restart)
+#system_db_dbname = 'pgpool'
+ # (change requires restart)
+#system_db_schema = 'pgpool_catalog'
+ # (change requires restart)
+#system_db_user = 'pgpool'
+ # (change requires restart)
+#system_db_password = ''
+ # (change requires restart)
+
+
+#------------------------------------------------------------------------------
+# HEALTH CHECK
+#------------------------------------------------------------------------------
+
+health_check_period = 20
+ # Health check period
+ # Disabled (0) by default
+health_check_timeout = 10
+ # Health check timeout
+ # 0 means no timeout
+health_check_user = '{{.Values.credentials.pgusername}}'
+ # Health check user
+health_check_password = '{{.Values.credentials.pgpassword}}'
+ # Password for health check user
+health_check_max_retries = 3
+connect_timeout = 10000 # Timeout value in milliseconds before giving up to connect to backend.
+
+ # Maximum number of times to retry a failed health check before giving up.
+health_check_retry_delay = 1
+ # Amount of time to wait (in seconds) between retries.
+
+
+#------------------------------------------------------------------------------
+# FAILOVER AND FAILBACK
+#------------------------------------------------------------------------------
+
+failover_command = ''
+ # Executes this command at failover
+ # Special values:
+ # %d = node id
+ # %h = host name
+ # %p = port number
+ # %D = database cluster path
+ # %m = new master node id
+ # %H = hostname of the new master node
+ # %M = old master node id
+ # %P = old primary node id
+ # %r = new master port number
+ # %R = new master database cluster path
+ # %% = '%' character
+failback_command = ''
+ # Executes this command at failback.
+ # Special values:
+ # %d = node id
+ # %h = host name
+ # %p = port number
+ # %D = database cluster path
+ # %m = new master node id
+ # %H = hostname of the new master node
+ # %M = old master node id
+ # %P = old primary node id
+ # %r = new master port number
+ # %R = new master database cluster path
+ # %% = '%' character
+
+fail_over_on_backend_error = off
+ # Initiates failover when reading/writing to the
+ # backend communication socket fails
+ # If set to off, pgpool will report an
+ # error and disconnect the session.
+
+search_primary_node_timeout = 10
+ # Timeout in seconds to search for the
+ # primary node when a failover occurs.
+ # 0 means no timeout, keep searching
+ # for a primary node forever.
+
+#------------------------------------------------------------------------------
+# ONLINE RECOVERY
+#------------------------------------------------------------------------------
+
+recovery_user = '{{.Values.credentials.pgusername}}'
+ # Online recovery user
+recovery_password = '{{.Values.credentials.pgpassword}}'
+ # Online recovery password
+recovery_1st_stage_command = ''
+ # Executes a command in first stage
+recovery_2nd_stage_command = ''
+ # Executes a command in second stage
+recovery_timeout = 90
+ # Timeout in seconds to wait for the
+ # recovering node's postmaster to start up
+ # 0 means no wait
+client_idle_limit_in_recovery = 0
+ # Client is disconnected after being idle
+ # for that many seconds in the second stage
+ # of online recovery
+ # 0 means no disconnection
+ # -1 means immediate disconnection
+
+
+#------------------------------------------------------------------------------
+# WATCHDOG
+#------------------------------------------------------------------------------
+
+# - Enabling -
+
+use_watchdog = off
+ # Activates watchdog
+ # (change requires restart)
+
+# -Connection to up stream servers -
+
+trusted_servers = ''
+ # trusted server list which are used
+ # to confirm network connection
+ # (hostA,hostB,hostC,...)
+ # (change requires restart)
+ping_path = '/bin'
+ # ping command path
+ # (change requires restart)
+
+# - Watchdog communication Settings -
+
+wd_hostname = ''
+ # Host name or IP address of this watchdog
+ # (change requires restart)
+wd_port = 9000
+ # port number for watchdog service
+ # (change requires restart)
+wd_authkey = ''
+ # Authentication key for watchdog communication
+ # (change requires restart)
+
+# - Virtual IP control Setting -
+
+delegate_IP = ''
+ # delegate IP address
+ # If this is empty, virtual IP never bring up.
+ # (change requires restart)
+ifconfig_path = '/sbin'
+ # ifconfig command path
+ # (change requires restart)
+if_up_cmd = 'ifconfig eth0:0 inet $_IP_$ netmask 255.255.255.0'
+ # startup delegate IP command
+ # (change requires restart)
+if_down_cmd = 'ifconfig eth0:0 down'
+ # shutdown delegate IP command
+ # (change requires restart)
+
+arping_path = '/usr/sbin' # arping command path
+ # (change requires restart)
+
+arping_cmd = 'arping -U $_IP_$ -w 1'
+ # arping command
+ # (change requires restart)
+
+# - Behaivor on escalation Setting -
+
+clear_memqcache_on_escalation = on
+ # Clear all the query cache on shared memory
+ # when standby pgpool escalate to active pgpool
+ # (= virtual IP holder).
+ # This should be off if client connects to pgpool
+ # not using virtual IP.
+ # (change requires restart)
+wd_escalation_command = ''
+ # Executes this command at escalation on new active pgpool.
+ # (change requires restart)
+
+# - Lifecheck Setting -
+
+# -- common --
+
+wd_lifecheck_method = 'heartbeat'
+ # Method of watchdog lifecheck ('heartbeat' or 'query')
+ # (change requires restart)
+wd_interval = 10
+ # lifecheck interval (sec) > 0
+ # (change requires restart)
+
+# -- heartbeat mode --
+
+wd_heartbeat_port = 9694
+ # Port number for receiving heartbeat signal
+ # (change requires restart)
+wd_heartbeat_keepalive = 2
+ # Interval time of sending heartbeat signal (sec)
+ # (change requires restart)
+wd_heartbeat_deadtime = 30
+ # Deadtime interval for heartbeat signal (sec)
+ # (change requires restart)
+heartbeat_destination0 = 'host0_ip1'
+ # Host name or IP address of destination 0
+ # for sending heartbeat signal.
+ # (change requires restart)
+heartbeat_destination_port0 = 9694
+ # Port number of destination 0 for sending
+ # heartbeat signal. Usually this is the
+ # same as wd_heartbeat_port.
+ # (change requires restart)
+heartbeat_device0 = ''
+ # Name of NIC device (such like 'eth0')
+ # used for sending/receiving heartbeat
+ # signal to/from destination 0.
+ # This works only when this is not empty
+ # and pgpool has root privilege.
+ # (change requires restart)
+
+#heartbeat_destination1 = 'host0_ip2'
+#heartbeat_destination_port1 = 9694
+#heartbeat_device1 = ''
+
+# -- query mode --
+
+wd_life_point = 3
+ # lifecheck retry times
+ # (change requires restart)
+wd_lifecheck_query = 'SELECT 1'
+ # lifecheck query to pgpool from watchdog
+ # (change requires restart)
+wd_lifecheck_dbname = 'template1'
+ # Database name connected for lifecheck
+ # (change requires restart)
+wd_lifecheck_user = 'nobody'
+ # watchdog user monitoring pgpools in lifecheck
+ # (change requires restart)
+wd_lifecheck_password = ''
+ # Password for watchdog user in lifecheck
+ # (change requires restart)
+
+# - Other pgpool Connection Settings -
+
+#other_pgpool_hostname0 = 'host0'
+ # Host name or IP address to connect to for other pgpool 0
+ # (change requires restart)
+#other_pgpool_port0 = 5432
+ # Port number for othet pgpool 0
+ # (change requires restart)
+#other_wd_port0 = 9000
+ # Port number for othet watchdog 0
+ # (change requires restart)
+#other_pgpool_hostname1 = 'host1'
+#other_pgpool_port1 = 5432
+#other_wd_port1 = 9000
+
+
+#------------------------------------------------------------------------------
+# OTHERS
+#------------------------------------------------------------------------------
+relcache_expire = 0
+ # Life time of relation cache in seconds.
+ # 0 means no cache expiration(the default).
+ # The relation cache is used for cache the
+ # query result against PostgreSQL system
+ # catalog to obtain various information
+ # including table structures or if it's a
+ # temporary table or not. The cache is
+ # maintained in a pgpool child local memory
+ # and being kept as long as it survives.
+ # If someone modify the table by using
+ # ALTER TABLE or some such, the relcache is
+ # not consistent anymore.
+ # For this purpose, cache_expiration
+ # controls the life time of the cache.
+relcache_size = 256
+ # Number of relation cache
+ # entry. If you see frequently:
+ # "pool_search_relcache: cache replacement happend"
+ # in the pgpool log, you might want to increate this number.
+
+check_temp_table = on
+ # If on, enable temporary table check in SELECT statements.
+ # This initiates queries against system catalog of primary/master
+ # thus increases load of master.
+ # If you are absolutely sure that your system never uses temporary tables
+ # and you want to save access to primary/master, you could turn this off.
+ # Default is on.
+
+
+#------------------------------------------------------------------------------
+# ON MEMORY QUERY MEMORY CACHE
+#------------------------------------------------------------------------------
+memory_cache_enabled = off
+ # If on, use the memory cache functionality, off by default
+memqcache_method = 'shmem'
+ # Cache storage method. either 'shmem'(shared memory) or
+ # 'memcached'. 'shmem' by default
+ # (change requires restart)
+memqcache_memcached_host = 'localhost'
+ # Memcached host name or IP address. Mandatory if
+ # memqcache_method = 'memcached'.
+ # Defaults to localhost.
+ # (change requires restart)
+memqcache_memcached_port = 11211
+ # Memcached port number. Mondatory if memqcache_method = 'memcached'.
+ # Defaults to 11211.
+ # (change requires restart)
+memqcache_total_size = 67108864
+ # Total memory size in bytes for storing memory cache.
+ # Mandatory if memqcache_method = 'shmem'.
+ # Defaults to 64MB.
+ # (change requires restart)
+memqcache_max_num_cache = 1000000
+ # Total number of cache entries. Mandatory
+ # if memqcache_method = 'shmem'.
+ # Each cache entry consumes 48 bytes on shared memory.
+ # Defaults to 1,000,000(45.8MB).
+ # (change requires restart)
+memqcache_expire = 0
+ # Memory cache entry life time specified in seconds.
+ # 0 means infinite life time. 0 by default.
+ # (change requires restart)
+memqcache_auto_cache_invalidation = on
+ # If on, invalidation of query cache is triggered by corresponding
+ # DDL/DML/DCL(and memqcache_expire). If off, it is only triggered
+ # by memqcache_expire. on by default.
+ # (change requires restart)
+memqcache_maxcache = 409600
+ # Maximum SELECT result size in bytes.
+ # Must be smaller than memqcache_cache_block_size. Defaults to 400KB.
+ # (change requires restart)
+memqcache_cache_block_size = 1048576
+ # Cache block size in bytes. Mandatory if memqcache_method = 'shmem'.
+ # Defaults to 1MB.
+ # (change requires restart)
+memqcache_oiddir = '/var/log/pgpool/oiddir'
+ # Temporary work directory to record table oids
+ # (change requires restart)
+white_memqcache_table_list = ''
+ # Comma separated list of table names to memcache
+ # that don't write to database
+ # Regexp are accepted
+black_memqcache_table_list = ''
+ # Comma separated list of table names not to memcache
+ # that don't write to database
+ # Regexp are accepted
--- /dev/null
+# pgpool Client Authentication Configuration File a custom version
+# ===============================================
+#
+# The format rule in this file follows the rules in the PostgreSQL
+# Administrator's Guide. Refer to chapter "Client Authentication" for a
+# complete description. A short synopsis follows.
+#
+# This file controls: which hosts are allowed to connect, how clients
+# are authenticated, which user names they can use, which databases they
+# can access. Records take one of these forms:
+#
+# local DATABASE USER METHOD [OPTION]
+# host DATABASE USER CIDR-ADDRESS METHOD [OPTION]
+#
+# (The uppercase items must be replaced by actual values.)
+#
+# The first field is the connection type: "local" is a Unix-domain
+# socket, "host" is either a plain or SSL-encrypted TCP/IP socket.
+#
+# DATABASE can be "all", "sameuser", a database name, or a comma-separated
+# list thereof. Note that "samegroup" like in PostgreSQL's pg_hba.conf
+# file is not supported, since pgpool does not know which group a user
+# belongs to. Also note that the database specified here may not exist in
+# the backend PostgreSQL. pgpool will authenticate based on the database's
+# name, not based on whether it exists or not.
+#
+# USER can be "all", a user name, or a comma-separated list thereof. In
+# both the DATABASE and USER fields you can also write a file name prefixed
+# with "@" to include names from a separate file. Note that a group name
+# prefixed with "+" like in PostgreSQL's pg_hba.conf file is not supported
+# because of the same reason as "samegroup" token. Also note that a user
+# name specified here may not exist in the backend PostgreSQL. pgpool will
+# authenticate based on the user's name, not based on whether he/she exists.
+#
+# CIDR-ADDRESS specifies the set of hosts the record matches.
+# It is made up of an IP address and a CIDR mask that is an integer
+# (between 0 and 32 (IPv4) that specifies the number of significant bits in
+# the mask. Alternatively, you can write an IP address and netmask in
+# separate columns to specify the set of hosts.
+#
+# METHOD can be "trust", "reject", "md5" or "pam". Note that "pam" sends passwords
+# in clear text.
+#
+# OPTION is the name of the PAM service. Default service name is "pgpool"
+#
+# Database and user names containing spaces, commas, quotes and other special
+# characters must be quoted. Quoting one of the keywords "all" or "sameuser"
+# makes the name lose its special character, and just match a database or
+# username with that name.
+#
+# This file is read on pgpool startup. If you edit the file on a running
+# system, you have to restart the pgpool for the changes to take effect.
+
+# Put your actual configuration here
+# ----------------------------------
+#
+# If you want to allow non-local connections, you need to add more
+# "host" records. In that case you will also need to make pgpool listen
+# on a non-local interface via the listen_addresses configuration parameter.
+#
+
+# TYPE DATABASE USER CIDR-ADDRESS METHOD
+
+# "local" is for Unix domain socket connections only
+#local all all trust
+# IPv4 local connections:
+host all all 0.0.0.0/0 md5
-# Copyright © 2019 Amdocs, Bell Canada
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-pgpool-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }}
--- /dev/null
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+kind: Deployment
+apiVersion: extensions/v1beta1
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: 2
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ containers:
+ - image: "{{.Values.repository}}/{{.Values.image}}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}
+ env:
+ - name: PG_PRIMARY_SERVICE_NAME
+ value: {{.Values.container.name.primary}}
+ - name: PG_REPLICA_SERVICE_NAME
+ value: {{.Values.container.name.replica}}
+ - name: PG_USERNAME
+ value: {{.Values.credentials.pgusername}}
+ - name: PG_PASSWORD
+ value: {{.Values.credentials.pgpassword}}
+ ports:
+ - containerPort: 5432
+ name: pgpool
+ protocol: TCP
+ readinessProbe:
+ tcpSocket:
+ port: 5432
+ initialDelaySeconds: 20
+ periodSeconds: 10
+ livenessProbe:
+ tcpSocket:
+ port: 5432
+ initialDelaySeconds: 15
+ periodSeconds: 20
+ volumeMounts:
+ - name: pgpool-pgconf
+ mountPath: /pgconf/pgpoolconfigdir
+ readOnly: false
+ volumes:
+ - name: pgpool-pgconf
+ configMap:
+ name: {{ include "common.fullname" . }}-pgpool-configmap
--- /dev/null
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.service.name }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.name }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.name }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
-# Copyright © 2019 Amdocs, Bell Canada\r
-#\r
-# Licensed under the Apache License, Version 2.0 (the "License");\r
-# you may not use this file except in compliance with the License.\r
-# You may obtain a copy of the License at\r
-#\r
-# http://www.apache.org/licenses/LICENSE-2.0\r
-#\r
-# Unless required by applicable law or agreed to in writing, software\r
-# distributed under the License is distributed on an "AS IS" BASIS,\r
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
-# See the License for the specific language governing permissions and\r
-# limitations under the License.\r
-\r
-#################################################################\r
-# Global configuration defaults.\r
-#################################################################\r
-global:\r
- persistence:\r
- mountPath: /dockerdata-nfs\r
-\r
-#################################################################\r
-# Application configuration defaults.\r
-#################################################################\r
-\r
-dockerHubRepository: registry.hub.docker.com\r
-pullPolicy: Always\r
-\r
-# default number of instances\r
-\r
-nodeSelector: {}\r
-\r
-affinity: {}\r
-\r
-service:\r
- name: nfs-provisioner\r
- nfsPort: 2049\r
- mountdPort: 20048\r
- rpcbindPort: 111\r
- rpcbindUdpPort: 111\r
-\r
-## Persist data to a persitent volume\r
-persistence:\r
- enabled: true\r
- mountPath: /dockerdata-nfs\r
-\r
-## NFS provisioner image properties\r
-nfsprovisionerRepository: quay.io\r
-nfsprovisionerImage: kubernetes_incubator/nfs-provisioner:v1.0.8\r
-\r
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ persistence: {}
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: crunchydata
+image: crunchy-pgpool:centos7-10.4-2.0.0
+pullPolicy: Always
+
+container:
+ port: 5432
+ name:
+ primary: pgset-primary
+ replica: pgset-replica
+credentials:
+ pgusername: testuser
+ pgpassword: password
+service:
+ name: pgpool
+ type: ClusterIP
+ externalPort: 5432
+ internalPort: 5432
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
--- /dev/null
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" $global }}-data-{{ $i }}
+ namespace: {{ include "common.namespace" $global }}
+ labels:
+ app: {{ include "common.fullname" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}
+spec:
+ capacity:
+ storage: {{ $global.Values.persistence.size}}
+ accessModes:
+ - {{ $global.Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
+ hostPath:
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
+---
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
{{/*
-# Copyright (c) 2019 Lenovo
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
# #
# # Licensed under the Apache License, Version 2.0 (the "License");
# # you may not use this file except in compliance with the License.
# # See the License for the specific language governing permissions and
# # limitations under the License.
*/}}
-
apiVersion: v1
-kind: ConfigMap
+kind: Secret
metadata:
- name: {{ include "common.fullname" . }}-log-configmap
+ name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.name" . }}
+ app: {{ include "common.fullname" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
+type: Opaque
data:
-{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }}
+ pg-primary-password: {{ .Values.config.pgPrimaryPassword | b64enc | quote }}
+ pg-user-password: {{ .Values.config.pgUserPassword | b64enc | quote }}
+ pg-root-password: {{ .Values.config.pgRootPassword | b64enc | quote }}
+
- /bin/sh
- -c
- |
- for i in $(seq 0 $(({{ .Values.replicaCount }}-1))); do
- if [ ! -d /podroot/data$i ]; then
- mkdir -p /podroot/data$i;
- chown 26:26 /podroot/data$i;
- chmod 700 /podroot/data$i;
- fi;
- done
- env:
- - name: POD_NAME
- valueFrom: { fieldRef: { fieldPath: metadata.name } }
- securityContext:
- privileged: true
+ chown -R 26:26 /podroot/;
+ chmod 700 /podroot/;
image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: init-sysctl
+ name: {{ include "common.name" . }}-prepare
volumeMounts:
- - name: {{ include "common.fullname" . }}-init
+ - name: {{ include "common.fullname" . }}-data
mountPath: /podroot/
containers:
- name: {{ include "common.name" . }}
- name: localtime
hostPath:
path: /etc/localtime
- - name: {{ include "common.fullname" . }}-init
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountInitPath }}
- name: {{ include "common.fullname" . }}-backup
emptyDir: {}
-#{{ if not .Values.persistence.enabled }}
+{{- if not .Values.persistence.enabled }}
- name: {{ include "common.fullname" . }}-data
emptyDir: {}
-#{{ else }}
+{{- else }}
volumeClaimTemplates:
- metadata:
name: {{ include "common.fullname" . }}-data
labels:
name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
spec:
- accessModes: [ {{ .Values.persistence.accessMode }} ]
- storageClassName: {{ include "common.fullname" . }}-data
+ accessModes:
+ - {{ .Values.persistence.accessMode | quote }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
- storage: {{ .Values.persistence.size }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
-#{{ end }}
+ storage: {{ .Values.persistence.size | quote }}
+{{- end }}
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
-
#################################################################
# Application configuration defaults.
#################################################################
-dockerHubRepository: registry.hub.docker.com
-image: library/mysql:5.7
+# BusyBox image
+busyboxRepository: registry.hub.docker.com
+busyboxImage: library/busybox:latest
+
+postgresRepository: crunchydata
+image: crunchy-postgres:centos7-10.4-2.0.0
pullPolicy: Always
# application configuration
config:
- dbRootPassword: openECOMP1.0
+ pgUserName: testuser
+ pgDatabase: userdb
+ pgPrimaryPassword: password
+ pgUserPassword: password
+ pgRootPassword: password
+
+container:
+ name:
+ primary: pgset-primary
+ replica: pgset-replica
+
+pgpool:
+ container:
+ port: 5432
+ name:
+ primary: pgset-primary
+ replica: pgset-replica
+ credentials:
+ pgusername: testuser
+ pgpassword: password
+ service:
+ name: pgpool
+
# default number of instances
-replicaCount: 1
+replicaCount: 2
nodeSelector: {}
affinity: {}
-disableNfsProvisioner: true
-
# probe configuration parameters
liveness:
- initialDelaySeconds: 30
+ initialDelaySeconds: 300
periodSeconds: 10
timeoutSeconds: 5
# necessary to disable liveness probe when setting breakpoints
enabled: true
readiness:
- initialDelaySeconds: 5
+ initialDelaySeconds: 10
periodSeconds: 10
## Persist data to a persitent volume
accessMode: ReadWriteOnce
size: 1Gi
mountPath: /dockerdata-nfs
- mountSubPath: "mysql/data"
- mysqlPath: /var/lib/mysql
+ mountSubPath: postgres/data
+ mountInitPath: postgres
service:
- name: mysql
- portName: mysql
- internalPort: 3306
- # nfs provisioner ports
- nfsPort: 2049
- mountdPort: 20048
- rpcbindPort: 111
- rpcbindUdpPort: 111
- type: NodePort
- nodeport1: 72
- nodeport2: 73
+ type: ClusterIP
+ name: pgset
+ externalPort: 5432
+ internalPort: 5432
+ type2: ClusterIP
+ name2: pgset-primary
+ externalPort2: 5432
+ internalPort2: 5432
+ type3: ClusterIP
+ name3: pgset-replica
+ externalPort3: 5432
+ internalPort3: 5432
ingress:
enabled: false
# cpu: 2
# memory: 4Gi
-#################################################################
-# Sidecar Configuration.
-#
-# xtrabackup configuration defaults.
-#################################################################
-xtrabackupRepository: gcr.io/google-samples
-xtrabackupImage: xtrabackup:1.0
-xtrabackup:
- internalPort: 3307
-
-nfsprovisionerRepository: quay.io
-nfsprovisionerImage: kubernetes_incubator/nfs-provisioner:v1.0.8
-nfsprovisionerPrefix: mysql
-
-sdnctlPrefix: mysql
-
-geoEnabled: false
-geoSiteId: 1
#local all all trust
# IPv4 local connections:
host all all 0.0.0.0/0 md5
+
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-job
+ image: "{{.Values.repository}}/{{.Values.image}}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: pgpool-pgconf
+ mountPath: /pgconf/pgpoolconfigdir
+ readOnly: false
+ - name: pgpool-pgconf-static
+ mountPath: /configdir/
+ readOnly: false
+ command:
+ - /bin/sh
+ args:
+ - -c
+ - |
+ cp /configdir/pgpool.conf /pgconf/pgpoolconfigdir/
+ cp /configdir/pool_hba.conf /pgconf/pgpoolconfigdir/
+ pg_md5 -f /pgconf/pgpoolconfigdir/pgpool.conf --md5auth --username=${PG_USER} ${PG_PASSWORD}
+ env:
+ - name: PG_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: db-user-password
+ - name: PG_USER
+ value: {{ index .Values.credentials.pgusername }}
containers:
- image: "{{.Values.repository}}/{{.Values.image}}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: PG_USERNAME
value: {{.Values.credentials.pgusername}}
- name: PG_PASSWORD
- value: {{.Values.credentials.pgpassword}}
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: db-user-password
ports:
- containerPort: 5432
name: pgpool
readOnly: false
volumes:
- name: pgpool-pgconf
+ emptyDir: {}
+ - name: pgpool-pgconf-static
configMap:
name: {{ include "common.fullname" . }}-pgpool-configmap
heritage: "{{ .Release.Service }}"
type: Opaque
data:
- db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }}
- user-password: {{ default "" .Values.config.userPassword | b64enc | quote }}
\ No newline at end of file
+ db-user-password: {{ default "" .Values.credentials.pgpassword | b64enc | quote }}
+
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.externalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
pgusername: testuser
pgpassword: password
service:
- name: pgpool
+ name: pgpool
+ portName: tcp-postgres
type: ClusterIP
externalPort: 5432
internalPort: 5432
--- /dev/null
+# pgpool Client Authentication Configuration File a custom version
+# ===============================================
+#
+# The format rule in this file follows the rules in the PostgreSQL
+# Administrator's Guide. Refer to chapter "Client Authentication" for a
+# complete description. A short synopsis follows.
+#
+# This file controls: which hosts are allowed to connect, how clients
+# are authenticated, which user names they can use, which databases they
+# can access. Records take one of these forms:
+#
+# local DATABASE USER METHOD [OPTION]
+# host DATABASE USER CIDR-ADDRESS METHOD [OPTION]
+#
+# (The uppercase items must be replaced by actual values.)
+#
+# The first field is the connection type: "local" is a Unix-domain
+# socket, "host" is either a plain or SSL-encrypted TCP/IP socket.
+#
+# DATABASE can be "all", "sameuser", a database name, or a comma-separated
+# list thereof. Note that "samegroup" like in PostgreSQL's pg_hba.conf
+# file is not supported, since pgpool does not know which group a user
+# belongs to. Also note that the database specified here may not exist in
+# the backend PostgreSQL. pgpool will authenticate based on the database's
+# name, not based on whether it exists or not.
+#
+# USER can be "all", a user name, or a comma-separated list thereof. In
+# both the DATABASE and USER fields you can also write a file name prefixed
+# with "@" to include names from a separate file. Note that a group name
+# prefixed with "+" like in PostgreSQL's pg_hba.conf file is not supported
+# because of the same reason as "samegroup" token. Also note that a user
+# name specified here may not exist in the backend PostgreSQL. pgpool will
+# authenticate based on the user's name, not based on whether he/she exists.
+#
+# CIDR-ADDRESS specifies the set of hosts the record matches.
+# It is made up of an IP address and a CIDR mask that is an integer
+# (between 0 and 32 (IPv4) that specifies the number of significant bits in
+# the mask. Alternatively, you can write an IP address and netmask in
+# separate columns to specify the set of hosts.
+#
+# METHOD can be "trust", "reject", "md5" or "pam". Note that "pam" sends passwords
+# in clear text.
+#
+# OPTION is the name of the PAM service. Default service name is "pgpool"
+#
+# Database and user names containing spaces, commas, quotes and other special
+# characters must be quoted. Quoting one of the keywords "all" or "sameuser"
+# makes the name lose its special character, and just match a database or
+# username with that name.
+#
+# This file is read on pgpool startup. If you edit the file on a running
+# system, you have to restart the pgpool for the changes to take effect.
+
+# Put your actual configuration here
+# ----------------------------------
+#
+# If you want to allow non-local connections, you need to add more
+# "host" records. In that case you will also need to make pgpool listen
+# on a non-local interface via the listen_addresses configuration parameter.
+#
+
+# TYPE DATABASE USER CIDR-ADDRESS METHOD
+
+# "local" is for Unix domain socket connections only
+#local all all trust
+# IPv4 local connections:
+host all all 0.0.0.0/0 md5
+
--- /dev/null
+# Copyright © 2019 Amdocs, Bell Canada, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }}
+
--- /dev/null
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}-primary
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-primary
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ name: "{{ .Values.container.name.primary }}"
+spec:
+ serviceName: {{ .Values.service.name }}
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}-primary
+ release: {{ .Release.Name }}
+ name: "{{ .Values.container.name.primary }}"
+ spec:
+ initContainers:
+ - name: init-sysctl
+ command:
+ - /bin/sh
+ - -c
+ - |
+ chown 26:26 /podroot/;
+ chmod 700 /podroot/;
+ image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-data
+ mountPath: /podroot/
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ .Values.postgresRepository }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ {{- end }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ env:
+ - name: PGHOST
+ value: /tmp
+ - name: PG_PRIMARY_USER
+ value: primaryuser
+ - name: PG_MODE
+ value: primary
+ - name: PG_PRIMARY_HOST
+ value: "{{ .Values.container.name.primary }}"
+ - name: PG_REPLICA_HOST
+ value: "{{ .Values.container.name.replica }}"
+ - name: PG_PRIMARY_PORT
+ value: "{{ .Values.service.internalPort }}"
+ - name: PG_PRIMARY_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: pg-primary-password
+ - name: PG_USER
+ value: "{{ .Values.config.pgUserName }}"
+ - name: PG_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: pg-user-password
+ - name: PG_DATABASE
+ value: "{{ .Values.config.pgDatabase }}"
+ - name: PG_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: pg-root-password
+ volumeMounts:
+ - name: pool-hba-conf
+ mountPath: /pgconf/pool_hba.conf
+ subPath: pool_hba.conf
+ - mountPath: /pgdata
+ name: {{ include "common.fullname" . }}-data
+ - mountPath: /backup
+ name: {{ include "common.fullname" . }}-backup
+ readOnly: true
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-backup
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-data
+{{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}-primary
+{{- else }}
+ emptyDir: {}
+{{ end }}
+ - name: pool-hba-conf
+ configMap:
+ name: {{ include "common.fullname" . }}
--- /dev/null
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}-replica
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-replica
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ name: "{{ .Values.container.name.replica }}"
+spec:
+ serviceName: {{ .Values.service.name }}
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}-replica
+ release: {{ .Release.Name }}
+ name: "{{ .Values.container.name.replica }}"
+ spec:
+ initContainers:
+ - name: init-sysctl
+ command:
+ - /bin/sh
+ - -c
+ - |
+ chown 26:26 /podroot/;
+ chmod 700 /podroot/;
+ image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.busyboxImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-data
+ mountPath: /podroot/
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ .Values.postgresRepository }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ {{end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ env:
+ - name: PGHOST
+ value: /tmp
+ - name: PG_PRIMARY_USER
+ value: primaryuser
+ - name: PG_MODE
+ value: replica
+ - name: PG_PRIMARY_HOST
+ value: "{{.Values.container.name.primary}}"
+ - name: PG_REPLICA_HOST
+ value: "{{.Values.container.name.replica}}"
+ - name: PG_PRIMARY_PORT
+ value: "{{.Values.service.internalPort}}"
+ - name: PG_PRIMARY_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: pg-primary-password
+ - name: PG_USER
+ value: "{{.Values.config.pgUserName}}"
+ - name: PG_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: pg-user-password
+ - name: PG_DATABASE
+ value: "{{.Values.config.pgDatabase}}"
+ - name: PG_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}
+ key: pg-root-password
+ volumeMounts:
+ - name: pool-hba-conf
+ mountPath: /pgconf/pool_hba.conf
+ subPath: pool_hba.conf
+ - mountPath: /pgdata
+ name: {{ include "common.fullname" . }}-data
+ - mountPath: /backup
+ name: {{ include "common.fullname" . }}-backup
+ readOnly: true
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-backup
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-data
+{{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}-replica
+{{- else }}
+ emptyDir: {}
+{{ end }}
+ - name: pool-hba-conf
+ configMap:
+ name: {{ include "common.fullname" . }}
# # limitations under the License.
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if include "common.needPV" . -}}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}-data0
+ name: {{ include "common.fullname" . }}-primary
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.fullname" . }}
storage: {{ .Values.persistence.size}}
accessModes:
- {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-data"
+ storageClassName: "{{ include "common.fullname" . }}-primary"
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}0
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-data1
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}1
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}/primary
+{{- end -}}
{{- end -}}
--- /dev/null
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if include "common.needPV" . -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-replica
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.size}}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" . }}-replica"
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}/replica
+{{- end -}}
+{{- end -}}
{{/*
# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-primary
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.name" . }}
+ app: {{ include "common.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
{{- if .Values.persistence.annotations }}
annotations:
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
+{{- if include "common.needPV" . }}
+ storageClassName: "{{ include "common.fullname" . }}-primary"
{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
+ storageClassName: {{ include "common.storageClass" . }}
{{- end }}
+ storageClassName: "{{ include "common.fullname" . }}-primary"
{{- end -}}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}-data
+ name: {{ include "common.fullname" . }}-replica
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.fullname" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
- storageClassName: "{{ include "common.fullname" . }}-data"
+{{- if include "common.needPV" . }}
+ storageClassName: "{{ include "common.fullname" . }}-replica"
+{{- else }}
+ storageClassName: {{ include "common.storageClass" . }}
+{{- end }}
{{- end -}}
{{/*
-# Copyright (c) 2019 Lenovo
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
# #
# # Licensed under the Apache License, Version 2.0 (the "License");
# # you may not use this file except in compliance with the License.
# # See the License for the specific language governing permissions and
# # limitations under the License.
*/}}
-
apiVersion: v1
kind: Service
metadata:
- name: {{ include "common.servicename" . }}
+ name: {{ .Values.service.name }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
annotations:
- msb.onap.org/service-info: '[
- {
- "serviceName": "multicloud-thinkcloud",
- "version": "v0",
- "url": "/api/multicloud-thinkcloud/v0",
- "protocol": "REST",
- "port": "{{ .Values.service.externalPort }}",
- "visualRange": "1"
- },
- {
- "serviceName": "multicloud-thinkcloud",
- "version": "v1",
- "url": "/api/multicloud-thinkcloud/v1",
- "protocol": "REST",
- "port": "{{ .Values.service.externalPort }}",
- "visualRange": "1"
- }
- ]'
-
spec:
+ type: {{ .Values.service.type }}
ports:
- {{ if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end }}
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
selector:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
- type: {{ .Values.service.type }}
--- /dev/null
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.service.name2 }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-primary
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+spec:
+ type: {{ .Values.service.type2 }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort2 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort2 }}
+ targetPort: {{ .Values.service.internalPort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- end}}
+ selector:
+ name: "{{.Values.container.name.primary}}"
+ release: {{ .Release.Name }}
--- /dev/null
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.service.name3 }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-replica
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+spec:
+ type: {{ .Values.service.type3 }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort3 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }}
+ name: {{ .Values.service.portName3 }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort3 }}
+ targetPort: {{ .Values.service.internalPort3 }}
+ name: {{ .Values.service.portName3 }}
+ {{- end}}
+ selector:
+ name: "{{.Values.container.name.replica}}"
+ release: {{ .Release.Name }}
service:
type: ClusterIP
name: pgset
+ portName: tcp-postgres
externalPort: 5432
internalPort: 5432
type2: ClusterIP
- name2: pgset-primary
+ name2: tcp-pgset-primary
+ portName2: tcp-postgres
externalPort2: 5432
internalPort2: 5432
type3: ClusterIP
- name3: pgset-replica
+ name3: tcp-pgset-replica
+ portName3: tcp-postgres
externalPort3: 5432
internalPort3: 5432
# requests:
# cpu: 2
# memory: 4Gi
-
--- /dev/null
+{{ include "common.ingress" . }}
ingress:
enabled: false
-
+ service:
+ - baseaddr: "consul-server"
+ name: "consul-server"
+ port: 8800
+ config:
+ ssl: "none"
+
resources: {}
odl:
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if not .Values.persistence.storageClass -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
{{ .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
-{{- if not .Values.persistence.storageClass }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
-{{- end }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
{{- end -}}
# storageClass: "nfs-dev-sc"
- accessMode: ReadWriteMany
+ accessMode: ReadWriteOnce
size: 1Gi
# When using storage class, mountPath and mountSubPath are
# application image
repository: ansible
image:
- web: awx_web:latest
- task: awx_task:latest
+ web: awx_web:9.0.1
+ task: awx_task:9.0.1
rabbitmq: awx_rabbitmq:3.7.4
- memcached: memcached:latest
+ memcached: memcached:1.5.20
pullPolicy: Always
# application configuration
# storageClass: "nfs-dev-sc"
- accessMode: ReadWriteMany
+ accessMode: ReadWriteOnce
size: 5Gi
# When using storage class, mountPath and mountSubPath are
dependencies:
- name: common
- version: ~4.x-0
+ version: ~5.x-0
repository: '@local'
\ No newline at end of file
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ .Release.Name }}-{{ .Values.persistence.staticPvName }}
+ name: {{ include "common.fullname" . }}-data
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
- name: {{ .Release.Name }}-{{ .Values.persistence.staticPvName }}
+ name: {{ include "common.fullname" . }}
spec:
capacity:
storage: {{ .Values.persistence.size}}
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}/app
{{- end -}}
{{ .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
-{{- if not .Values.persistence.storageClass }}
- selector:
- matchLabels:
- name: {{ .Release.Name }}-{{ .Values.persistence.staticPvName }}
-{{- end }}
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
- {{- if .Values.persistence.storageClass }}
- {{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
- {{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
- {{- end }}
- {{- end }}
-{{- end -}}
\ No newline at end of file
+ storageClassName: {{ include "common.storageClass" . }}
+{{- end -}}
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if not .Values.persistence.storageClass -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
{{ .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
-{{- if not .Values.persistence.storageClass }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
-{{- end }}
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
+ storageClassName: {{ include "common.storageClass" . }}
{{- end -}}
# storageClass: "nfs-dev-sc"
- accessMode: ReadWriteMany
+ accessMode: ReadWriteOnce
size: 1Gi
# When using storage class, mountPath and mountSubPath are
--- /dev/null
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+
+---
+
+kind: ConfigMap
+apiVersion: v1
+metadata:
+ name: nginx-configuration
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+ name: tcp-services
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+ name: udp-services
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: nginx-ingress-serviceaccount
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+ name: nginx-ingress-clusterrole
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+rules:
+ - apiGroups:
+ - ""
+ resources:
+ - configmaps
+ - endpoints
+ - nodes
+ - pods
+ - secrets
+ verbs:
+ - list
+ - watch
+ - apiGroups:
+ - ""
+ resources:
+ - nodes
+ verbs:
+ - get
+ - apiGroups:
+ - ""
+ resources:
+ - services
+ verbs:
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+ - apiGroups:
+ - "extensions"
+ - "networking.k8s.io"
+ resources:
+ - ingresses
+ verbs:
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - "extensions"
+ - "networking.k8s.io"
+ resources:
+ - ingresses/status
+ verbs:
+ - update
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: Role
+metadata:
+ name: nginx-ingress-role
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+rules:
+ - apiGroups:
+ - ""
+ resources:
+ - configmaps
+ - pods
+ - secrets
+ - namespaces
+ verbs:
+ - get
+ - apiGroups:
+ - ""
+ resources:
+ - configmaps
+ resourceNames:
+ # Defaults to "<election-id>-<ingress-class>"
+ # Here: "<ingress-controller-leader>-<nginx>"
+ # This has to be adapted if you change either parameter
+ # when launching the nginx-ingress-controller.
+ - "ingress-controller-leader-nginx"
+ verbs:
+ - get
+ - update
+ - apiGroups:
+ - ""
+ resources:
+ - configmaps
+ verbs:
+ - create
+ - apiGroups:
+ - ""
+ resources:
+ - endpoints
+ verbs:
+ - get
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: RoleBinding
+metadata:
+ name: nginx-ingress-role-nisa-binding
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: nginx-ingress-role
+subjects:
+ - kind: ServiceAccount
+ name: nginx-ingress-serviceaccount
+ namespace: ingress-nginx
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+ name: nginx-ingress-clusterrole-nisa-binding
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: nginx-ingress-clusterrole
+subjects:
+ - kind: ServiceAccount
+ name: nginx-ingress-serviceaccount
+ namespace: ingress-nginx
+
+---
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: nginx-ingress-controller
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+ annotations:
+ prometheus.io/port: "10254"
+ prometheus.io/scrape: "true"
+ spec:
+ serviceAccountName: nginx-ingress-serviceaccount
+ containers:
+ - name: nginx-ingress-controller
+ image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.25.1
+ args:
+ - /nginx-ingress-controller
+ - --configmap=$(POD_NAMESPACE)/nginx-configuration
+ - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
+ - --udp-services-configmap=$(POD_NAMESPACE)/udp-services
+ - --publish-service=$(POD_NAMESPACE)/ingress-nginx
+ - --annotations-prefix=nginx.ingress.kubernetes.io
+ - --enable-ssl-passthrough=true
+ securityContext:
+ allowPrivilegeEscalation: true
+ capabilities:
+ drop:
+ - ALL
+ add:
+ - NET_BIND_SERVICE
+ # www-data -> 33
+ runAsUser: 33
+ env:
+ - name: POD_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.name
+ - name: POD_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ ports:
+ - name: http
+ containerPort: 80
+ - name: https
+ containerPort: 443
+ livenessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /healthz
+ port: 10254
+ scheme: HTTP
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 10
+ readinessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /healthz
+ port: 10254
+ scheme: HTTP
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 10
+
+---
+kind: Service
+apiVersion: v1
+metadata:
+ name: ingress-nginx
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+spec:
+ externalTrafficPolicy: Local
+ type: LoadBalancer
+ selector:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+ ports:
+ - name: http
+ port: 80
+ targetPort: http
+ - name: https
+ port: 443
+ targetPort: https
+
+---
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: ingress-nginx
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+spec:
+ type: NodePort
+ ports:
+ - name: http
+ port: 80
+ targetPort: 80
+ protocol: TCP
+ - name: https
+ port: 443
+ targetPort: 443
+ protocol: TCP
+ selector:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+
+---
+
apiVersion: v1
description: ONAP DCAE Gen2
name: dcaegen2
-version: 5.0.0
+version: 6.0.0
+# Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
make-dcaegen2: make-dcae-bootstrap make-dcae-cloudify-manager make-dcae-config-binding-service make-dcae-healthcheck make-dcae-redis make-dcae-servicechange-handler make-dcae-inventory-api make-dcae-deployment-handler make-dcae-policy-handler make-dcae-dashboard
make-dcae-bootstrap:
- cd charts && helm dep up dcae-bootstrap && helm lint dcae-bootstrap
+ cd components && helm dep up dcae-bootstrap && helm lint dcae-bootstrap
make-dcae-cloudify-manager:
- cd charts && helm dep up dcae-cloudify-manager && helm lint dcae-cloudify-manager
+ cd components && helm dep up dcae-cloudify-manager && helm lint dcae-cloudify-manager
make-dcae-config-binding-service:
- cd charts && helm dep up dcae-config-binding-service && helm lint dcae-config-binding-service
+ cd components && helm dep up dcae-config-binding-service && helm lint dcae-config-binding-service
make-dcae-healthcheck:
- cd charts && helm dep up dcae-healthcheck && helm lint dcae-healthcheck
+ cd components && helm dep up dcae-healthcheck && helm lint dcae-healthcheck
make-dcae-redis:
- cd charts && helm dep up dcae-redis && helm lint dcae-redis
+ cd components && helm dep up dcae-redis && helm lint dcae-redis
make-dcae-servicechange-handler:
- cd charts && helm dep up dcae-servicechange-handler && helm lint dcae-servicechange-handler
+ cd components && helm dep up dcae-servicechange-handler && helm lint dcae-servicechange-handler
make-dcae-inventory-api:
- cd charts/dcae-servicechange-handler/charts && helm dep up dcae-inventory-api && helm lint dcae-inventory-api
+ cd components && helm dep up dcae-inventory-api && helm lint dcae-inventory-api
make-dcae-deployment-handler:
- cd charts && helm dep up dcae-deployment-handler && helm lint dcae-deployment-handler
+ cd components && helm dep up dcae-deployment-handler && helm lint dcae-deployment-handler
make-dcae-policy-handler:
- cd charts && helm dep up dcae-policy-handler && helm lint dcae-policy-handler
+ cd components && helm dep up dcae-policy-handler && helm lint dcae-policy-handler
make-dcae-dashboard:
- cd charts && helm dep up dcae-dashboard && helm lint dcae-dashboard
+ cd components && helm dep up dcae-dashboard && helm lint dcae-dashboard
+
+clean:
+ @find . -type f -name '*.tgz' -delete
+ @find . -type f -name '*.lock' -delete
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, AT&T, Bell Canada
-# #
-# # Licensed under the Apache License, Version 2.0 (the "License");
-# # you may not use this file except in compliance with the License.
-# # You may obtain a copy of the License at
-# #
-# # http://www.apache.org/licenses/LICENSE-2.0
-# #
-# # Unless required by applicable law or agreed to in writing, software
-# # distributed under the License is distributed on an "AS IS" BASIS,
-# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# # See the License for the specific language governing permissions and
-# # limitations under the License.
-*/}}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}0
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- storageClassName: manual
- capacity:
- storage: {{ .Values.persistence.size }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}0
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}1
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- storageClassName: manual
- capacity:
- storage: {{ .Values.persistence.size }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}1
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}2
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- storageClassName: manual
- capacity:
- storage: {{ .Values.persistence.size }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}2
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}3
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- storageClassName: manual
- capacity:
- storage: {{ .Values.persistence.size }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}3
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}4
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- storageClassName: manual
- capacity:
- storage: {{ .Values.persistence.size }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}4
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}5
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- storageClassName: manual
- capacity:
- storage: {{ .Values.persistence.size }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}5
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}6
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- storageClassName: manual
- capacity:
- storage: {{ .Values.persistence.size }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}6
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}7
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- storageClassName: manual
- capacity:
- storage: {{ .Values.persistence.size }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}7
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}8
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- storageClassName: manual
- capacity:
- storage: {{ .Values.persistence.size }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}8
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}9
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- storageClassName: manual
- capacity:
- storage: {{ .Values.persistence.size }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}9
-
-{{- end -}}
apiVersion: v1
description: ONAP DCAE Bootstrap
name: dcae-bootstrap
-version: 5.0.0
+version: 6.0.0
- name: common
version: ~5.x-0
repository: '@local'
- - name: postgres
+ - name: postgres-legacy
version: ~5.x-0
repository: '@local'
+ alias: postgres
# DCAE component images to be deployed via Cloudify Manager
# Use to override default setting in blueprints
componentImages:
- holmes_rules: onap/holmes/rule-management:1.2.6
- holmes_engine: onap/holmes/engine-management:1.2.5
+ holmes_rules: onap/holmes/rule-management:1.2.7
+ holmes_engine: onap/holmes/engine-management:1.2.6
tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.2
ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.4.5
snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0
- prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.3.1
+ prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.3.2
hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.3.0
# Resource Limit flavor -By Default using small
apiVersion: v1
description: ONAP DCAE Cloudify Manager
name: dcae-cloudify-manager
-version: 5.0.0
+version: 6.0.0
hostPath:
path: /etc/localtime
- name: cm-persistent
+ {{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ include "common.fullname" . }}-data
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
- emptyDir: {}
name: tls-info
imagePullSecrets:
# limitations under the License.
# ============LICENSE_END=========================================================
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) }}
kind: PersistentVolume
apiVersion: v1
metadata:
heritage: "{{ .Release.Service }}"
name: {{ include "common.fullname" . }}
spec:
- storageClassName: manual
capacity:
storage: {{ .Values.persistence.size }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+{{- end -}}
+{{- end -}}
# limitations under the License.
# ============LICENSE_END=========================================================
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
spec:
- storageClassName: manual
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
\ No newline at end of file
+{{- end -}}
size: 4Gi
mountPath: /dockerdata-nfs
mountSubPath: dcae-cm/data
+ volumeReclaimPolicy: Retain
apiVersion: v1
description: ONAP DCAE Config Binding Service
name: dcae-config-binding-service
-version: 5.0.0
\ No newline at end of file
+version: 6.0.0
appVersion: "1.0"
description: DCAE Dashboard
name: dcae-dashboard
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Deployment Handler
name: dcae-deployment-handler
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Health Check
name: dcae-healthcheck
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Inventory API Service
name: dcae-inventory-api
-version: 5.0.0
\ No newline at end of file
+version: 6.0.0
- name: common
version: ~5.x-0
repository: '@local'
- - name: postgres
+ - name: postgres-legacy
version: ~5.x-0
repository: '@local'
+ alias: postgres
apiVersion: v1
description: ONAP DCAE Policy Handler
name: dcae-policy-handler
-version: 5.0.0
+version: 6.0.0
apiVersion: v1
description: ONAP DCAE Redis
name: dcae-redis
-version: 5.0.0
+version: 6.0.0
--- /dev/null
+{{ include "common.ingress" . }}
--- /dev/null
+{{/*
+# Copyright © 2017 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) }}
+{{- range $i := until (int $global.Values.replicaCount)}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" $global }}-data-{{$i}}
+ namespace: {{ include "common.namespace" $global }}
+ labels:
+ app: {{ include "common.fullname" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}
+spec:
+ capacity:
+ storage: {{ $global.Values.persistence.size}}
+ accessModes:
+ - {{ $global.Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
+ hostPath:
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
+---
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
- name: {{ include "common.fullname" . }}-scripts
configMap:
name: {{ include "common.fullname" . }}-scripts
- defaultMode: 0755
+ defaultMode: 0755
- name: localtime
hostPath:
path: /etc/localtime
+ {{- if not .Values.persistence.enabled }}
+ - name: {{ include "common.fullname" . }}-data
+ emptyDir: {}
+ {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
+ {{- if .Values.persistence.enabled }}
volumeClaimTemplates:
- metadata:
name: {{ include "common.fullname" . }}-data
labels:
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}
spec:
- accessModes: [ {{ .Values.persistence.accessMode }} ]
- storageClassName: manual
+ accessModes:
+ - {{ .Values.persistence.accessMode | quote }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
- storage: {{ .Values.persistence.size }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
+ storage: {{ .Values.persistence.size | quote}}
+ {{- end }}
ingress:
enabled: false
-
+ service:
+ - baseaddr: "dcaeredis"
+ name: "dcae-redis"
+ port: 6379
+ - baseaddr: "dcaeredisgossip"
+ name: "dcae-redis"
+ port: 16379
+ config:
+ ssl: "none"
# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
apiVersion: v1
description: ONAP DCAE Service Change Handler
name: dcae-servicechange-handler
-version: 5.0.0
\ No newline at end of file
+version: 6.0.0
- name: common
version: ~5.x-0
repository: '@local'
+ - name: dcae-bootstrap
+ version: ~6.x-0
+ repository: 'file://components/dcae-bootstrap'
+ condition: dcae-bootstrap.enabled
+ - name: dcae-cloudify-manager
+ version: ~6.x-0
+ repository: 'file://components/dcae-cloudify-manager'
+ condition: dcae-cloudify-manager.enabled
+ - name: dcae-config-binding-service
+ version: ~6.x-0
+ repository: 'file://components/dcae-config-binding-service'
+ condition: dcae-config-binding-service.enabled
+ - name: dcae-healthcheck
+ version: ~6.x-0
+ repository: 'file://components/dcae-healthcheck'
+ condition: dcae-healthcheck.enabled
+ - name: dcae-redis
+ version: ~6.x-0
+ repository: 'file://components/dcae-redis'
+ condition: dcae-redis.enabled
+ - name: dcae-servicechange-handler
+ version: ~6.x-0
+ repository: 'file://components/dcae-servicechange-handler'
+ condition: dcae-servicechange-handler.enabled
+ - name: dcae-inventory-api
+ version: ~6.x-0
+ repository: 'file://components/dcae-inventory-api'
+ condition: dcae-inventory-api.enabled
+ - name: dcae-deployment-handler
+ version: ~6.x-0
+ repository: 'file://components/dcae-deployment-handler'
+ condition: dcae-deployment-handler.enabled
+ - name: dcae-policy-handler
+ version: ~6.x-0
+ repository: 'file://components/dcae-policy-handler'
+ condition: dcae-policy-handler.enabled
+ - name: dcae-dashboard
+ version: ~6.x-0
+ repository: 'file://components/dcae-dashboard'
+ condition: dcae-dashboard.enabled
+
#
#####################################################
# Indicator for whether to use AAF
-UseAAF: true
+UseAAF: {{ .Values.global.aafEnabled }}
# csit: stubs out some southbound APIs for csit
csit: No
{{- else -}}
"dmaapName": "{{ include "common.namespace" . }}",
{{- end}}
- "drProvUrl": "https://dmaap-dr-prov:8443",
+ "drProvUrl": "https://dmaap-dr-prov",
"version": "1",
"topicNsRoot": "org.onap.dmaap",
"bridgeAdminTopic": "DCAE_MM_AGENT"
-
# Modifications Copyright © 2018 Amdocs,Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
- hostAliases:
- - ip: "10.12.5.145"
- hostnames:
- - "aaf-onap-test.osaaf.org"
initContainers:
+{{- if .Values.global.aafEnabled }}
- command:
- /root/ready.py
args:
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-aaf-readiness
-{{ if .Values.PG.enabled }}
+ - name: {{ include "common.name" . }}-dbc-aaf-config
+ image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"]
+ volumeMounts:
+ - mountPath: {{ .Values.persistence.aafCredsPath }}
+ name: {{ include "common.name" . }}-aaf-config
+ env:
+ - name: APP_FQI
+ value: "{{ .Values.aafConfig.fqi }}"
+ - name: aaf_locate_url
+ value: "https://aaf-locate.{{ .Release.Namespace }}:8095"
+ - name: aaf_locator_container
+ value: "{{ .Values.global.aafLocatorContainer }}"
+ - name: aaf_locator_container_ns
+ value: "{{ .Release.Namespace }}"
+ - name: aaf_locator_fqdn
+ value: "{{ .Values.aafConfig.fqdn }}"
+ - name: aaf_locator_public_fqdn
+ value: "{{.Values.aafConfig.publicFqdn}}"
+ - name: aaf_locator_app_ns
+ value: "{{ .Values.global.aafAppNs }}"
+ - name: DEPLOY_FQI
+ value: "{{ .Values.aafConfig.aafDeployFqi }}"
+ - name: DEPLOY_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.fullname" . }}-secret
+ key: aaf-deploy-password
+ - name: cadi_longitude
+ value: "{{ .Values.aafConfig.cadiLongitude }}"
+ - name: cadi_latitude
+ value: "{{ .Values.aafConfig.cadiLatitude }}"
+{{- end }}
+{{- if .Values.PG.enabled }}
- command:
- /root/ready.py
args:
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
- {{if eq .Values.liveness.enabled true }}
+ {{ if eq .Values.liveness.enabled true -}}
livenessProbe:
httpGet:
port: {{ .Values.service.internalPort }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
-
# NOTE: on the following several configMaps, careful to include / at end
# since there may be more than one file in each mountPath
- name: {{ include "common.name" . }}-config
- name: {{ include "common.name" . }}-aaf-config
mountPath: /opt/app/dmaapbc/etc/org.onap.dmaap-bc.props
subPath: org.onap.dmaap-bc.props
-
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
--- /dev/null
+{{ include "common.ingress" . }}
-# Copyright © 2017 Amdocs, Bell Canada, Orange
+
+# Modifications Copyright © 2019 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
+{{- if .Values.global.aafEnabled }}
apiVersion: v1
kind: Secret
metadata:
heritage: {{ .Release.Service }}
type: Opaque
data:
- db-user-password: {{ .Values.config.db.password | b64enc | quote }}
- db-root-password: {{ .Values.config.db.root_password | b64enc | quote }}
+ aaf-deploy-password: {{ index .Values.aafConfig.aafDeployPass | b64enc | quote }}
+{{- end }}
adminUser: aaf_admin@people.osaaf.org
adminPwd: demo123456!
+#AAF local config
+aafConfig:
+ aafDeployFqi: dmaap-bc@dmaap-bc.onap.org
+ aafDeployPass: demo123456!
+ fqdn: dmaap-bc
+ fqi: dmaap-bc@dmaap-bc.onap.org
+ publicFqdn: dmaap-bc.onap.org
+ cadiLatitude: 0.0
+ cadiLongitude: 0.0
+
+persistence:
+ aafCredsPath: /opt/app/osaaf/local
+
# for Casablanca default deployment, leave this true to
# get a topic namespace that matches MR. When set to false,
# it will compose the topic namespace using the kubernetes namespace value
ingress:
enabled: false
+ service:
+ - baseaddr: "dmaapbc"
+ name: "dmaap-bc"
+ port: 8443
+ config:
+ ssl: "redirect"
# Resource Limit flavor -By Default using small
flavor: small
+++ /dev/null
-cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
-cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile
-cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
-cadi_keystore_password=WGxd2P6MDo*Bi4+UdzWs{?$8
-cadi_key_password=WGxd2P6MDo*Bi4+UdzWs{?$8
-cadi_alias=dmaap-dr-node@dmaap-dr.onap.org
-cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
-cadi_truststore_password=)OBvCd{e{aWq.^mJJdX:S:1&
-
-aaf_env=DEV
-aaf_locate_url=https://aaf-locate:8095
-aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect
-aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token
-aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
-cadi_protocols=TLSv1.1,TLSv1.2
-cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1
-fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1
-gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1
-
-cadi_latitude=53.423
-cadi_longitude=7.940
-
-cadi_loglevel=INFO
\ No newline at end of file
#
# The path to the redirection data file
#
-#RedirectionFile: etc/redirections.dat
+RedirectionFile = etc/redirections.dat
#
# The type of keystore for https
-#
-KeyStoreType=jks
-#
-# The path to the keystore for https
-#
-KeyStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
-#
-# The password for the https keystore
-#
-KeyStorePassword=WGxd2P6MDo*Bi4+UdzWs{?$8
-#
-# The password for the private key in the https keystore
-#
-KeyPassword=WGxd2P6MDo*Bi4+UdzWs{?$8
+KeyStoreType = PKCS12
#
# The type of truststore for https
-#
-TrustStoreType=jks
-#
-# The path to the truststore for https
-#
-TrustStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
-#
-# The password for the https truststore
-#
-TrustStorePassword=)OBvCd{e{aWq.^mJJdX:S:1&
+TrustStoreType = jks
#
# The path to the file used to trigger an orderly shutdown
-#
-QuiesceFile=etc/SHUTDOWN
+QuiesceFile = etc/SHUTDOWN
#
# The key used to generate passwords for node to node transfers
-#
-NodeAuthKey=Node123!
+NodeAuthKey = Node123!
#
# DR_NODE DEFAULT ENABLED TLS PROTOCOLS
NodeHttpsProtocols = TLSv1.1|TLSv1.2
# AAF action to generate permission string - default should be publish
AAFAction = publish
#
-# AAF URL to connect to AAF server
-AafUrl = https://aaf-locate:8095
-#
# AAF CADI enabled flag
CadiEnabled = false
+#
+# AAF Props file path
+AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props
--- /dev/null
+{{ include "common.ingress" . }}
--- /dev/null
+{{/*
+ # ============LICENSE_START=======================================================
+ # Copyright (C) 2019 Nordix Foundation.
+ # ================================================================================
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+ #
+ # SPDX-License-Identifier: Apache-2.0
+ # ============LICENSE_END=========================================================
+*/}}
+
+
+{{- if .Values.global.aafEnabled }}
+{{- $global := . }}
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
+---
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" $global }}-aaf-props-{{ $i }}
+ namespace: {{ include "common.namespace" $global }}
+ labels:
+ app: {{ include "common.name" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}-aaf-props
+spec:
+ capacity:
+ storage: {{ $global.Values.persistence.aafCredsSize }}
+ accessModes:
+ - {{ $global.Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" $global }}-data-aaf-props"
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.aafCredsMountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
+---
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
--- /dev/null
+{{/*
+ # ============LICENSE_START=======================================================
+ # Copyright (C) 2019 Nordix Foundation.
+ # ================================================================================
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+ #
+ # SPDX-License-Identifier: Apache-2.0
+ # ============LICENSE_END=========================================================
+*/}}
+
+---
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" $global }}-event-logs-{{ $i }}
+ namespace: {{ include "common.namespace" $global }}
+ labels:
+ app: {{ include "common.fullname" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}-event-logs
+spec:
+ capacity:
+ storage: {{ $global.Values.persistence.eventLogSize}}
+ accessModes:
+ - {{ $global.Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data-event-logs"
+ hostPath:
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.eventLogsMountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
+---
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
--- /dev/null
+{{/*
+ # ============LICENSE_START=======================================================
+ # Copyright (C) 2019 Nordix Foundation.
+ # ================================================================================
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+ #
+ # SPDX-License-Identifier: Apache-2.0
+ # ============LICENSE_END=========================================================
+*/}}
+
+{{- $global := . }}
+{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" $global }}-spool-data-{{$i}}
+ namespace: {{ include "common.namespace" $global }}
+ labels:
+ app: {{ include "common.fullname" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}-spool-data
+spec:
+ capacity:
+ storage: {{ $global.Values.persistence.spoolSize}}
+ accessModes:
+ - {{ $global.Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
+ hostPath:
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.spoolMountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
+---
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ {{- if .Values.global.aafEnabled }}
+ - name: {{ include "common.name" . }}-dr-node-aaf-config
+ image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: {{ .Values.persistence.aafCredsPath }}
+ name: {{ include "common.fullname" . }}-aaf-props
+ command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"]
+ env:
+ - name: APP_FQI
+ value: "{{ .Values.aafConfig.fqi }}"
+ - name: aaf_locate_url
+ value: "https://aaf-locate.{{ .Release.Namespace }}:8095"
+ - name: aaf_locator_container
+ value: "{{ .Values.global.aafLocatorContainer }}"
+ - name: aaf_locator_container_ns
+ value: "{{ .Release.Namespace }}"
+ - name: aaf_locator_fqdn
+ value: "{{ .Values.aafConfig.fqdn }}"
+ - name: aaf_locator_public_fqdn
+ value: "{{.Values.aafConfig.publicFqdn}}"
+ - name: aaf_locator_app_ns
+ value: "{{ .Values.global.aafAppNs }}"
+ - name: DEPLOY_FQI
+ value: "{{ .Values.aafConfig.aafDeployFqi }}"
+ - name: DEPLOY_PASSWORD
+ value: "{{ .Values.aafConfig.aafDeployPass }}"
+ - name: cadi_longitude
+ value: "{{ .Values.aafConfig.cadiLongitude }}"
+ - name: cadi_latitude
+ value: "{{ .Values.aafConfig.cadiLatitude }}"
+ {{- end }}
- name: {{ include "common.name" . }}-permission-fixer
image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- mountPath: {{ .Values.persistence.spoolPath }}
- name: {{ include "common.fullname" . }}-spool-data-pvc
+ name: {{ include "common.fullname" . }}-data
- mountPath: {{ .Values.persistence.eventLogsPath }}
- name: {{ include "common.fullname" . }}-event-logs-pvc
- command: ["chown","-Rf","1000:1001", "/opt/app/datartr"]
+ name: {{ include "common.fullname" . }}-event-logs
+ {{- if .Values.global.aafEnabled }}
+ - mountPath: {{ .Values.persistence.aafCredsPath }}
+ name: {{ include "common.fullname" . }}-aaf-props
+ {{- end }}
+ command: ["chown","-Rf","1000:1001", "/opt/app/"]
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
+ {{- if .Values.global.aafEnabled }}
+ - mountPath: {{ .Values.persistence.aafCredsPath }}
+ name: {{ include "common.fullname" . }}-aaf-props
+ {{- end }}
- mountPath: {{ .Values.persistence.spoolPath }}
- name: {{ include "common.fullname" . }}-spool-data-pvc
+ name: {{ include "common.fullname" . }}-data
- mountPath: {{ .Values.persistence.eventLogsPath }}
- name: {{ include "common.fullname" . }}-event-logs-pvc
+ name: {{ include "common.fullname" . }}-event-logs
- mountPath: /etc/localtime
name: localtime
readOnly: false
- mountPath: /opt/app/datartr/etc/node.properties
name: {{ include "common.fullname" . }}-config
subPath: node.properties
- - mountPath: /opt/app/datartr/etc/drNodeCadi.properties
- name: {{ include "common.fullname" . }}-config
- subPath: drNodeCadi.properties
- mountPath: /opt/app/datartr/etc/logback.xml
name: {{ include "common.fullname" . }}-log-conf
subPath: logback.xml
- mountPath: {{ .Values.global.loggingDirectory }}
name: {{ include "common.fullname" . }}-logs
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
{{- if .Values.affinity }}
affinity:
{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- # Filebeat sidecar container
+ {{- end -}}
+ # Filebeat sidecar container
- name: {{ include "common.name" . }}-filebeat-onap
image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
items:
- key: node.properties
path: node.properties
- - key: drNodeCadi.properties
- path: drNodeCadi.properties
- name: {{ include "common.fullname" . }}-log-conf
configMap:
name: {{ include "common.fullname" . }}-log
name: {{ include "common.fullname" . }}-dmaap-dr-node-filebeat-configmap
- name: {{ include "common.fullname" . }}-data-filebeat
emptyDir: {}
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ {{- if not .Values.persistence.enabled }}
- name: {{ include "common.fullname" . }}-event-logs-pvc
emptyDir: {}
- - name: {{ include "common.fullname" . }}-logs
+ - name: {{ include "common.fullname" . }}-data
+ emptyDir: {}
+ {{- if .Values.global.aafEnabled }}
+ - name: {{ include "common.fullname" . }}-aaf-props-pvc
emptyDir: {}
+ {{- end }}
+ {{- end }}
+{{- if .Values.persistence.enabled }}
volumeClaimTemplates:
- metadata:
- name: {{ include "common.fullname" . }}-spool-data-pvc
+ name: {{ include "common.fullname" . }}-data
labels:
name: {{ include "common.fullname" . }}
spec:
- accessModes: [ {{ .Values.persistence.accessMode }} ]
- storageClassName: {{ include "common.fullname" . }}-spool-data-stcl
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.spoolSize }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}-spool-data-pv
- metadata:
- name: {{ include "common.fullname" . }}-event-logs-pvc
+ name: {{ include "common.fullname" . }}-event-logs
labels:
name: {{ include "common.fullname" . }}
spec:
- accessModes: [ {{ .Values.persistence.accessMode }} ]
- storageClassName: {{ include "common.fullname" . }}-event-logs-stcl
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ {{- if eq "True" (include "common.needPV" .) }}
+ storageClassName: "{{ include "common.fullname" . }}-data-event-logs"
+ {{- else }}
+ storageClassName: {{ include "common.storageClass" . }}
+ {{- end }}
resources:
requests:
storage: {{ .Values.persistence.eventLogSize }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}-event-logs-pv
+{{- if .Values.global.aafEnabled }}
+ - metadata:
+ name: {{ include "common.fullname" . }}-aaf-props
+ labels:
+ name: {{ include "common.fullname" . }}
+ spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ {{- if eq "True" (include "common.needPV" .) }}
+ storageClassName: "{{ include "common.fullname" . }}-data-aaf-props"
+ {{- else }}
+ storageClassName: {{ include "common.storageClass" . }}
+ {{- end }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.aafCredsSize }}
+{{- end }}
+{{- end }}
#################################################################
global:
loggingDirectory: /var/log/onap/datarouter
- busyBoxImage: busybox:1.30
- busyBoxRepository: docker.io
#################################################################
# Application configuration defaults.
#################################################################
# application image
-image: onap/dmaap/datarouter-node:2.1.2
+image: onap/dmaap/datarouter-node:2.1.3
pullPolicy: Always
# flag to enable debugging - application support required
mountPath: /dockerdata-nfs
spoolMountSubPath: data-router/dr-node/spool-data
- spoolSize: 1Gi
+ spoolSize: 2Gi
spoolPath: /opt/app/datartr/spool
eventLogsMountSubPath: data-router/dr-node/event-logs
- eventLogSize: 1Gi
+ eventLogSize: 2Gi
eventLogsPath: /opt/app/datartr/logs
+ aafCredsMountSubPath: data-router/dr-node/aaf-props
+ aafCredsSize: 10M
+ aafCredsPath: /opt/app/osaaf/local
+
+#AAF local config
+aafConfig:
+ aafDeployFqi: dmaap-dr@dmaap-dr.onap.org
+ aafDeployPass: demo123456!
+ fqdn: dmaap-dr-node
+ fqi: dmaap-dr-node@dmaap-dr.onap.org
+ publicFqdn: dmaap-dr.onap.org
+ cadiLatitude: 0.0
+ cadiLongitude: 0.0
+
+
ingress:
enabled: false
+ service:
+ - baseaddr: "dmaapdrnode"
+ name: "dmaap-dr-node"
+ port: 8443
+ config:
+ ssl: "redirect"
# Resource Limit flavor -By Default using small
flavor: small
+++ /dev/null
-cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
-cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile
-cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
-cadi_keystore_password=FZNkU,B%NJzcT1v7;^v]M#ZX
-cadi_key_password=FZNkU,B%NJzcT1v7;^v]M#ZX
-cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org
-cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
-cadi_truststore_password=+mzf@J.D^;3!![*Xr.z$c#?b
-
-aaf_env=DEV
-aaf_locate_url=https://aaf-locate:8095
-aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect
-aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token
-aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
-cadi_protocols=TLSv1.1,TLSv1.2
-cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1
-fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1
-gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1
-
-cadi_latitude=53.423
-cadi_longitude=7.940
-
-cadi_loglevel=INFO
\ No newline at end of file
#Jetty Server properties
-org.onap.dmaap.datarouter.provserver.http.port = {{.Values.global.dmaapDrProvExtPort}}
-org.onap.dmaap.datarouter.provserver.https.port = {{.Values.global.dmaapDrProvExtPort2}}
+org.onap.dmaap.datarouter.provserver.http.port = {{.Values.config.dmaapDrProv.internalPort}}
+org.onap.dmaap.datarouter.provserver.https.port = {{.Values.config.dmaapDrProv.internalPort2}}
org.onap.dmaap.datarouter.provserver.https.relaxation = true
-org.onap.dmaap.datarouter.provserver.keymanager.password = FZNkU,B%NJzcT1v7;^v]M#ZX
-org.onap.dmaap.datarouter.provserver.keystore.type = jks
-org.onap.dmaap.datarouter.provserver.keystore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
-org.onap.dmaap.datarouter.provserver.keystore.password = FZNkU,B%NJzcT1v7;^v]M#ZX
-org.onap.dmaap.datarouter.provserver.truststore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
-org.onap.dmaap.datarouter.provserver.truststore.password = +mzf@J.D^;3!![*Xr.z$c#?b
+org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props
+
org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs
org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool
org.onap.dmaap.datarouter.provserver.dbscripts = /opt/app/datartr/etc/misc
org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish
org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe
-# AAF URL to connect to AAF server
-org.onap.dmaap.datarouter.provserver.cadi.aaf.url = https://aaf-locate:8095
-
spec:
hostname: {{ .Values.global.dmaapDrProvName }}
initContainers:
- - command:
- - /root/ready.py
- args:
- - --container-name
- - {{ .Values.config.dmaapDrDb.mariadbContName }}
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
+ - name: {{ include "common.name" . }}-readiness
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - {{ .Values.config.dmaapDrDb.mariadbContName }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ {{- if .Values.global.aafEnabled }}
+ - name: {{ include "common.name" . }}-aaf-readiness
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - aaf-locate
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ - name: {{ include "common.name" . }}-dr-prov-aaf-config
+ image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"]
+ volumeMounts:
+ - mountPath: {{ .Values.persistence.aafCredsPath }}
+ name: {{ include "common.fullname" . }}-aaf-config-vol
+ env:
+ - name: APP_FQI
+ value: "{{ .Values.aafConfig.fqi }}"
+ - name: aaf_locate_url
+ value: "https://aaf-locate.{{ .Release.Namespace }}:8095"
+ - name: aaf_locator_container
+ value: "{{ .Values.global.aafLocatorContainer }}"
+ - name: aaf_locator_container_ns
+ value: "{{ .Release.Namespace }}"
+ - name: aaf_locator_fqdn
+ value: "{{ .Values.aafConfig.fqdn }}"
+ - name: aaf_locator_public_fqdn
+ value: "{{.Values.aafConfig.publicFqdn}}"
+ - name: aaf_locator_app_ns
+ value: "{{ .Values.global.aafAppNs }}"
+ - name: DEPLOY_FQI
+ value: "{{ .Values.aafConfig.aafDeployFqi }}"
+ - name: DEPLOY_PASSWORD
+ value: "{{ .Values.aafConfig.aafDeployPass }}"
+ - name: cadi_longitude
+ value: "{{ .Values.aafConfig.cadiLongitude }}"
+ - name: cadi_latitude
+ value: "{{ .Values.aafConfig.cadiLatitude }}"
+ - name: {{ include "common.name" . }}-permission-fixer
+ image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: {{ .Values.persistence.aafCredsPath }}
+ name: {{ include "common.fullname" . }}-aaf-config-vol
+ command: ["chown","-Rf","1000:1001", "/opt/app/"]
+ {{ end }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- - containerPort: {{ .Values.global.dmaapDrProvExtPort }}
- - containerPort: {{ .Values.global.dmaapDrProvExtPort2 }}
+ - containerPort: {{ .Values.config.dmaapDrProv.internalPort }}
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- port: {{ .Values.global.dmaapDrProvExtPort }}
+ port: {{ .Values.config.dmaapDrProv.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end -}}
readinessProbe:
tcpSocket:
- port: {{ .Values.global.dmaapDrProvExtPort }}
+ port: {{ .Values.config.dmaapDrProv.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
+ {{- if .Values.global.aafEnabled }}
+ - mountPath: {{ .Values.persistence.aafCredsPath }}
+ name: {{ include "common.fullname" . }}-aaf-config-vol
+ {{- end }}
- mountPath: /etc/localtime
name: localtime
readOnly: false
- mountPath: /opt/app/datartr/etc/provserver.properties
name: {{ include "common.fullname" . }}-config
subPath: provserver.properties
- - mountPath: /opt/app/datartr/etc/drProvCadi.properties
- name: {{ include "common.fullname" . }}-config
- subPath: drProvCadi.properties
- mountPath: /opt/app/datartr/etc/logback.xml
name: {{ include "common.fullname" . }}-log-conf
subPath: logback.xml
- mountPath: {{ .Values.global.loggingDirectory }}
name: {{ include "common.fullname" . }}-logs
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
{{- if .Values.affinity }}
affinity:
{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- # Filebeat sidecar container
+ {{- end -}}
+ # Filebeat sidecar container
- name: {{ include "common.name" . }}-filebeat-onap
image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
items:
- key: provserver.properties
path: provserver.properties
- - key: drProvCadi.properties
- path: drProvCadi.properties
- name: {{ include "common.fullname" . }}-log-conf
configMap:
name: {{ include "common.fullname" . }}-log
emptyDir: {}
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
+ {{- if .Values.global.aafEnabled }}
+ - name: {{ include "common.fullname" . }}-aaf-config-vol
+ {{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}-aaf-props
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
+ {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+{{ include "common.ingress" . }}
{{ end }}
- name: REQUESTID
value: "{{.Chart.Name}}-post-install"
-
volumeMounts:
- mountPath: /etc/localtime
name: localtime
readOnly: true
-
# NOTE: on the following several configMaps, careful to include / at end
# since there may be more than one file in each mountPath
# NOTE: the basename of the subdirectory is important - it matches the DBCL API URI
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=========================================================
*/}}
-
+{{- if .Values.global.aafEnabled }}
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}-spool-data-pv
+ name: {{ include "common.fullname" . }}-aaf-props
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.name" . }}
+ app: {{ include "common.name" . }}-aaf-props
chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}-spool-data-pv
+ name: {{ include "common.fullname" . }}-aaf-props
spec:
capacity:
- storage: {{ .Values.persistence.spoolSize }}
+ storage: {{ .Values.persistence.aafCredsSize}}
accessModes:
- {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-spool-data-stcl"
+ storageClassName: "{{ include "common.fullname" . }}-data"
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
hostPath:
- path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.spoolMountSubPath }}
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-event-logs-pv
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}-event-logs-pv
-spec:
- capacity:
- storage: {{ .Values.persistence.eventLogSize }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-event-logs-stcl"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.eventLogsMountSubPath }}
\ No newline at end of file
+ path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.aafCredsMountSubPath }}
+{{ end -}}
+{{- end -}}
+{{- end -}}
--- /dev/null
+{{/*
+ # ============LICENSE_START=======================================================
+ # Copyright (C) 2019 Nordix Foundation.
+ # ================================================================================
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+ #
+ # SPDX-License-Identifier: Apache-2.0
+ # ============LICENSE_END=========================================================
+*/}}
+{{- if .Values.global.aafEnabled }}
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-aaf-props
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.aafCredsSize }}
+{{ end -}}
+{{ end -}}
spec:
type: {{ .Values.config.dmaapDrProv.servicetype }}
ports:
- {{if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}}
+ {{- if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}}
{{- if .Values.global.allow_http }}
- port: {{ .Values.global.dmaapDrProvExtPort }}
targetPort: {{ .Values.config.dmaapDrProv.internalPort }}
# Application configuration defaults.
#################################################################
# application image
-image: onap/dmaap/datarouter-prov:2.1.2
+image: onap/dmaap/datarouter-prov:2.1.3
pullPolicy: Always
# flag to enable debugging - application support required
## Persist data to a persitent volume
persistence:
- enabled: false
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteOnce
+ mountPath: /dockerdata-nfs
+
+ aafCredsMountSubPath: data-router/dr-prov/aaf-props
+ aafCredsSize: 10M
+ aafCredsPath: /opt/app/osaaf/local
ingress:
enabled: false
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 2000m
- memory: 4Gi
- requests:
- cpu: 500m
- memory: 1Gi
- large:
- limits:
- cpu: 4000m
- memory: 8Gi
- requests:
- cpu: 1000m
- memory: 2Gi
- unlimited: {}
+ service:
+ - baseaddr: "dmaapdrprov"
+ name: "dmaap-dr-prov"
+ port: 8443
+ config:
+ ssl: "redirect"
config:
# dr provisioning server configuration
size: 1Gi
mountSubPath: data-router/dr-db-data
disableNfsProvisioner: true
+
+#AAF local config
+aafConfig:
+ aafDeployFqi: dmaap-dr@dmaap-dr.onap.org
+ aafDeployPass: demo123456!
+ fqdn: dmaap-dr-prov
+ fqi: dmaap-dr-prov@dmaap-dr.onap.org
+ publicFqdn: dmaap-dr.onap.org
+ cadiLatitude: 0.0
+ cadiLongitude: 0.0
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2000m
+ memory: 4Gi
+ requests:
+ cpu: 500m
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4000m
+ memory: 8Gi
+ requests:
+ cpu: 1000m
+ memory: 2Gi
+ unlimited: {}
\ No newline at end of file
# See the License for the specific language governing permissions and
# limitations under the License.
-{{- $root := . -}}
+{{- $global := . -}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{ range $i, $e := until (atoi (quote $global.Values.replicaCount) | default 3) }}
---
apiVersion: v1
kind: PersistentVolume
metadata:
- name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }}
- namespace: {{ $root.Release.Namespace }}
+ name: {{ $global.Release.Name }}-{{ $global.Values.service.name }}-{{ $i }}
+ namespace: {{ $global.Release.Namespace }}
labels:
- app: {{ $root.Values.service.name }}
- chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }}
- release: {{ $root.Release.Name }}
- heritage: {{ $root.Release.Service }}
+ app: {{ $global.Values.service.name }}
+ chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}
+ release: {{ $global.Release.Name }}
+ heritage: {{ $global.Release.Service }}
spec:
capacity:
- storage: {{ $root.Values.persistence.size }}
+ storage: {{ $global.Values.persistence.size }}
accessModes:
- - {{ $root.Values.persistence.accessMode }}
+ - {{ $global.Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
hostPath:
- path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }}
- persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }}
+ path: {{ $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+{{ end }}
{{ end }}
{{ end }}
-
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
{{ end }}
readinessProbe:
tcpSocket:
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
env:
- name: HOST_IP
valueFrom:
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
- selector:
- matchLabels:
- release: "{{ .Release.Name }}"
- app: {{ .Values.service.name }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- heritage: "{{ .Release.Service }}"
{{ end }}
imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
liveness:
initialDelaySeconds: 60
periodSeconds: 10
+ timeoutSeconds: 1
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
initialDelaySeconds: 60
periodSeconds: 10
+ timeoutSeconds: 1
## Persist data to a persitent volume
persistence:
- "rm /tmp/lprobe.txt"
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
{{ end }}
readinessProbe:
exec:
- "rm /tmp/rprobe.txt"
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
env:
- name: KAFKA_HEAP_OPTS
value: "{{ .Values.kafkaHeapOptions }}"
liveness:
initialDelaySeconds: 60
periodSeconds: 20
+ timeoutSeconds: 5
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
initialDelaySeconds: 60
periodSeconds: 20
+ timeoutSeconds: 5
service:
# See the License for the specific language governing permissions and
# limitations under the License.
-{{- $root := . -}}
+{{- $global := . -}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{ range $i, $e := until (atoi (quote $global.Values.replicaCount) | default 3) }}
---
apiVersion: v1
kind: PersistentVolume
metadata:
- name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }}
- namespace: {{ $root.Release.Namespace }}
+ name: {{ $global.Release.Name }}-{{ $global.Values.service.name }}-{{ $i }}
+ namespace: {{ $global.Release.Namespace }}
labels:
- app: {{ $root.Values.service.name }}
- chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }}
- release: {{ $root.Release.Name }}
- heritage: {{ $root.Release.Service }}
+ app: {{ $global.Values.service.name }}
+ chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}
+ release: {{ $global.Release.Name }}
+ heritage: {{ $global.Release.Service }}
spec:
capacity:
- storage: {{ $root.Values.persistence.size }}
+ storage: {{ $global.Values.persistence.size }}
accessModes:
- - {{ $root.Values.persistence.accessMode }}
+ - {{ $global.Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
hostPath:
- path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }}
- persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }}
+ path: {{ $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }}
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+{{ end }}
{{ end }}
{{ end }}
-
- "zookeeper-ready.sh 2181"
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
{{ end }}
readinessProbe:
exec:
- "zookeeper-ready.sh 2181"
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
env:
- name: ZK_REPLICAS
value: "{{ .Values.replicaCount }}"
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
- selector:
- matchLabels:
- release: "{{ .Release.Name }}"
- app: {{ .Values.service.name }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- heritage: "{{ .Release.Service }}"
{{ end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
-
-
liveness:
initialDelaySeconds: 10
periodSeconds: 10
+ timeoutSeconds: 1
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
initialDelaySeconds: 10
periodSeconds: 10
+ timeoutSeconds: 1
#Zookeeper properties
zk:
port: {{ .Values.service.externalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
{{ end -}}
readinessProbe:
tcpSocket:
port: {{ .Values.service.externalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
env:
- name: enableCadi
- value: "true"
+ value: "{{ .Values.global.aafEnabled }}"
volumeMounts:
- mountPath: /etc/localtime
name: localtime
subPath: mykey
name: mykey
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
volumes:
- name: localtime
hostPath:
liveness:
initialDelaySeconds: 70
periodSeconds: 10
+ timeoutSeconds: 1
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
initialDelaySeconds: 70
periodSeconds: 10
+ timeoutSeconds: 1
service:
type: NodePort
loggingImage: beats/filebeat:5.5.0
clientImage: onap/dmaap/dbc-client:1.0.9
repository: nexus3.onap.org:10001
+ busyBoxImage: busybox:1.30
+ busyBoxRepository: docker.io
#Global DMaaP app config
allow_http: true
#dmaap-dr-prov server configuration
dmaapDrProvName: dmaap-dr-prov
- dmaapDrProvExtPort2: 8443
- dmaapDrProvExtPort: 8080
+ dmaapDrProvExtPort2: 443
+ dmaapDrProvExtPort: 80
+
+ #AAF global config overrides
+ aafEnabled: true
+ aafAgentImage: onap/aaf/aaf_agent:2.1.15
+ aafAppNs: org.osaaf.aaf
+ aafLocatorContainer: oom
+
#Component overrides
# actual upgrade/install of parent and subcharts.
DEPLOY_FLAGS=$(resolve_deploy_flags "$FLAGS")
- # determine if upgrading individual subchart or entire parent + subcharts
+ # determine if upgrading individual subchart or entire parent + subcharts
SUBCHART_RELEASE="$(cut -d'-' -f2 <<<"$RELEASE")"
- if [[ ! -d "$CACHE_SUBCHART_DIR/$SUBCHART_RELEASE" ]]; then
+ # update specified subchart without parent
+ RELEASE="$(cut -d'-' -f1 <<<"$RELEASE")"
+ if [[ $SUBCHART_RELEASE == $RELEASE ]]; then
SUBCHART_RELEASE=
- else
- # update specified subchart without parent
- RELEASE="$(cut -d'-' -f1 <<<"$RELEASE")"
fi
# clear previously cached charts
--- /dev/null
+{{ include "common.ingress" . }}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-data
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
- accessMode: ReadWriteMany
+ accessMode: ReadWriteOnce
size: 1Gi
mountPath: /dockerdata-nfs
mountSubPath: log/elasticsearch/data
ingress:
enabled: false
-
+ service:
+ - baseaddr: "loges"
+ name: "log-es"
+ port: 9200
+ config:
+ ssl: "none"
# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
requests:
cpu: 1
memory: 4Gi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
--- /dev/null
+{{ include "common.ingress" . }}
externalPort: 5601
internalPort: 5601
nodePort: 53
+
ingress:
enabled: false
+ service:
+ - baseaddr: "logkibana"
+ name: "log-kibana"
+ port: 5601
+ config:
+ ssl: "none"
# Resource Limit flavor -By Default using small
flavor: small
--- /dev/null
+{{ include "common.ingress" . }}
internalPort2: 9600
ingress:
enabled: false
+ service:
+ - baseaddr: "logls"
+ name: "log-ls"
+ port: 5044
+ - baseaddr: "loglshttp"
+ name: "log-ls"
+ port: 9600
+ config:
+ ssl: "none"
# Resource Limit flavor -By Default using small
flavor: small
# limitations under the License.
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
+{{- end -}}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
"protocol": "REST",
"port": "{{.Values.service.externalPort}}",
"visualRange":"1"
- }
+ },
{
"serviceName": "etsicatalog",
"version": "v1",
"protocol": "REST",
"port": "{{.Values.service.externalPort}}",
"visualRange":"1"
- }
+ },
{
"serviceName": "nsd",
"version": "v1",
"protocol": "REST",
"port": "{{.Values.service.externalPort}}",
"visualRange":"1"
- }
+ },
{
"serviceName": "vnfpkgm",
"version": "v1",
--- /dev/null
+{{ include "common.ingress" . }}
periodSeconds: 10
service:
- type: NodePort
+ type: ClusterIP
name: msb-consul
externalPort: 8500
internalPort: 8500
ingress:
enabled: false
+ service:
+ - baseaddr: "msbconsul"
+ name: "msb-consul"
+ port: 8500
+ config:
+ ssl: "none"
flavor: small
--- /dev/null
+{{ include "common.ingress" . }}
periodSeconds: 10
service:
- type: NodePort
+ type: ClusterIP
name: msb-discovery
externalPort: 10081
internalPort: 10081
ingress:
enabled: false
+ service:
+ - baseaddr: "msbdiscovery"
+ name: "msb-discovery"
+ port: 10081
+ config:
+ ssl: "none"
# Resource Limit flavor -By Default using small
flavor: small
--- /dev/null
+{{ include "common.ingress" . }}
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: http-{{ .Values.service.name }}
- port: {{ .Values.service.externalPortHttps }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePortHttps }}
name: https-{{ .Values.service.name }}
name: msb-eag
externalPort: 80
internalPort: 80
- nodePort: 82
externalPortHttps: 443
internalPortHttps: 443
nodePortHttps: 84
ingress:
enabled: false
+ service:
+ - baseaddr: "msbeag"
+ name: "msb-eag"
+ port: 443
+ config:
+ ssl: "redirect"
# Resource Limit flavor -By Default using small
flavor: small
--- /dev/null
+{{ include "common.ingress" . }}
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: http-{{ .Values.service.name }}
- port: {{ .Values.service.externalPortHttps }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePortHttps }}
name: https-{{ .Values.service.name }}
ingress:
enabled: false
+ service:
+ - baseaddr: "msbiag"
+ name: "msb-iag"
+ port: 443
+ config:
+ ssl: "redirect"
# Resource Limit flavor -By Default using small
flavor: small
class: "logging.handlers.RotatingFileHandler"
filename: "/var/log/onap/multicloud/openstack/fcaps/fcaps.log"
formatter: "mdcFormat"
- maxBytes: 1024*1024*50
+ maxBytes: 52428800
backupCount: 10
formatters:
# Application configuration defaults.
#################################################################
# application image
-repository: registry.hub.docker.com
-image: onap/multicloud-k8s:0.5.0
+repository: nexus3.onap.org:10001
+image: onap/multicloud/k8s:0.5.0
pullPolicy: Always
# flag to enable debugging - application support required
+++ /dev/null
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
+++ /dev/null
-# Copyright (c) 2019 Lenovo
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: ONAP multicloud OpenStack Lenovo Plugin
-name: multicloud-lenovo
-version: 5.0.0
+++ /dev/null
-# Copyright (c) 2019 Lenovo Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-version: 1
-disable_existing_loggers: False
-
-loggers:
- thinkcloud:
- handlers: [thinkcloud_handler]
- level: "DEBUG"
- propagate: False
- newton_base:
- handlers: [thinkcloud_handler]
- level: "DEBUG"
- propagate: False
- common:
- handlers: [thinkcloud_handler]
- level: "DEBUG"
- propagate: False
-
-handlers:
- thinkcloud_handler:
- level: "DEBUG"
- class: "logging.handlers.RotatingFileHandler"
- filename: "/var/log/onap/multicloud/openstack/lenovo/thinkcloud.log"
- formatter: "mdcFormat"
- maxBytes: 1024*1024*50
- backupCount: 10
-
-formatters:
- standard:
- format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s"
- mdcFormat:
- format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t"
- mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}"
- datefmt: "%Y-%m-%d %H:%M:%S"
- (): onaplogging.mdcformatter.MDCFormatter
+++ /dev/null
-# Copyright (c) 2019 Lenovo
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
+++ /dev/null
-{{/*
-# Copyright (c) 2019 Lenovo
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- name: {{ include "common.name" . }}
- annotations:
- sidecar.istio.io/inject: "{{.Values.istioSidecar}}"
- spec:
- containers:
- - env:
- - name: MSB_ADDR
- value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}"
- - name: MSB_PORT
- value: "{{ .Values.config.msbPort }}"
- - name: AAI_ADDR
- value: aai.{{ include "common.namespace" . }}
- - name: AAI_PORT
- value: "{{ .Values.config.aai.port }}"
- - name: AAI_SCHEMA_VERSION
- value: "{{ .Values.config.aai.schemaVersion }}"
- - name: AAI_USERNAME
- value: "{{ .Values.config.aai.username }}"
- - name: AAI_PASSWORD
- value: "{{ .Values.config.aai.password }}"
- name: {{ include "common.name" . }}
- volumeMounts:
- - mountPath: /var/log/onap
- name: lenovo-log
- - mountPath: /opt/lenovo/thinkcloud/pub/config/log.yml
- name: lenovo-logconfig
- subPath: log.yml
- resources:
-{{ include "common.resources" . | indent 12 }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{ if .Values.liveness.enabled }}
- livenessProbe:
- httpGet:
- path: /api/multicloud-thinkcloud/v1/swagger.json
- port: {{ .Values.service.internalPort }}
- scheme: HTTP
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
- successThreshold: {{ .Values.liveness.successThreshold }}
- failureThreshold: {{ .Values.liveness.failureThreshold }}
- {{ end }}
- # side car containers
- - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: filebeat-onap
- volumeMounts:
- - mountPath: /usr/share/filebeat/filebeat.yml
- name: filebeat-conf
- subPath: filebeat.yml
- - mountPath: /var/log/onap
- name: lenovo-log
- - mountPath: /usr/share/filebeat/data
- name: lenovo-data-filebeat
-
- volumes:
- - name: lenovo-log
- emptyDir: {}
- - name: lenovo-data-filebeat
- emptyDir: {}
- - name: filebeat-conf
- configMap:
- name: multicloud-filebeat-configmap
- - name: lenovo-logconfig
- configMap:
- name: {{ include "common.fullname" . }}-log-configmap
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
- restartPolicy: Always
+++ /dev/null
-# Copyright (c) 2019 Lenovo
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 304
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: onap/multicloud/openstack-lenovo:1.3.4
-pullPolicy: Always
-
-#Istio sidecar injection policy
-istioSidecar: true
-
-# application configuration
-config:
- msbgateway: msb-iag
- msbPort: 80
- aai:
- port: 8443
- schemaVersion: v13
- username: AAI
- password: AAI
-
-service:
- type: ClusterIP
- name: multicloud-thinkcloud
- portName: multicloud-thinkcloud
- externalPort: 9010
- internalPort: 9010
- nodePort: 86
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 30
- periodSeconds: 10
- timeoutSeconds: 10
- successThreshold: 1
- failureThreshold: 5
- enabled: true
-
-ingress:
- enabled: false
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 1
- memory: 4Gi
- requests:
- cpu: 10m
- memory: 1Gi
- large:
- limits:
- cpu: 2
- memory: 8Gi
- requests:
- cpu: 20m
- memory: 2Gi
- unlimited: {}
class: "logging.handlers.RotatingFileHandler"
filename: "/var/log/onap/multicloud/openstack/pike/pike.log"
formatter: "mdcFormat"
- maxBytes: 1024*1024*50
+ maxBytes: 52428800
backupCount: 10
formatters:
*/}}
{{- if .Values.global.alertmanager.enabled -}}
-
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
-
-{{- end -}}
\ No newline at end of file
+{{- end -}}
+{{- end -}}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
{{- end -}}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
*/}}
{{- if .Values.global.grafana.enabled -}}
-
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
storage: {{ .Values.persistence.size}}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
-
-{{- end -}}
\ No newline at end of file
+{{- end -}}
+{{- end -}}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
{{- end -}}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
*/}}
{{- if .Values.global.prometheus.enabled -}}
-
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
storage: {{ .Values.persistence.size}}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
-
-{{- end -}}
\ No newline at end of file
+{{- end -}}
+{{- end -}}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
{{- end -}}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
class: "logging.handlers.RotatingFileHandler"
filename: "/var/log/onap/multicloud/openstack/starlingx/starlingx.log"
formatter: "mdcFormat"
- maxBytes: 1024*1024*50
+ maxBytes: 52428800
backupCount: 10
formatters:
class: "logging.handlers.RotatingFileHandler"
filename: "/var/log/onap/multicloud/openstack/windriver/titanium_cloud.log"
formatter: "mdcFormat"
- maxBytes: 1024*1024*50
+ maxBytes: 52428800
backupCount: 10
formatters:
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
+{{- end -}}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
artifactImage: onap/multicloud/framework-artifactbroker:1.4.2
prometheus:
enabled: false
+ persistence: {}
#################################################################
# Application configuration defaults.
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-dependencies:
- - name: common
- version: ~5.x-0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
- repository: '@local'
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada , Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- spec:
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- args:
- - --lower-case-table-names=1
- - --wait_timeout=28800
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: MYSQL_DATABASE
- value: "{{ .Values.config.db.database }}"
- - name: MYSQL_USER
- value: "{{ .Values.config.db.user }}"
- - name: MYSQL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-secret
- key: db-user-password
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-secret
- key: db-root-password
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /var/lib/mysql
- name: mariadb-data
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: mariadb-data
- {{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- clusterIP: None
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: mariadb:10.3.14
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-# Example:
-config:
- db:
- user: nbi_user
- password: nbi_user
- root_password: change_me
- database: maria
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
- volumeReclaimPolicy: Retain
- accessMode: ReadWriteOnce
- size: 2Gi
- mountPath: /dockerdata-nfs
- mountSubPath: mariadb/data
-
-service:
- type: ClusterIP
- name: policydb
- portName: policydb
- internalPort: 3306
-
-ingress:
- enabled: false
-
-# Resource Limit flavor
-flavor: small
-resources:
- small:
- limits:
- cpu: 1
- memory: 500Mi
- requests:
- cpu: 10m
- memory: 200Mi
- large:
- limits:
- cpu: 1
- memory: 1Gi
- requests:
- cpu: 20m
- memory: 400Mi
- unlimited: {}
- name: mongo
version: ~5.x-0
repository: '@local'
-
+ - name: mariadb-galera
+ version: ~5.x-0
+ repository: '@local'
+ condition: global.mariadbGalera.localCluster
+ - name: mariadb-init
+ version: ~5.x-0
+ repository: '@local'
+ condition: not global.mariadbGalera.localCluster
labels:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}
spec:
containers:
- name: {{ include "common.name" . }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: SPRING_DATASOURCE_URL
- value: jdbc:mariadb://{{ .Values.mariadb.service.name }}.{{ include "common.namespace" . }}:{{.Values.mariadb.service.internalPort }}/{{ .Values.mariadb.config.db.database }}
+ value: jdbc:mariadb://{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}/{{ index .Values "mariadb-galera" "config" "mysqlDatabase" }}
- name: SPRING_DATASOURCE_USERNAME
- value: {{ .Values.mariadb.config.db.user }}
+ value: {{ index .Values "mariadb-galera" "config" "userName" }}
- name: SPRING_DATASOURCE_PASSWORD
valueFrom:
secretKeyRef:
- name: {{ template "common.fullname" . }}-secret
- key: db-user-password
+ name: {{ include "common.mariadbSecret" . }}
+ key: {{ include "common.mariadbSecretParam" . }}
- name: SPRING_DATA_MONGODB_HOST
value: {{ .Values.mongo.service.name }}.{{ include "common.namespace" . }}
- name: SPRING_DATA_MONGODB_PORT
- name: NBI_URL
value: "http://nbi.{{ include "common.namespace" . }}:8080/nbi/api/v4"
- name: SDC_HOST
- value: "http://sdc-be.{{ include "common.namespace" . }}:8080"
+ value: "https://sdc-be.{{ include "common.namespace" . }}:8443"
- name: SDC_HEADER_ECOMPINSTANCEID
value: {{ .Values.config.ecompInstanceId }}
- name: SDC_HEADER_AUTHORIZATION
value: {{ .Values.so_authorization }}
{{- end }}
- name: DMAAP_HOST
- value: "http://message-router.{{ include "common.namespace" . }}:3904"
+ value: "https://message-router.{{ include "common.namespace" . }}:3905"
- name: LOGGING_LEVEL_ORG_ONAP_NBI
value: {{ .Values.config.loglevel }}
- name: MSB_ENABLED
--- /dev/null
+---
+suite: test deployment behavior
+templates:
+ - deployment.yaml
+tests:
+ - it: "should render with default values (global)"
+ asserts:
+ - isKind:
+ of: Deployment
+ - equal:
+ path: metadata.name
+ value: RELEASE-NAME-nbi
+ - equal:
+ path: metadata.namespace
+ value: NAMESPACE
+ - matchRegex:
+ path: metadata.labels.app
+ pattern: nbi
+ - matchRegex:
+ path: spec.template.metadata.labels.app
+ pattern: nbi
+ - equal:
+ path: spec.template.metadata.name
+ value: RELEASE-NAME-nbi
+ - equal:
+ path: spec.replicas
+ value: 1
+ - isNull:
+ path: spec.template.spec.nodeSelector
+ - isNull:
+ path: spec.template.spec.affinity
+
+ - it: "should render with default value (container)"
+ asserts:
+ - equal:
+ path: spec.template.spec.containers[0].name
+ value: nbi
+ - equal:
+ path: spec.template.spec.containers[0].image
+ value: nexus3.onap.org:10001/onap/externalapi/nbi:5.0.1
+ - equal:
+ path: spec.template.spec.containers[0].imagePullPolicy
+ value: IfNotPresent
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATASOURCE_URL
+ value: jdbc:mariadb://mariadb-galera:3306/nbi
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATASOURCE_USERNAME
+ value: rene
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATASOURCE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-nbi-config
+ key: db-user-password
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATA_MONGODB_HOST
+ value: nbi-mongohost.NAMESPACE
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATA_MONGODB_PORT
+ value: "27017"
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATA_MONGODB_DATABASE
+ value: ServiceOrderDB
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: ONAP_LCPCLOUDREGIONID
+ value: RegionOne
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: ONAP_TENANTID
+ value: 31047205ce114b60833b23e400d6a535
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: ONAP_CLOUDOWNER
+ value: CloudOwner
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: NBI_URL
+ value: http://nbi.NAMESPACE:8080/nbi/api/v4
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SDC_HOST
+ value: https://sdc-be.NAMESPACE:8443
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SDC_HEADER_ECOMPINSTANCEID
+ value: OOM
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SDC_HEADER_AUTHORIZATION
+ value: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU=
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: AAI_HOST
+ value: https://aai.NAMESPACE:8443
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: AAI_HEADER_AUTHORIZATION
+ value: Basic QUFJOkFBSQ==
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SO_HOST
+ value: http://so.NAMESPACE:8080
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: DMAAP_HOST
+ value: http://message-router.NAMESPACE:3904
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: LOGGING_LEVEL_ORG_ONAP_NBI
+ value: INFO
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MSB_ENABLED
+ value: "true"
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MSB_DISCOVERY_HOST
+ value: msb-discovery.NAMESPACE
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: MSB_DISCOVERY_PORT
+ value: "10081"
+ - equal:
+ path: spec.template.spec.containers[0].livenessProbe
+ value:
+ initialDelaySeconds: 180
+ periodSeconds: 30
+ tcpSocket:
+ port: 8080
+ - equal:
+ path: spec.template.spec.containers[0].readinessProbe
+ value:
+ initialDelaySeconds: 185
+ periodSeconds: 30
+ tcpSocket:
+ port: 8080
+ - contains:
+ path: spec.template.spec.containers[0].ports
+ content:
+ containerPort: 8080
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.cpu
+ value: 1
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.memory
+ value: 2Gi
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.cpu
+ value: 100m
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.memory
+ value: 1Gi
+ - it: "should render when deciding to use local cluster (container)"
+ set:
+ global:
+ mariadbGalera:
+ localCluster: true
+ asserts:
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATASOURCE_URL
+ value: jdbc:mariadb://nbi-galera:3306/nbi
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATASOURCE_USERNAME
+ value: rene
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: SPRING_DATASOURCE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: RELEASE-NAME-nbi-nbi-galera
+ key: user-password
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:1.1.0
+ readinessImage: readiness-check:2.0.2
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ mariadbGalera: &mariadbGalera
+ #This flag allows SO to instantiate its own mariadb-galera cluster
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
subChartsOnly:
enabled: true
# application image
repository: nexus3.onap.org:10001
image: onap/externalapi/nbi:5.0.1
-pullPolicy: Always
+pullPolicy: IfNotPresent
sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU=
aai_authorization: Basic QUFJOkFBSQ==
so_authorization:
openStackRegion: RegionOne
openStackVNFTenantId: 31047205ce114b60833b23e400d6a535
-mariadb:
- nameOverride: nbi-mariadb
+mariadb-galera:
+ # '&mariadbConfig' means we "store" the values for later use in the file
+ # with '*mariadbConfig' pointer.
+ config: &mariadbConfig
+ userName: rene
+ userPassword: lkjgklqsdareyhjujlnnbvfvdttuiukgpiokqbfsjdhfigquosegombvjfqhb
+ mariadbRootPassword: dhqjdshjdsguryebvcnbvcvdsqghyjqgktgjjfhjfghbfs
+ mysqlDatabase: nbi
+ nameOverride: nbi-galera
service:
- name: nbi-mariadbhost
+ name: nbi-galera
+ portName: nbi-galera
internalPort: 3306
- config:
- db:
- database: nbi
- user: rene
- password: lkjgklqsdareyhjujlnnbvfvdttuiukgpiokqbfsjdhfigquosegombvjfqhb
- root_password: dhqjdshjdsguryebvcnbvcvdsqghyjqgktgjjfhjfghbfs
+ replicaCount: 1
persistence:
- mountSubPath: nbi/maria/data
enabled: true
- disableNfsProvisioner: true
+ mountSubPath: nbi/maria/data
+
+mariadb-init:
+ config: *mariadbConfig
+ nameOverride: nbi-config
mongo:
nameOverride: nbi-mongo
repository: '@local'
condition: contrib.enabled
- name: dcaegen2
- version: ~5.x-0
+ version: ~6.x-0
repository: '@local'
condition: dcaegen2.enabled
- name: dmaap
version: ~5.x-0
repository: '@local'
condition: nbi.enabled
- - name: nfs-provisioner
- version: ~5.x-0
- repository: '@local'
- condition: nfs-provisioner.enabled
- name: pnda
version: ~5.x-0
repository: '@local'
# limitations under the License.
-# This override file is used to deploy a minmal configuration to
-# to onboard and deploy a VNF.
+# This override file is used to deploy a minimal configuration to
+# onboard and deploy a VNF.
# It includes the following components:
-# A&AI, DMAAP, Portal, Robot, SDC, SDNC, SO, VID
+# A&AI, Cassandra, DMAAP, Portal, Robot, SDC, SDNC, SO, VID
#
# Minimal resources are also reviewed for the various containers
# A&AI: no override => to be fixed
appc:
enabled: false
cassandra:
- enabled: false
+ enabled: true
replicaCount: 1
clamp:
enabled: false
readiness:
initialDelaySeconds: 60
sdc:
+ sdc-fe:
+ liveness:
+ initialDelaySeconds: 120
+ periodSeconds: 60
+ timeoutSeconds: 15
+ readiness:
+ initialDelaySeconds: 120
+ periodSeconds: 60
+ timeoutSeconds: 15
sdc-be:
liveness:
initialDelaySeconds: 120
+ periodSeconds: 60
+ timeoutSeconds: 15
readiness:
initialDelaySeconds: 120
+ periodSeconds: 60
+ timeoutSeconds: 15
sdc-cs:
liveness:
initialDelaySeconds: 120
initialDelaySeconds: 120
sdc-es:
liveness:
- initialDelaySeconds: 60
+ initialDelaySeconds: 120
readiness:
initialDelaySeconds: 120
sdc-onboarding-be:
liveness:
initialDelaySeconds: 120
+ periodSeconds: 60
+ timeoutSeconds: 15
readiness:
initialDelaySeconds: 120
+ periodSeconds: 60
+ timeoutSeconds: 15
sdnc:
liveness:
initialDelaySeconds: 60
readiness:
periodSeconds: 60
sdc:
+ sdc-fe:
+ liveness:
+ initialDelaySeconds: 120
+ periodSeconds: 60
+ timeoutSeconds: 15
+ readiness:
+ initialDelaySeconds: 120
+ periodSeconds: 60
+ timeoutSeconds: 15
sdc-be:
liveness:
initialDelaySeconds: 120
+ periodSeconds: 60
+ timeoutSeconds: 15
readiness:
initialDelaySeconds: 120
+ periodSeconds: 60
+ timeoutSeconds: 15
sdc-cs:
liveness:
initialDelaySeconds: 120
sdc-onboarding-be:
liveness:
initialDelaySeconds: 120
+ periodSeconds: 60
+ timeoutSeconds: 15
readiness:
initialDelaySeconds: 120
+ periodSeconds: 60
+ timeoutSeconds: 15
sdnc:
liveness:
initialDelaySeconds: 60
enabled: true
so:
enabled: true
+ ingress:
+ enabled: true
so-monitoring:
+ ingress:
+ enabled: true
+ so-vnfm-adapter:
+ ingress:
enabled: true
- ingress:
- enabled: true
- service:
- - path: "/so-monitoring"
- name: "so-monitoring"
- port: 9091
- annotations:
- nginx.ingress.kubernetes.io/ssl-redirect: "false"
uui:
enabled: true
vfc:
vid:
enabled: true
ingress:
- enabled: true
- service:
- - path: "/vid"
- name: "vid-http"
- port: 8080
- annotations:
- nginx.ingress.kubernetes.io/ssl-redirect: "false"
+ enabled: true
vnfsdk:
enabled: true
-nginx-ingress:
- enabled: true
+#ingress virtualhost based configuration
+global:
+ ingress:
+ enabled: true
sdnc:
enabled: true
so:
- enabled: true
\ No newline at end of file
+ enabled: true
+vid:
+ enabled: true
# flag to enable debugging - application support required
debugEnabled: false
+ #Global ingress configuration
+ ingress:
+ enabled: false
+ virtualhost:
+ enabled: true
+ baseurl: "simpledemo.onap.org"
#################################################################
# Enable/disable and configure helm charts (ie. applications)
# to customize the ONAP deployment.
# openstack configuration
openStackRegion: "Yolo"
openStackVNFTenantId: "1234"
-nfs-provisioner:
- enabled: false
policy:
enabled: false
pomba:
vnfsdk:
enabled: false
modeling:
- enabled: false
+ enabled: false
\ No newline at end of file
mechid.user=oof@oof.onap.org
mechid.pass=enc:vfxQdJ1mgdcI7S6SPrzNaw==
+aaf.urls=https://aaf-locate:8095
+aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties
+aaf.enabled=true
+aaf.namespace=org.onap.oof
+
cadi_loglevel=DEBUG
cadi_prop_files=/share/etc/certs/org.onap.oof.props
aaf.user.roles=/share/etc/certs/AAFUserRoles.properties
\ No newline at end of file
# application image
repository: nexus3.onap.org:10001
-image: onap/optf-cmso-optimizer:2.0.0
+image: onap/optf-cmso-optimizer:2.1.1
pullPolicy: Always
#init container image
dbinit:
- image: onap/optf-cmso-dbinit:2.0.0
+ image: onap/optf-cmso-dbinit:2.1.1
# flag to enable debugging - application support required
debugEnabled: false
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 120
periodSeconds: 10
cmso.dispatch.url=http://localhost:8089
+aaf.urls=https://aaf-locate:8095
+aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties
+aaf.enabled=true
+aaf.namespace=org.onap.oof
+
cadi_loglevel=DEBUG
cadi_prop_files=/share/etc/certs/org.onap.oof.props
aaf.user.roles=/share/etc/certs/AAFUserRoles.properties
+++ /dev/null
- # -------------------------------------------------------------------------
- # Copyright (c) 2019 AT&T Intellectual Property
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- #
- # -------------------------------------------------------------------------
- #
-
-from flask import Flask
-from flask import request
-from flask import Response
-from flask import json
-from flask import send_from_directory
-import requests
-from threading import Thread
-import time
-
-import os
-import fnmatch
-import re
-import time
-import datetime
-
-app = Flask(__name__)
-ROOT_MOCK_DIR = os.path.dirname(os.path.abspath(__file__))
-DATA_DIR = os.path.join(ROOT_MOCK_DIR, "data")
-global requestNum
-requestNum = 1
-
-########################################################################
-########################################################################
-@app.route('/onap/so/infra/orchestrationRequests/v7/schedule/<VNFNAME>', methods=['GET', 'POST'])
-def soSchedule(VNFNAME):
- if request.method == 'POST':
- testid = request.headers.environ["HTTP_X_TRANSACTIONID"]
- response = {
- "status" : "202",
- "entity" : {
- "requestReferences" : {
- "requestId" : "000001"
- }
- }
- }
- resp = Response(json.dumps(response), 200, mimetype='application/json')
- return resp
-
-
- else :
- return "Helloooooo!!!!"
-
-########################################################################
-########################################################################
-@app.route('/onap/so/infra/orchestrationRequests/v7/<REQUESTID>', methods=['GET'])
-def soStatus(REQUESTID):
- response = {"request" : { "requestStatus" : {
- "requestState" : "COMPLETE",
- "statusMessage" : "Done.",
- "percentProgress" : 100,
- "finishTime" : ""
- }}}
- now = datetime.datetime.utcnow()
- #response["finishTime"] = now.strftime("%Y-%m-%dT%H:%M:%SZ")
- response["request"]["requestStatus"]["finishTime"] = now.strftime("%a, %d %b %Y %H:%M:%S GMT")
- resp = Response(json.dumps(response), 200, mimetype='application/json')
-
- return resp
-
-########################################################################
-########################################################################
-if __name__ == "__main__":
- app.run(host= '0.0.0.0',port=5000)
- #app.run()
-
+++ /dev/null
-#!/bin/sh
-pip install flask
-pip install requests
-python /share/etc/config/mock.py
resources:
{{ include "common.resources" . }}
- name: mso-simulator
- image: "{{ .Values.global.pythonRepository }}/{{ .Values.global.pythonImage }}"
+ image: "{{ include "common.repository" . }}/{{ .Values.robotimage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- name: {{ include "common.fullname" . }}-config
mountPath: /share/etc/config
- command:
- - /bin/sh
- args:
- - -x
- - /share/etc/config/msosimulator.sh
ports:
- containerPort: 5000
resources:
path: ticketmgt.properties
- key: liquibase.properties
path: liquibase.properties
- - key: mock.py
- path: mock.py
- - key: msosimulator.sh
- path: msosimulator.sh
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
- name: {{ include "common.fullname" . }}-filebeat
nodePortPrefix: 302
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
- pythonRepository: library
- pythonImage: python:3.6-alpine
subChartsOnly:
enabled: true
# application image
repository: nexus3.onap.org:10001
-image: onap/optf-cmso-service:2.0.0
+image: onap/optf-cmso-service:2.1.1
+robotimage: onap/optf-cmso-robot:2.1.1
pullPolicy: Always
#init container image
dbinit:
- image: onap/optf-cmso-dbinit:2.0.0
+ image: onap/optf-cmso-dbinit:2.1.1
# flag to enable debugging - application support required
debugEnabled: false
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 120
periodSeconds: 10
#-------------------------------------------------------------------------------
cadi_loglevel=DEBUG
cadi_prop_files=/share/etc/certs/org.onap.oof.props
-aaf.user.roles=/share/etc/certs/AAFUserRoles.properties
\ No newline at end of file
+aaf.user.roles=/share/etc/certs/AAFUserRoles.properties
+
+aaf.urls=https://aaf-locate:8095
+aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties
+aaf.enabled=true
+aaf.namespace=org.onap.oof
\ No newline at end of file
# application image
repository: nexus3.onap.org:10001
-image: onap/optf-cmso-ticketmgt:2.0.0
+image: onap/optf-cmso-ticketmgt:2.1.1
pullPolicy: Always
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 120
periodSeconds: 10
#-------------------------------------------------------------------------------
cadi_loglevel=DEBUG
cadi_prop_files=/share/etc/certs/org.onap.oof.props
-aaf.user.roles=/share/etc/certs/AAFUserRoles.properties
\ No newline at end of file
+aaf.user.roles=/share/etc/certs/AAFUserRoles.properties
+
+aaf.urls=https://aaf-locate:8095
+aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties
+aaf.enabled=true
+aaf.namespace=org.onap.oof
\ No newline at end of file
# application image
repository: nexus3.onap.org:10001
-image: onap/optf-cmso-topology:2.0.0
+image: onap/optf-cmso-topology:2.1.1
pullPolicy: Always
enabled: true
readiness:
- initialDelaySeconds: 10
+ initialDelaySeconds: 120
periodSeconds: 10
--- /dev/null
+{{ include "common.ingress" . }}
readinessImage: readiness-check:2.0.0
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ persistence: {}
#################################################################
# Application configuration defaults.
#################################################################
nodePort: 48
ingress:
enabled: false
+ service:
+ - baseaddr: "oofosdf"
+ name: "oof-osdf"
+ port: 8698
+ config:
+ ssl: "none"
\ No newline at end of file
configMap:
name: {{ include "common.fullname" . }}-secrets
- name: {{ include "common.fullname" . }}-logs
- persitentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-logs
- volumeClaimTemplates:
- - metadata:
- name: {{ include "common.fullname" . }}-logs
- labels:
- name: {{ include "common.fullname" . }}
- spec:
- accessModes: [ {{ .Values.persistence.accessMode }} ]
- storageClassName: manual
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
+ {{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}-logs
+ name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}0
-
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
{{/*
-# Copyright 2018 Intel Corporation, Inc
+# Copyright © 2019 Amdocs, Bell Canada, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
kind: PersistentVolumeClaim
apiVersion: v1
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
{{- end -}}
BRMS_UEB_API_SECRET=
#Dependency.json file version
-BRMS_DEPENDENCY_VERSION=1.4.2
-BRMS_MODELS_DEPENDENCY_VERSION=2.0.2
+BRMS_DEPENDENCY_VERSION=1.5.3
+BRMS_MODELS_DEPENDENCY_VERSION=2.1.4
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
#################################################################
# Application configuration defaults.
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
+{{- end -}}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
{{- end -}}
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
ubuntuInitRepository: oomk8s
ubuntuInitImage: ubuntu-init:1.0.0
persistence: {}
JVM_OPTIONS={{.Values.server.jvmOpts}}
-# SYSTEM software configuration
+# SYSTEM software configuration
POLICY_HOME=/opt/app/policy
POLICY_LOGS=/var/log/onap/policy/pdpd
RELEASE_REPOSITORY_ID=policy-nexus-releases
RELEASE_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.nexus.port}}/nexus/content/repositories/releases/
-# Relational (SQL) DB access
+# Relational (SQL) DB access
-SQL_HOST={{.Values.global.mariadb.nameOverride}}
+SQL_HOST={{ .Values.global.mariadb.service.name }}
# AAF
POLICY_PDP_PAP_TOPIC=POLICY-PDP-PAP
+# Symmetric Key for encoded sensitive data
+
+SYMM_KEY=
+
# PAP
PAP_HOST=policy-pap
# SDNC
SDNC_URL=http://sdnc.{{.Release.Namespace}}:8282/restconf/operations
+
+# CDS
+
+CDS_GRPC_HOST={{.Values.cds.grpc.svcName}}
+CDS_GRPC_PORT={{.Values.cds.grpc.svcPort}}
HEALTHCHECK_USER={{.Values.telemetry.user}}
HEALTHCHECK_PASSWORD={{.Values.telemetry.password}}
+
+CDS_GRPC_USERNAME={{.Values.cds.grpc.user}}
+CDS_GRPC_PASSWORD={{.Values.cds.grpc.password}}
metadata:
name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
+{{- with .Files.Glob "resources/configmaps/*{.zip,store}" }}
+binaryData:
+{{- range $path, $bytes := . }}
+ {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }}
+{{- end }}
+{{- end }}
data:
-{{ tpl (.Files.Glob "resources/configmaps/*").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/configmaps/*.{conf,sh,properties,xml,keyfile}").AsConfig . | indent 2 }}
- /root/ready.py
args:
- --container-name
- - {{ .Values.global.mariadb.nameOverride }}
+ - {{ .Release.Name }}-galera-config
- --container-name
- {{ .Values.global.nexus.nameOverride }}
env:
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
ubuntuImage: ubuntu:16.04
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-pdpd-cl:1.5.2
+image: onap/policy-pdpd-cl:1.5.3
pullPolicy: Always
# flag to enable debugging - application support required
key:
password:
+cds:
+ grpc:
+ user: ccsdkapps
+ password: ccsdkapps
+ svcName: cds-blueprints-processor-grpc
+ svcPort: 9111
+
# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: ONAP Policy MariaDB Service
-name: mariadb
-version: 5.0.0
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-dependencies:
- - name: common
- version: ~5.x-0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
- repository: '@local'
+++ /dev/null
-# Copyright 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-configmap
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/db.sh").AsConfig . | indent 2 }}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- spec:
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- args:
- - --lower-case-table-names=1
- - --wait_timeout=28800
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-secret
- key: db-root-password
- - name: MYSQL_USER
- value: policy_user
- - name: MYSQL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-secret
- key: db-user-password
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /docker-entrypoint-initdb.d
- name: mariadb-conf
- - mountPath: /var/lib/mysql
- name: mariadb-data
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: mariadb-conf
- configMap:
- name: {{ include "common.fullname" . }}-configmap
- defaultMode: 0755
- - name: mariadb-data
- {{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018-2019 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018-2019 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: mariadb:10.2.25
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-# Example:
-config:
- mysqlRootPassword: secret
- mysqlUserName: policy_user
- mysqlPassword: policy_user
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 120
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 120
- periodSeconds: 10
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
- volumeReclaimPolicy: Retain
- accessMode: ReadWriteOnce
- size: 2Gi
- mountPath: /dockerdata-nfs
- mountSubPath: mariadb/data
-
-service:
- type: ClusterIP
- name: policydb
- portName: policydb
- externalPort: 3306
- internalPort: 3306
-
-ingress:
- enabled: false
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 1
- memory: 2Gi
- requests:
- cpu: 10m
- memory: 0.5Gi
- large:
- limits:
- cpu: 2
- memory: 4Gi
- requests:
- cpu: 20m
- memory: 1Gi
- unlimited: {}
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
# ============LICENSE_START=======================================================
# Copyright (C) 2018 Ericsson. All rights reserved.
+# Modifications Copyright (C) 2020 Nordix Foundation.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
metadata:
name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
+{{- with .Files.Glob "resources/config/*store" }}
+binaryData:
+{{- range $path, $bytes := . }}
+ {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }}
+{{- end }}
+{{- end }}
data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/*.{json,xml}").AsConfig . | indent 2 }}
"name": "PolicyProviderParameterGroup",
"implementation": "org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl",
"databaseDriver": "org.mariadb.jdbc.Driver",
- "databaseUrl": "jdbc:mariadb://{{.Values.global.mariadb.nameOverride}}:3306/policyadmin",
- "databaseUser": "policy_user",
- "databasePassword": "cG9saWN5X3VzZXI=",
+ "databaseUrl": "jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/policyadmin",
+ "databaseUser": "{{ .Values.global.mariadb.config.userName }}",
+ "databasePassword": "{{ .Values.global.mariadb.config.userPassword | b64enc }}",
"persistenceUnit": "PolicyMariaDb"
}
}
# ============LICENSE_START=======================================================
# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright (C) 2020 Nordix Foundation.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
metadata:
name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
+{{- with .Files.Glob "resources/config/*store" }}
+binaryData:
+{{- range $path, $bytes := . }}
+ {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }}
+{{- end }}
+{{- end }}
data:
-{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/*.{json,xml}").AsConfig . | indent 2 }}
- /root/ready.py
args:
- --container-name
- - {{ .Values.global.mariadb.nameOverride }}
+ - {{ .Release.Name }}-galera-config
env:
- name: NAMESPACE
valueFrom:
TRUSTSTORE_PASSWD=Pol1cy_0nap
JDBC_DRIVER=org.mariadb.jdbc.Driver
-JDBC_URL=jdbc:mariadb://{{ .Values.global.mariadb.nameOverride }}:{{.Values.config.mariadbPort}}/onap_sdk?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30
-JDBC_LOG_URL=jdbc:mariadb://{{ .Values.global.mariadb.nameOverride }}:{{.Values.config.mariadbPort}}/log?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30
-JDBC_USER=policy_user
-JDBC_PASSWORD=policy_user
+JDBC_URL=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/onap_sdk?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30
+JDBC_LOG_URL=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/log?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30
+JDBC_USER={{ .Values.global.mariadb.config.userName }}
+JDBC_PASSWORD={{ .Values.global.mariadb.config.userPassword }}
site_name=site_1
fp_monitor_interval=30
echo "Found existing installation, will not reinstall"
. /opt/app/policy/etc/profile.d/env.sh
-else
+else
if [[ -d config ]]; then
cp config/*.conf .
fi
# (which does nothing if the db is already up-to-date)
dbuser=$(echo $(grep '^JDBC_USER=' base.conf | cut -f2 -d=))
dbpw=$(echo $(grep '^JDBC_PASSWORD=' base.conf | cut -f2 -d=))
- db_upgrade_remote.sh $dbuser $dbpw {{.Values.global.mariadb.nameOverride}}
+ db_upgrade_remote.sh $dbuser $dbpw {{.Values.global.mariadb.service.name}}
fi
fi
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
config:
logstashServiceName: log-ls
logstashPort: 5044
- mariadbPort: 3306
# default number of instances
replicaCount: 1
# ============LICENSE_START=======================================================
# Copyright (C) 2018 Ericsson. All rights reserved.
+# Modifications Copyright (C) 2020 Nordix Foundation.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
metadata:
name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
+{{- with .Files.Glob "resources/config/*store" }}
+binaryData:
+{{- range $path, $bytes := . }}
+ {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }}
+{{- end }}
+{{- end }}
data:
-{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }}
-
+{{ tpl (.Files.Glob "resources/config/*.{json,xml}").AsConfig . | indent 2 }}
"name": "PolicyProviderParameterGroup",
"implementation": "org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl",
"databaseDriver": "org.mariadb.jdbc.Driver",
- "databaseUrl": "jdbc:mariadb://{{.Values.global.mariadb.nameOverride}}:3306/policyadmin",
- "databaseUser": "policy_user",
- "databasePassword": "cG9saWN5X3VzZXI=",
+ "databaseUrl": "jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/{{ .Values.global.mariadb.config.mysqlDatabase }}",
+ "databaseUser": "{{ .Values.global.mariadb.config.userName }}",
+ "databasePassword": "{{ .Values.global.mariadb.config.userPassword | b64enc }}",
"persistenceUnit": "PolicyMariaDb"
},
"topicParameterGroup": {
"topic" : "POLICY-PDP-PAP",
"servers" : [ "message-router" ],
"topicCommInfrastructure" : "dmaap"
+ },
+ {
+ "topic" : "POLICY-NOTIFICATION",
+ "servers" : [ "message-router" ],
+ "topicCommInfrastructure" : "dmaap"
}]
}
}
# ============LICENSE_START=======================================================
-# Copyright (C) 2019 Nordix Foundation.
+# Copyright (C) 2019-2020 Nordix Foundation. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
metadata:
name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
+{{- with .Files.Glob "resources/config/*store" }}
+binaryData:
+{{- range $path, $bytes := . }}
+ {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }}
+{{- end }}
+{{- end }}
data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
-
+{{ tpl (.Files.Glob "resources/config/*.{json,xml}").AsConfig . | indent 2 }}
- /root/ready.py
args:
- --container-name
- - {{ .Values.global.mariadb.nameOverride }}
+ - {{ .Values.global.mariadb.service.name }}
env:
- name: NAMESPACE
valueFrom:
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=========================================================
{
- "name": "XacmlPdpGroup",
+ "name": "XacmlPdpParameters",
+ "pdpGroup": "defaultGroup",
"restServerParameters": {
"host": "0.0.0.0",
"port": 6969,
# JPA Properties
#
javax.persistence.jdbc.driver=org.mariadb.jdbc.Driver
-javax.persistence.jdbc.url=jdbc:mariadb://{{ .Values.global.mariadb.nameOverride }}:3306/operationshistory
-javax.persistence.jdbc.user=policy_user
-javax.persistence.jdbc.password=cG9saWN5X3VzZXI=
+javax.persistence.jdbc.url=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/operationshistory
+javax.persistence.jdbc.user={{ .Values.global.mariadb.config.userName }}
+javax.persistence.jdbc.password={{ .Values.global.mariadb.config.userPassword | b64enc }}
# ============LICENSE_START=======================================================
# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright (C) 2020 Nordix Foundation.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
metadata:
name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
+{{- with .Files.Glob "resources/config/*store" }}
+binaryData:
+{{- range $path, $bytes := . }}
+ {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }}
+{{- end }}
+{{- end }}
data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/*.{json,properties,xml}").AsConfig . | indent 2 }}
- /root/ready.py
args:
- --container-name
- - {{ .Values.global.mariadb.nameOverride }}
+ - {{ .Release.Name }}-galera-config
env:
- name: NAMESPACE
valueFrom:
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: mariadb-galera
+ version: ~5.x-0
+ repository: '@local'
# limitations under the License.
#!/bin/bash -xv
-
+mysql() { /usr/bin/mysql -h ${MYSQL_HOST} -P ${MYSQL_USER} "$@"; };
for db in support onap_sdk log migration operationshistory10 pooling policyadmin operationshistory
do
mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};"
namespace: {{ include "common.namespace" . }}
data:
{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }}
-
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-db-configmap
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/db.sh").AsConfig . | indent 2 }}
- /root/ready.py
args:
- --container-name
- - {{ .Values.global.mariadb.nameOverride }}
+ - {{ .Release.Name }}-galera-config
env:
- name: NAMESPACE
valueFrom:
--- /dev/null
+# Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ .Release.Name }}-galera-config
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-job
+ release: {{ .Release.Name }}
+spec:
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}-job
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+#This container checks that all galera instances are up before initializing it.
+ - name: {{ include "common.name" . }}-readiness
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ - --container-name
+ - {{ index .Values "mariadb-galera" "service" "name" }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - name: {{ .Release.Name }}-galera-config
+ image: {{ .Values.mariadb_image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /dbcmd-config/db.sh
+ name: {{ include "common.fullname" . }}-config
+ subPath: db.sh
+ command:
+ - /bin/sh
+ args:
+ - -x
+ - /dbcmd-config/db.sh
+ env:
+ - name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-secret
+ key: db-root-password
+ - name: MYSQL_HOST
+ value: "{{ index .Values "mariadb-galera" "service" "name" }}"
+ - name: MYSQL_USER
+ value: "{{ index .Values "mariadb-galera" "config" "userName" }}"
+ - name: MYSQL_PORT
+ value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}"
+ restartPolicy: Never
+ volumes:
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}-db-configmap
+ items:
+ - key: db.sh
+ path: db.sh
# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Modifications Copyright © 2018 AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
heritage: {{ .Release.Service }}
type: Opaque
data:
- db-root-password: {{ .Values.config.mysqlRootPassword | b64enc | quote }}
- db-user-password: {{ .Values.config.mysqlPassword | b64enc | quote }}
-
+ db-user-password: {{ index .Values "mariadb-galera" "config" "userPassword" | b64enc | quote }}
+ db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }}
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+ readinessImage: readiness-check:2.0.2
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
ubuntuImage: ubuntu:16.04
- mariadb:
- nameOverride: policydb
pdp:
nameOverride: pdp
pap:
- nameOverride: pap
+ nameOverride: policy
drools:
nameOverride: drools
brmwgw:
nameOverride: brmsgw
nexus:
nameOverride: nexus
+ mariadb:
+ # '&mariadbConfig' means we "store" the values for later use in the file
+ # with '*mariadbConfig' pointer.
+ config: &mariadbConfig
+ userName: policy_user
+ userPassword: policy_user
+ mariadbRootPassword: secret
+ mysqlDatabase: policyadmin
+ service: &mariadbService
+ name: policy-mariadb
+ portName: mysql-policy
+ internalPort: 3306
#################################################################
# Application configuration defaults.
# application image
repository: nexus3.onap.org:10001
image: onap/policy-pe:1.5.2
+mariadb_image: library/mariadb:10
pullPolicy: Always
subChartsOnly:
enabled: true
-nameOverride: pap
-
+pap:
+ nameOverride: pap
pdp:
nameOverride: pdp
-mariadb:
- nameOverride: policydb
drools:
nameOverride: drools
brmwgw:
ingress:
enabled: false
+mariadb-galera:
+ # mariadb-galera.config and global.mariadb.config must be equals
+ config: *mariadbConfig
+ nameOverride: policy-mariadb
+ # mariadb-galera.service and global.mariadb.service must be equals
+ service: *mariadbService
+ replicaCount: 1
+ persistence:
+ enabled: true
+ mountSubPath: policy/maria/data
+ externalConfig: |-
+ [mysqld]
+ lower_case_table_names = 1
+
# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
--- /dev/null
+{{ include "common.ingress" . }}
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
storage: {{ .Values.persistence.size}}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
+{{- end -}}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
{{- if .Values.persistence.annotations }}
annotations:
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
{{- end -}}
persistence: {}
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
-
+
# application image
repository: nexus3.onap.org:10001
image: onap/data-router:1.3.3
ingress:
enabled: false
+ service:
+ - baseaddr: "pombadatarouter"
+ name: "pomba-data-router"
+ port: 9502
+ config:
+ ssl: "none"
persistence:
enabled: true
## GKE, AWS & OpenStack)
##
## storageClass: "-"
- accessMode: ReadWriteMany
+ accessMode: ReadWriteOnce
size: 2Gi
mountPath: /dockerdata-nfs
mountSubPath: pomba/data-router/logs
- key: elasticsearch.yml
path: elasticsearch.yml
- name: {{ include "common.fullname" . }}-data
+ {{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ include "common.fullname" . }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
- name: {{ include "common.fullname" . }}-logs
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPathLogs }}
+ {{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}-logs
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2019 Amdocs, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
+{{- end -}}
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 Orange
+# Copyright © 2019 Amdocs, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-logs
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-logs
spec:
capacity:
- storage: {{ .Values.persistence.size }}
+ storage: {{ .Values.persistence.size}}
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-logs"
hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPathLogs }}
+{{- end -}}
{{- end -}}
+++ /dev/null
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2019 Amdocs, Bell Canada, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
{{- if .Values.persistence.annotations }}
annotations:
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
{{- end -}}
--- /dev/null
+{{/*
+# Copyright © 2019 Amdocs, Bell Canada, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-logs
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}-logs
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+{{- if eq "True" (include "common.needPV" .) }}
+ storageClassName: "{{ include "common.fullname" . }}-logs"
+{{- else }}
+ storageClassName: {{ include "common.storageClass" . }}
+{{- end }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size }}
+{{- end -}}
+++ /dev/null
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- end -}}
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
- accessMode: ReadWriteMany
+ accessMode: ReadWriteOnce
size: 1Gi
mountPath: /dockerdata-nfs
mountSubPath: pomba/elasticsearch/data
--- /dev/null
+{{ include "common.ingress" . }}
externalPort: 5601
internalPort: 5601
nodePort: 34
+
ingress:
enabled: false
+ service:
+ - baseaddr: "pombakibana"
+ name: "pomba-kibana"
+ port: 5601
+ config:
+ ssl: "none"
# Resource Limit flavor -By Default using small
flavor: small
--- /dev/null
+{{ include "common.ingress" . }}
ingress:
enabled: false
-
+ service:
+ - baseaddr: "pombanetworkdiscovery"
+ name: "pomba-networkdiscovery"
+ port: 8443
+ config:
+ ssl: "redirect"
+
# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
#trustStorePassword intentionally left blank
trustStorePassword.x=
keyStorePath=/auth/client-cert-onap.p12
-keyStorePassword.x=dfcfd1003bdde18de8efea3c8661510e
+keyStorePassword.x=OBF:
keyManagerFactoryAlgorithm=SunX509
keyStoreType=PKCS12
securityProtocol=TLS
poa-audit-result.host=message-router:3904
poa-audit-result.publisher.partition=1
poa-audit-result.username=
-poa-audit-result.password=
+poa-audit-result.password=OBF:
poa-audit-result.transport.type=HTTPAUTH
poa-rule-validation.name=POA-RULE-VALIDATION
poa-rule-validation.host=message-router:3904
poa-rule-validation.username=
-poa-rule-validation.password=
+poa-rule-validation.password=OBF:
poa-rule-validation.consumer.group=poa-validator-test
poa-rule-validation.consumer.id=test
poa-rule-validation.transport.type=HTTPAUTH
--- /dev/null
+{{ include "common.ingress" . }}
ingress:
enabled: false
+ service:
+ - baseaddr: portalapp
+ name: "portal-app"
+ port: 8443
+ config:
+ ssl: "redirect"
# Resource Limit flavor -By Default using small
flavor: small
resources:
small:
limits:
- cpu: 2
- memory: 10Gi
+ cpu: 2.2
+ memory: 800Mi
requests:
- cpu: 1
- memory: 6Gi
+ cpu: 30m
+ memory: 460Mi
large:
limits:
cpu: 4
- name: CASSPASS
value: "{{ .Values.config.cassandraPassword }}"
- name: JVM_OPTS
- value: "{{ .Values.config.cassandraJvmOpts }}"
+ value: "{{ .Values.config.cassandraJvmOpts }}"
- name: POD_IP
valueFrom:
fieldRef:
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
+{{- end -}}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
{{- end -}}
resources:
small:
limits:
- cpu: 2
- memory: 8Gi
+ cpu: 500m
+ memory: 3.75Gi
requests:
- cpu: 1
- memory: 4Gi
+ cpu: 160m
+ memory: 2.8Gi
large:
limits:
cpu: 4
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
+{{- end -}}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
{{- end -}}
resources:
small:
limits:
- cpu: 800m
- memory: 1Gi
+ cpu: 460m
+ memory: 175Mi
requests:
- cpu: 400m
- memory: 500Mi
+ cpu: 10m
+ memory: 100Mi
large:
limits:
cpu: 2
--- /dev/null
+{{ include "common.ingress" . }}
ingress:
enabled: false
+ service:
+ - baseaddr: portalsdk
+ name: "portal-sdk"
+ port: 8080
+ config:
+ ssl: "none"
# Resource Limit flavor -By Default using small
flavor: small
resources:
small:
limits:
- cpu: 4
- memory: 10Gi
+ cpu: 600m
+ memory: 1.6Gi
requests:
- cpu: 2
- memory: 5Gi
+ cpu: 10m
+ memory: 1.3Gi
large:
limits:
cpu: 8
small:
limits:
cpu: 1
- memory: 4Gi
+ memory: 430Mi
requests:
- cpu: 500m
- memory: 2Gi
+ cpu: 1m
+ memory: 360Mi
large:
limits:
cpu: 2
resources:
small:
limits:
- cpu: 500m
- memory: 600Mi
+ cpu: 100m
+ memory: 200Mi
requests:
- cpu: 250m
- memory: 300Mi
+ cpu: 1m
+ memory: 80Mi
large:
limits:
cpu: 1
messageRouter:
service:
name: message-router
+
+ingress:
+ enabled: false
\ No newline at end of file
--- /dev/null
+# Eclipse
+.classpath
+.factorypath
+.project
+.pydevproject
+.settings/
+
+# IntelliJ
+.idea/*
+*.iml
+
+# Mac OS
+*DS_Store*
+
+/target
\ No newline at end of file
--- /dev/null
+<!--
+
+ ============LICENSE_START=======================================================
+ org.onap.aai
+ ================================================================================
+ Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+
+-->
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.onap.oparent</groupId>
+ <artifactId>oparent</artifactId>
+ <version>2.0.0</version>
+ </parent>
+
+ <groupId>org.onap.oom.readiness.check</groupId>
+ <artifactId>readiness-check-docker</artifactId>
+ <version>2.2.1-SNAPSHOT</version>
+ <packaging>pom</packaging>
+ <name>oom-readiness-check-image</name>
+ <description>Contains dockerfiles and scrtipts for readiness-ckeck image.</description>
+
+ <properties>
+ <docker.fabric.version>0.31.0</docker.fabric.version>
+ <oom.docker.namespace>onap</oom.docker.namespace>
+ </properties>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>io.fabric8</groupId>
+ <artifactId>docker-maven-plugin</artifactId>
+ <version>${docker.fabric.version}</version>
+ <configuration>
+ <verbose>true</verbose>
+ <apiVersion>1.23</apiVersion>
+ <images>
+ <image>
+ <name>${docker.push.registry}/${oom.docker.namespace}/readiness-check:%l</name>
+ <build>
+ <filter>@</filter>
+ <assembly>
+ <mode>dir</mode>
+ <inline xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2" xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2 http://maven.apache.org/xsd/assembly-1.1.2.xsd">
+ <fileSets>
+ <fileSet>
+ <directory>${project.basedir}/src/main/scripts</directory>
+ <outputDirectory>/</outputDirectory>
+ <includes>
+ <include>**/*</include>
+ </includes>
+ </fileSet>
+ </fileSets>
+ </inline>
+ </assembly>
+ <tags>
+ <tag>latest</tag>
+ <tag>latest-${project.version}</tag>
+ </tags>
+ <cleanup>try</cleanup>
+ <dockerFileDir>${project.basedir}/src/main/docker</dockerFileDir>
+ </build>
+ </image>
+ </images>
+ </configuration>
+ <executions>
+ <execution>
+ <id>clean-images</id>
+ <phase>pre-clean</phase>
+ <goals>
+ <goal>remove</goal>
+ </goals>
+ <configuration>
+ <removeAll>true</removeAll>
+ </configuration>
+ </execution>
+ <execution>
+ <id>generate-images</id>
+ <phase>package</phase>
+ <goals>
+ <goal>build</goal>
+ </goals>
+ </execution>
+ <execution>
+ <id>push-images</id>
+ <phase>deploy</phase>
+ <goals>
+ <goal>push</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+</project>
\ No newline at end of file
-FROM python:2-alpine
+FROM python:3-alpine3.9
ENV no_proxy "localhost,127.0.0.1,.cluster.local,$KUBERNETES_SERVICE_HOST"
# Setup Corporate proxy
ENV CERT="/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
ENV TOKEN="/var/run/secrets/kubernetes.io/serviceaccount/token"
-COPY ready.py /root/ready.py
-RUN chmod a+x /root/ready.py
-
-COPY job_complete.py /root/job_complete.py
-RUN chmod a+x /root/job_complete.py
+COPY maven/ /root/
+RUN chmod -R a+x /root/
ENTRYPOINT ["/root/ready.py"]
CMD [""]
\ No newline at end of file
response = api.read_namespaced_deployment(deployment_name, namespace)
s = response.status
if (s.unavailable_replicas is None and
- s.updated_replicas == response.spec.replicas and
+ ( s.updated_replicas is None or s.updated_replicas == response.spec.replicas ) and
s.replicas == response.spec.replicas and
s.ready_replicas == response.spec.replicas and
s.observed_generation == response.metadata.generation):
log.error("Exception when waiting for deployment status: %s\n" % e)
+def wait_for_daemonset_complete(daemonset_name):
+ try:
+ response = api_instance.read_namespaced_daemon_set(daemonset_name, namespace)
+ s = response.status
+ if s.desired_number_scheduled == s.number_ready:
+ log.info("DaemonSet: " + str(s.number_ready) + "/" + str(s.desired_number_scheduled) + " nodes ready --> " + daemonset_name + " is ready")
+ return True
+ else:
+ log.info("DaemonSet: " + str(s.number_ready) + "/" + str(s.desired_number_scheduled) + " nodes ready --> " + daemonset_name + " is not ready")
+ return False
+ except Exception as e:
+ log.error("Exception when waiting for DaemonSet status: %s\n" % e)
+
+
def is_ready(container_name):
ready = False
log.info("Checking if " + container_name + " is ready")
ready = wait_for_deployment_complete(deployment_name)
elif i.metadata.owner_references[0].kind == "Job":
ready = is_job_complete(name)
+ elif i.metadata.owner_references[0].kind == "DaemonSet":
+ ready = wait_for_daemonset_complete(i.metadata.owner_references[0].name)
return ready
def read_name(item):
- return item.metadata.owner_reference[0].name
+ return item.metadata.owner_references[0].name
def get_deployment_name(replicaset):
-Subproject commit 1d36d59796cf69d8bba1d833a7faa2709bef531c
+Subproject commit 4bd799e5dbcbf2131a685bf73319e962ace86f5c
--- /dev/null
+{{ include "common.ingress" . }}
ingress:
enabled: false
+ service:
+ - baseaddr: "sdcbe"
+ name: "sdc-be"
+ port: 8080
+ config:
+ ssl: "none"
+
# Resource Limit flavor -By Default using small
flavor: small
--- /dev/null
+{{ include "common.ingress" . }}
ingress:
enabled: false
+ service:
+ - baseaddr: "dcaedt"
+ name: "sdc-dcae-dt"
+ port: 8186
+ - baseaddr: "dcaedt2"
+ name: "sdc-dcae-dt"
+ port: 9446
+ config:
+ ssl: "none"
# Resource Limit flavor -By Default using small
flavor: small
--- /dev/null
+{{ include "common.ingress" . }}
ingress:
enabled: false
-
+ service:
+ - baseaddr: "dcaedt"
+ name: "sdc-dcae-fe"
+ port: 8183
+ - baseaddr: "dcaedt2"
+ name: "sdc-dcae-fe"
+ port: 9444
+ config:
+ ssl: "none"
# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
+{{- end -}}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
{{- end -}}
\ No newline at end of file
port: {{ .Values.service.internalPort2 }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
{{ end }}
readinessProbe:
tcpSocket:
port: {{ .Values.service.internalPort2 }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
resources:
{{ include "common.resources" . | indent 12 }}
env:
--- /dev/null
+{{ include "common.ingress" . }}
dcae_source_url: "https://sdc.dcae.plugin.simpledemo.onap.org:30264/dcaed/#/home"
dcae_dt_discovery_url: "https://sdc-dcae-dt:9446/dcae/#/dcae/home"
dcae_dt_source_url: "https://sdc.dcae.plugin.simpledemo.onap.org:30266/dcae/#/dcae/home"
- workflow_discovery_url: "http://sdc-wfd-fe:8080/workflows"
- workflow_source_url: "https://sdc.workflow.plugin.simpledemo.onap.org:30431/workflows/"
+ workflow_discovery_url: "https://sdc-wfd-fe:8443/workflows"
+ workflow_source_url: "https://sdc.workflow.plugin.simpledemo.onap.org:30256/workflows/"
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
initialDelaySeconds: 10
- periodSeconds: 10
+ periodSeconds: 60
+ timeoutSeconds: 15
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
initialDelaySeconds: 10
- periodSeconds: 10
+ periodSeconds: 60
+ timeoutSeconds: 15
service:
#Example service definition with external, internal and node ports.
ingress:
enabled: false
+ service:
+ - baseaddr: "sdcfe"
+ name: "sdc-fe"
+ port: 9443
+ config:
+ ssl: "redirect"
# Resource Limit flavor -By Default using small
flavor: small
- "/var/lib/ready-probe.sh"
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
{{ end }}
readinessProbe:
exec:
- "/var/lib/ready-probe.sh"
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
resources:
{{ include "common.resources" . | indent 12 }}
env:
# limitations under the License.
*/}}
{{- if and .Values.persistence.enabled (not .Values.cert.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}-cert
+ name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
accessModes:
- {{ .Values.cert.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.cert.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.cert.persistence.mountSubPath }}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
+{{- end -}}
{{ toYaml .Values.cert.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.cert.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.cert.persistence.size }}
-{{- if .Values.cert.persistence.storageClass }}
-{{- if (eq "-" .Values.cert.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.cert.persistence.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
# probe configuration parameters
liveness:
- initialDelaySeconds: 60
- periodSeconds: 10
+ initialDelaySeconds: 120
+ periodSeconds: 60
+ timeoutSeconds: 15
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 60
- periodSeconds: 10
+ initialDelaySeconds: 120
+ periodSeconds: 60
+ timeoutSeconds: 15
service:
type: ClusterIP
-{{- define "sdc-wfd-be.volumes" }}
- {{ if .Values.config.cassandraSSLEnabled }}
- - name: {{ include "common.fullname" . }}-cassandra-client-truststore
- hostPath:
- path: /etc/cassandra-client-truststore/truststore
- type: File
- {{- end }}
- {{ if .Values.config.serverSSLEnabled }}
- - name: {{ include "common.fullname" . }}-server-https-keystore
- hostPath:
- path: /config/server-https-keystore/keystore
- type: File
- {{- end }}
-{{- end }}
-
-{{- define "sdc-wfd-be.volumeMounts" }}
- {{ if .Values.config.cassandraSSLEnabled }}
- - name: {{ include "common.fullname" . }}-cassandra-client-truststore
- mountPath: /etc/cassandra-client-truststore/truststore
- subPath: truststore
- readOnly: true
- {{- end }}
- {{ if .Values.config.serverSSLEnabled }}
- - name: {{ include "common.fullname" . }}-server-https-keystore
- mountPath: /etc/server-https-keystore/keystore
- subPath: keystore
- readOnly: true
- {{- end }}
-{{- end }}
\ No newline at end of file
+{{- define "wfd-be.internalPort" }}{{ if .Values.config.serverSSLEnabled }}{{ .Values.service.internalPort2 }}{{ else }}{{ .Values.service.internalPort }}{{ end }}{{- end }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- - containerPort: {{ .Values.service.internalPort }}
- - containerPort: {{ .Values.service.internalPort2 }}
+ - containerPort: {{ template "wfd-be.internalPort" . }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{ if .Values.liveness.enabled }}
livenessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ template "wfd-be.internalPort" . }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end }}
readinessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ template "wfd-be.internalPort" . }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: CS_TRUST_STORE_PATH
value: "{{ .Values.config.cassandraTrustStorePath }}"
- name: CS_TRUST_STORE_PASSWORD
- value: "{{ .Values.config.cassandraTrustStorePassword }}"
+ valueFrom:
+ secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: cs_truststore_password}
- name: SDC_PROTOCOL
value: "{{ .Values.config.sdcProtocol }}"
- name: SDC_ENDPOINT
- name: SDC_USER
value: "{{ .Values.config.sdcExternalUser }}"
- name: SDC_PASSWORD
- value: "{{ .Values.config.sdcExternalUserPassword }}"
+ valueFrom:
+ secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: wf_external_user_password}
- name: SERVER_SSL_ENABLED
value: "{{ .Values.config.serverSSLEnabled }}"
- name: SERVER_SSL_KEYSTORE_TYPE
- name: SERVER_SSL_KEYSTORE_PATH
value: "{{ .Values.config.serverSSLKeyStorePath }}"
- name: SERVER_SSL_KEY_PASSWORD
- value: "{{ .Values.config.serverSSLKeyPassword }}"
- volumeMounts:
- {{- template "sdc-wfd-be.volumeMounts" . }}
- volumes:
- {{- template "sdc-wfd-be.volumes" . }}
+ valueFrom:
+ secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: keystore_password}
+ - name: SERVER_SSL_TRUSTSTORE_TYPE
+ value: "{{ .Values.config.serverSSLTrustStoreType }}"
+ - name: SERVER_SSL_TRUSTSTORE_PATH
+ value: "{{ .Values.config.serverSSLTrustStorePath }}"
+ - name: SERVER_SSL_TRUST_PASSWORD
+ valueFrom:
+ secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: truststore_password}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+{{ include "common.ingress" . }}
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
+ - port: {{ template "wfd-be.internalPort" . }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName | default "http" }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName | default "http" }}
+ - port: {{ if .Values.config.serverSslEnabled }}{{ .Values.service.externalPort2 }}{{ else }}{{ .Values.service.externalPort }}{{ end }}
+ targetPort: {{ template "wfd-be.internalPort" . }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/workflow-backend:1.5.1
-configInitImage: onap/workflow-init:1.5.1
+image: onap/workflow-backend:1.6.0
+configInitImage: onap/workflow-init:1.6.0
pullPolicy: Always
-# flag to enable debugging - application support required
-debugEnabled: false
-
initJob:
enabled: true
cassandraAuthenticationEnabled: true
cassandraThriftClientPort: 9160
cassandraClientPort: 9042
- sdcProtocol: HTTP
- sdcEndpoint: sdc-be:8080
+
+ sdcProtocol: HTTPS
+ sdcEndpoint: sdc-be:8443
sdcExternalUser: workflow
- sdcExternalUserPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
- serverSSLEnabled: false
+
+ serverSSLEnabled: true
+
serverSSLKeyStoreType: jks
- serverSSLKeyStorePath: /etc/server-https-keystore/keystore
- serverSSLKeyPassword: password
+ serverSSLKeyStorePath: /etc/keystore
+
+ serverSSLTrustStoreType: jks
+ serverSSLTrustStorePath: /etc/truststore
+
cassandraSSLEnabled: false
- cassandraTrustStorePath: /etc/cassandra-client-truststore/truststore
- cassandraTrustStorePassword: password
+ cassandraTrustStorePath: /etc/truststore
# default number of instances
replicaCount: 1
service:
type: NodePort
+ portName: sdc-wfd-be
internalPort: 8080
externalPort: 8080
internalPort2: 8443
externalPort2: 8443
- portName: sdc-wfd-be
- nodePort: "57"
+ nodePort: "57" # only one node port. set to http or https port depending on isHttpsEnabled property
+
ingress:
enabled: false
-
+ service:
+ - baseaddr: "sdcwfdbe"
+ name: "sdc-wfd-be"
+ port: 8443
+ config:
+ ssl: "redirect"
+
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
--- /dev/null
+{{- define "wfd-fe.internalPort" }}{{ if .Values.config.isHttpsEnabled }}{{ .Values.service.internalPort2 }}{{ else }}{{ .Values.service.internalPort }}{{ end }}{{- end }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- - containerPort: {{ .Values.service.internalPort }}
- - containerPort: {{ .Values.service.internalPort2 }}
+ - containerPort: {{ template "wfd-fe.internalPort" . }}
{{ if .Values.liveness.enabled }}
livenessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ template "wfd-fe.internalPort" . }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end }}
readinessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ template "wfd-fe.internalPort" . }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
value: "{{ .Values.config.isHttpsEnabled}}"
{{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }}
- name: KEYSTORE_PASS
- {{- if .Values.global.security.keysFromCa }}
valueFrom:
- secretKeyRef:
- name: mft-sdc
- key: keystore-password.txt
- {{ else }}
- value: {{ .Values.global.security.keyStorePass}}
- {{- end }}
+ secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: keystore_password}
- name: TRUSTSTORE_PASS
- {{- if .Values.global.security.keysFromCa }}
valueFrom:
- secretKeyRef:
- name: mft-catruststore
- key: keystore-password.txt
- {{ else }}
- value: {{ .Values.global.security.trustStorePass}}
- {{- end }}
+ secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: truststore_password}
- name: TRUSTSTORE_PATH
value: "{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}"
- name: KEYSTORE_PATH
value: "{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}"
- - name: TRUSTSTORE_TYPE
- value: {{ .Values.security.truststore.type }}
- - name: KEYSTORE_TYPE
- value: {{ .Values.security.keystore.type }}
+ - name: TRUST_ALL
+ value: "{{ .Values.config.isTrustAll}}"
{{ end }}
volumeMounts:
- {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }}
- - name: {{ include "common.fullname" . }}-jetty-https-truststore
- mountPath: /var/lib/jetty/{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}
- subPath: {{ .Values.security.truststoreFilename }}
- - name: {{ include "common.fullname" . }}-jetty-https-keystore
- mountPath: /var/lib/jetty/etc/{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}
- subPath: {{ .Values.security.keystoreFilename }}
- {{ end }}
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
readOnly: true
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
-
# side car containers
- name: {{ include "common.name" . }}-filebeat-onap
image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-{{- define "rules.wf" -}}
-- http:
- paths:
- - path: /workflows/
- backend:
- serviceName: {{.Values.service.name}}
- servicePort: {{.Values.service.internalPort}}
-{{- end -}}
-
-{{- if .Values.ingress.enabled }}
-
-apiVersion: extensions/v1beta1
-kind: Ingress
-metadata:
- name: {{ include "common.fullname" . }}-ingress
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-{{- with .Values.ingress.annotations }}
- annotations:
-{{ toYaml . | indent 4 }}
-{{- end }}
-spec:
- rules:
-{{- if .Values.ingress.hosts}}
-{{- range .Values.ingress.hosts}}
-{{- include "rules.wf" $ | nindent 2}}
-{{- if .}}
- host: {{. | quote}}
-{{- end}}
-{{- end}}
- tls:
- - hosts:
-{{- range .Values.ingress.hosts}}
-{{- if .}}
- - {{ . | quote }}
-{{- end}}
-{{- end }}
-{{- else}}
-{{- include "rules.wf" . | nindent 2}}
-{{- end}}
-{{ end }}
+{{ include "common.ingress" . }}
"version": "v1",
"url": "/",
"protocol": "UI",
- "port": "{{ .Values.service.internalPort }}",
+ "port": "{{ .Values.service.internalPort2 }}",
"visualRange":"0|1"
}
]'
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
+ - port: {{ template "wfd-fe.internalPort" . }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName | default "http" }}
- - port: {{ .Values.service.internalPort2 }}
- nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort2 }}
- name: {{ .Values.service.portName2 | default "https" }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName | default "http" }}
- - port: {{ .Values.service.externalPort2 }}
- targetPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName2 | default "https" }}
+ - port: {{ if .Values.config.isHttpsEnabled }}{{ .Values.service.externalPort2 }}{{ else }}{{ .Values.service.externalPort }}{{ end }}
+ targetPort: {{ template "wfd-fe.internalPort" . }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/workflow-frontend:1.5.1
+image: onap/workflow-frontend:1.6.0
pullPolicy: Always
# flag to enable debugging - application support required
config:
javaOptions: "-Xmx256m -Xms256m"
- backendServerURL: "http://sdc-wfd-be:8080"
+ backendServerURL: "https://sdc-wfd-be:8443"
isHttpsEnabled: true
-
+ # following flag decides whether to check the certificate on the outgoing proxy request or whether to trust all parties
+ isTrustAll: true
# https relevant settings. Change in case you have other trust files then default ones.
security:
- isDefaultStore: true
- truststoreType: "JKS"
- keystoreType: "JKS"
- truststoreFilename: "truststore"
- keystoreFilename: "keystore"
+ isDefaultStore: false
+ truststoreFilename: "org.onap.sdc.trust.jks"
+ keystoreFilename: "org.onap.sdc.p12"
storePath: "etc"
# default number of instances
type: NodePort
internalPort: 8080
externalPort: 8080
- portName: sdc-wfd-fe
- nodePort: "56"
- portName2: sdc-wfd-fe2
internalPort2: 8443
externalPort2: 8443
- nodePort2: "31"
+ portName: sdc-wfd-fe
+ nodePort: "56" # only one node port. set to http or https port depending on isHttpsEnabled property
ingress:
enabled: false
- hosts: ~
+ service:
+ - baseaddr: "sdcwfdfe"
+ name: "sdc-wfd-fe"
+ port: 8443
annotations:
ingress.kubernetes.io/secure-backends: "false"
nginx.ingress.kubernetes.io/secure-backends: "false"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
- nginx.ingress.kubernetes.io/rewrite-target: /workflows/
- nginx.ingress.kubernetes.io/server-snippet: |
- underscores_in_headers on;
+ nginx.ingress.kubernetes.io/rewrite-target: "/workflows/"
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
sdc_password: "{{ .Values.global.secrets.sdc_password }}"
#default user:
cs_password: "{{ .Values.global.secrets.cs_password }}"
+ cs_truststore_password: "{{ .Values.global.secrets.cs_truststore_password }}"
+ # ssl - stores
+ truststore_password: "{{ .Values.global.secrets.truststore_password }}"
+ keystore_password: "{{ .Values.global.secrets.keystore_password }}"
+ # workflow
+ wf_external_user_password: "{{ .Values.global.secrets.wf_external_user_password }}"
\ No newline at end of file
sdc_password: QWExMjM0JV4h
#Should be the password of shared cassandra instance/chart
cs_password: Y2Fzc2FuZHJh
+ cs_truststore_password: XS5dW3hndHplXWhCaHoqd3ldfW0jbGYq
+ truststore_password: XS5dW3hndHplXWhCaHoqd3ldfW0jbGYq
+ keystore_password: IXBwSi5KdlduMGhHaClvVkZdKFtLdile
+ wf_external_user_password: S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ==
ubuntuInitRepository: oomk8s
ubuntuInitImage: ubuntu-init:1.0.0
cassandra:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-dmaap-listener-image:1.7.3
+image: onap/sdnc-dmaap-listener-image:1.7.6
pullPolicy: Always
# flag to enable debugging - application support required
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-ansible-server-image:1.7.3
+image: onap/sdnc-ansible-server-image:1.7.6
pullPolicy: Always
# flag to enable debugging - application support required
"MainMenu": "gamma",
"dbConnLimit": "100",
"home": "/opt/admportal",
- "sslEnabled": "false",
- "nonSslPort": "{{.Values.service.internalPort}}",
- "ConexusNetworkPort": "8443",
+ "sslEnabled": "true",
+ "nonSslPort": "8543",
+ "ConexusNetworkPort": "{{.Values.service.internalPort}}",
"AppNetworkPort": "8543",
"clusterPort": "8443",
"serviceHomingServiceType": "SDN-ETHERNET-INTERNET",
"odlConexusPort": "8181",
"odlUser": "admin",
"odlPasswd": "{{.Values.config.odlPassword}}",
- "ConexusNetwork_sslCert": "",
- "ConexusNetwork_sslKey": "",
+ "ConexusNetwork_sslCert": "{{.Values.config.storesDir}}/org.onap.sdnc.p12",
+ "ConexusNetwork_sslKey": "{{.Values.config.keystorePwd}}",
"AppNetwork_sslCert": "",
"AppNetwork_sslKey": "",
"hostnameList": [
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/admportal-sdnc-image:1.7.3
+image: onap/admportal-sdnc-image:1.7.6
config:
dbRootPassword: secretpassword
dbSdnctlPassword: gamma
configDir: /opt/onap/sdnc/data/properties
storesDir: /opt/onap/sdnc/data/stores
odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
- keystorePwd: ?w5&!M;8v1XF;:Xd;g*%S$IY
+ keystorePwd: ff^G9D]yf&r}Ktum@BJ0YB?N
mariadbGalera:
chartName: mariadb-galera
serviceName: mariadb-galera
internalPort: 3306
# default number of instances
-replicaCount: 1
+replicaCount: 0
nodeSelector: {}
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdnc-ueb-listener-image:1.7.3
+image: onap/sdnc-ueb-listener-image:1.7.6
pullPolicy: Always
# flag to enable debugging - application support required
CCSDK_HOME=${CCSDK_HOME:-/opt/onap/ccsdk}
ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false}
GEO_ENABLED=${GEO_ENABLED:-false}
+SDNC_AAF_ENABLED=${SDNC_AAF_ENABLED:-false}
SDNRWT=${SDNRWT:-false}
SDNRWT_BOOTFEATURES=${SDNRWT_BOOTFEATURES:-sdnr-wt-feature-aggregator}
export ODL_ADMIN_PASSWORD ODL_ADMIN_USERNAME
echo " ENABLE_ODL_CLUSTER=$ENABLE_ODL_CLUSTER"
echo " SDNC_REPLICAS=$SDNC_REPLICAS"
echo " SDNRWT=$SDNRWT"
-
-
+echo " AAF_ENABLED=$SDNC_AAF_ENABLED"
+
+
+if $SDNC_AAF_ENABLED; then
+ export SDNC_STORE_DIR=/opt/app/osaaf/local
+ export SDNC_CONFIG_DIR=/opt/app/osaaf/local
+ export SDNC_KEYPASS=`cat /opt/app/osaaf/local/.pass`
+ export SDNC_KEYSTORE=org.onap.sdnc.p12
+ sed -i '/cadi_prop_files/d' $ODL_HOME/etc/system.properties
+ echo "cadi_prop_files=$SDNC_CONFIG_DIR/org.onap.sdnc.props" >> $ODL_HOME/etc/system.properties
+
+ sed -i '/org.ops4j.pax.web.ssl.keystore/d' $ODL_HOME/etc/custom.properties
+ sed -i '/org.ops4j.pax.web.ssl.password/d' $ODL_HOME/etc/custom.properties
+ sed -i '/org.ops4j.pax.web.ssl.keypassword/d' $ODL_HOME/etc/custom.properties
+ echo org.ops4j.pax.web.ssl.keystore=$SDNC_STORE_DIR/$SDNC_KEYSTORE >> $ODL_HOME/etc/custom.properties
+ echo org.ops4j.pax.web.ssl.password=$SDNC_KEYPASS >> $ODL_HOME/etc/custom.properties
+ echo org.ops4j.pax.web.ssl.keypassword=$SDNC_KEYPASS >> $ODL_HOME/etc/custom.properties
+fi
if [ ! -f ${SDNC_HOME}/.installed ]
then
# See the License for the specific language governing permissions and
# limitations under the License.
+SDNC_AAF_ENABLED: "{{ .Values.global.aafEnabled }}"
SDNC_GEO_ENABLED: "{{ .Values.config.geoEnabled }}"
SDNC_IS_PRIMARY_CLUSTER: "{{ .Values.config.isPrimaryCluster }}"
SDNC_ODL_COUNT: "{{ .Values.replicaCount }}"
name: {{ include "common.fullname" . }}-scripts
defaultMode: 0755
- name: core-dns-keyfile
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+ {{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
imagePullSecrets:
- name: {{ include "common.namespace" . }}-docker-registry-key"
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Copyright © 2019 Amdocs, Bell Canada, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-data
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.name" . }}
+ app: {{ include "common.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
name: {{ include "common.fullname" . }}
spec:
capacity:
- storage: {{ .Values.persistence.size }}
+ storage: {{ .Values.persistence.size}}
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
+{{- end -}}
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2019 Amdocs, Bell Canada, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
kind: PersistentVolumeClaim
apiVersion: v1
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
{{- if .Values.persistence.annotations }}
annotations:
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
+ storageClassName: {{ include "common.storageClass" . }}
{{- end }}
-{{- end }}
-{{- end -}}
--- /dev/null
+{{ include "common.ingress" . }}
--- /dev/null
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+{{ if .Values.certpersistence.enabled }}
+---
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-certs
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}-certs
+spec:
+ capacity:
+ storage: {{ .Values.certpersistence.size }}
+ accessModes:
+ - {{ .Values.certpersistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" . }}-certs"
+ persistentVolumeReclaimPolicy: {{ .Values.certpersistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.certpersistence.mountPath }}/{{ .Release.Name }}/{{ .Values.certpersistence.mountSubPath }}
+{{ end }}
--- /dev/null
+{{/*
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+
+{{- $global := . }}
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
+{{- range $i := until (int $global.Values.replicaCount)}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" $global }}-data-{{ $i }}
+ namespace: {{ include "common.namespace" $global }}
+ labels:
+ app: {{ include "common.fullname" $global }}
+ chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
+ release: "{{ $global.Release.Name }}"
+ heritage: "{{ $global.Release.Service }}"
+ name: {{ include "common.fullname" $global }}
+spec:
+ capacity:
+ storage: {{ $global.Values.persistence.size}}
+ accessModes:
+ - {{ $global.Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" $global }}-data"
+ persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
+{{if ne $i (int $global.Values.replicaCount) }}
+---
+{{- end -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+++ /dev/null
-{{/*
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-# #
-# # Licensed under the Apache License, Version 2.0 (the "License");
-# # you may not use this file except in compliance with the License.
-# # You may obtain a copy of the License at
-# #
-# # http://www.apache.org/licenses/LICENSE-2.0
-# #
-# # Unless required by applicable law or agreed to in writing, software
-# # distributed under the License is distributed on an "AS IS" BASIS,
-# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# # See the License for the specific language governing permissions and
-# # limitations under the License.
-*/}}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{ $pvNum := default 1 .Values.replicaCount | int }}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-mdsal0
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-mdsal"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}0
-{{ if gt $pvNum 1 }}
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-mdsal1
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-mdsal"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}1
-{{ end }}
-{{ if gt $pvNum 2 }}
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-mdsal2
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-mdsal"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}2
-{{ end }}
-{{- end -}}
-{{ if .Values.certpersistence.enabled }}
----
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-pv-certs
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}-pv-certs
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}-certs
-spec:
- capacity:
- storage: {{ .Values.certpersistence.size }}
- accessModes:
- - {{ .Values.certpersistence.accessMode }}
-{{- if .Values.certpersistence.storageClass }}
-{{- if (eq "-" .Values.certpersistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.certpersistence.storageClass }}"
-{{- end }}
-{{- end }}
- persistentVolumeReclaimPolicy: {{ .Values.certpersistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.certpersistence.mountPath }}/{{ .Values.certpersistence.mountSubPath }}
-{{ end }}
-
-
-
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
- name: {{ include "common.fullname" .}}-pvc-certs
+ name: {{ include "common.fullname" .}}-certs
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.name" . }}-pvc-certs
+ app: {{ include "common.name" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}-certs
{{- if .Values.certpersistence.annotations }}
annotations:
{{ toYaml .Values.certpersistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}-pv-certs
accessModes:
- {{ .Values.certpersistence.accessMode }}
resources:
requests:
storage: {{ .Values.certpersistence.size }}
-{{- if .Values.certpersistence.storageClass }}
-{{- if (eq "-" .Values.certpersistence.storageClass) }}
- storageClassName: ""
+{{- if eq "True" (include "common.needPV" .) }}
+ storageClassName: "{{ include "common.fullname" . }}-certs"
{{- else }}
- storageClassName: "{{ .Values.certpersistence.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
\ No newline at end of file
+ storageClassName: {{ include "common.storageClass" . }}
+ {{- end }}
+{{- end -}}
--- /dev/null
+{{ if .Values.global.aafEnabled }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-aaf
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+ aaf-password: {{ .Values.aaf_init.deploy_pass | b64enc | quote }}
+{{ end }}
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
+ {{ if not .Values.global.aafEnabled }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }}
+ {{ end }}
name: "{{ .Values.service.portName }}-8282"
- port: {{ .Values.service.externalPort2 }}
targetPort: {{ .Values.service.internalPort2 }}
name: "{{ .Values.service.portName }}-8280"
- port: {{ .Values.service.externalPort4 }}
targetPort: {{ .Values.service.internalPort4 }}
+ {{ if .Values.global.aafEnabled }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }}
+ {{ end }}
name: "{{ .Values.service.portName }}-8443"
{{- else -}}
- port: {{ .Values.service.externalPort }}
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
+ name: {{ include "common.name" . }}-readiness
+ {{ if .Values.global.aafEnabled }}
+ - name: {{ include "common.name" . }}-aaf-readiness
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - aaf-locate
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ - name: {{ include "common.name" . }}-aaf
+ image: {{ .Values.global.repository }}/{{ .Values.aaf_init.agentImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: {{ .Values.certpersistence.certPath }}
+ name: {{ include "common.fullname" . }}-certs
+ command:
+ - bash
+ - -c
+ - |
+ /opt/app/aaf_config/bin/agent.sh &&
+ cd /opt/app/osaaf/local &&
+ /opt/app/aaf_config/bin/agent.sh local showpass | grep cadi_keystore_password= | cut -d= -f 2 > /opt/app/osaaf/local/.pass 2>&1
+ env:
+ - name: APP_FQI
+ value: "{{ .Values.aaf_init.fqi }}"
+ - name: aaf_locate_url
+ value: "https://aaf-locate.{{ .Release.Namespace}}:8095"
+ - name: aaf_locator_container
+ value: "oom"
+ - name: aaf_locator_container_ns
+ value: "{{ .Release.Namespace }}"
+ - name: aaf_locator_fqdn
+ value: "{{ .Values.aaf_init.fqdn }}"
+ - name: aaf_locator_app_ns
+ value: "{{ .Values.aaf_init.app_ns }}"
+ - name: DEPLOY_FQI
+ value: "{{ .Values.aaf_init.deploy_fqi }}"
+ - name: DEPLOY_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" .}}-aaf
+ key: aaf-password
+ - name: cadi_longitude
+ value: "{{ .Values.aaf_init.cadi_longitude }}"
+ - name: cadi_latitude
+ value: "{{ .Values.aaf_init.cadi_latitude }}"
+ {{ end }}
- name: {{ include "common.name" . }}-chown
image: "busybox"
command: ["sh", "-c", "chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }} ; chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certpersistence.certPath }}"]
volumeMounts:
- mountPath: {{ .Values.persistence.mdsalPath }}
- name: {{ include "common.fullname" . }}-mdsal
+ name: {{ include "common.fullname" . }}-data
- mountPath: {{ .Values.certpersistence.certPath }}
name: {{ include "common.fullname" . }}-certs
containers:
value: "{{ .Values.config.isPrimaryCluster }}"
- name: GEO_ENABLED
value: "{{ .Values.config.geoEnabled}}"
+ - name: SDNC_AAF_ENABLED
+ value: "{{ .Values.global.aafEnabled}}"
- name: SDNC_REPLICAS
value: "{{ .Values.replicaCount }}"
- name: MYSQL_HOST
name: properties
subPath: blueprints-processor-adaptor.properties
- mountPath: {{ .Values.persistence.mdsalPath }}
- name: {{ include "common.fullname" . }}-mdsal
+ name: {{ include "common.fullname" . }}-data
- mountPath: /var/log/onap
name: logs
- mountPath: {{ .Values.certpersistence.certPath }}
- name: {{ include "common.fullname" . }}-certs
{{ if .Values.certpersistence.enabled }}
persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-pvc-certs
+ claimName: {{ include "common.fullname" . }}-certs
{{ else }}
emptyDir: {}
{{ end }}
{{ if not .Values.persistence.enabled }}
- - name: {{ include "common.fullname" . }}-mdsal
+ - name: {{ include "common.fullname" . }}-data
emptyDir: {}
{{ else }}
volumeClaimTemplates:
- metadata:
- name: {{ include "common.fullname" . }}-mdsal
+ name: {{ include "common.fullname" . }}-data
labels:
name: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
spec:
- accessModes: [ {{ .Values.persistence.accessMode }} ]
- storageClassName: {{ include "common.fullname" . }}-mdsal
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
- {{ end }}
+ {{- end }}
loggingImage: beats/filebeat:5.5.0
persistence:
mountPath: /dockerdata-nfs
+ aafEnabled: true
#################################################################
# Application configuration defaults.
# application images
repository: nexus3.onap.org:10001
pullPolicy: Always
-image: onap/sdnc-image:1.7.3
+image: onap/sdnc-image:1.7.6
# flag to enable debugging - application support required
internalPort: 3306
# dependency / sub-chart configuration
+aaf_init:
+ agentImage: onap/aaf/aaf_agent:2.1.15
+ app_ns: "org.osaaf.aaf"
+ fqi: "sdnc@sdnc.onap.org"
+ fqdn: "sdnc"
+ public_fqdn: "sdnc.onap.org"
+ deploy_fqi: "deployer@people.osaaf.org"
+ deploy_pass: "demo123456!"
+ cadi_latitude: "38.0"
+ cadi_longitude: "-72.0"
+
cds:
enabled: false
size: 50Mi
mountPath: /dockerdata-nfs
mountSubPath: sdnc/certs
- certPath: /opt/opendaylight/current/certs
+ certPath: /opt/app/osaaf
##storageClass: "manual"
ingress:
enabled: false
+ service:
+ - baseaddr: "sdnc"
+ name: "sdnc"
+ port: 8443
+ config:
+ ssl: "redirect"
#Resource Limit flavor -By Default using small
flavor: small
so:
vnfm:
adapter:
- url: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/
+ url: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/
auth: Basic dm5mbTpwYXNzd29yZDEk
org:
onap:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/bpmn-infra:1.5.2
+image: onap/so/bpmn-infra:1.5.3
pullPolicy: Always
replicaCount: 1
tenant_metadata: true
identity_server_type: "KEYSTONE"
identity_authentication_type: "RACKSPACE_APIKEY"
+ project_domain_name: "PROJECT_DOMAIN_NAME"
+ user_domain_name: "USER_DOMAIN_NAME"
DEFAULT_KEYSTONE:
identity_url: "{{ .Values.config.openStackKeyStoneUrl }}"
mso_id: "{{ .Values.config.openStackUserName }}"
tenant_metadata: true
identity_server_type: "KEYSTONE"
identity_authentication_type: "USERNAME_PASSWORD"
+ project_domain_name: "{{ .Values.config.openStackProjectDomainName }}"
+ user_domain_name: "{{ .Values.config.openStackUserDomainName }}"
cloud_sites:
Dallas:
region_id: "DFW"
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/catalog-db-adapter:1.5.2
+image: onap/so/catalog-db-adapter:1.5.3
pullPolicy: Always
replicaCount: 1
openStackServiceTenantName: "service"
openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
openStackTenantId: "d570c718cbc545029f40e50b75eb13df"
+ openStackProjectDomainName: "openStackProjectDomainName"
+ openStackUserDomainName: "openStackUserDomainName"
nodeSelector: {}
tolerations: []
affinity: {}
--- /dev/null
+#!/bin/sh
+#
+# ============LICENSE_START==========================================
+# ===================================================================
+# Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# ===================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END============================================
+#
+# ECOMP and OpenECOMP are trademarks
+# and service marks of AT&T Intellectual Property.
+#
+
+echo "Creating camundabpmn database . . ." 1>/tmp/mariadb-camundabpmn.log 2>&1
+
+mysql -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+DROP DATABASE IF EXISTS `camundabpmn`;
+CREATE DATABASE `camundabpmn`;
+DROP USER IF EXISTS 'camundauser';
+CREATE USER 'camundauser';
+GRANT ALL on camundabpmn.* to 'camundauser' identified by 'camunda123' with GRANT OPTION;
+FLUSH PRIVILEGES;
+EOF
+
+cd /docker-entrypoint-initdb.d/db-sql-scripts
+
+mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < mariadb_engine_7.10.0.sql || exit 1
+mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < mariadb_identity_7.10.0.sql || exit 1
+
+echo "Created camundabpmn database . . ." 1>>/tmp/mariadb-camundabpmn.log 2>&1
--- /dev/null
+#!/bin/sh
+#
+# ============LICENSE_START==========================================
+# ===================================================================
+# Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# ===================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END============================================
+#
+# ECOMP and OpenECOMP are trademarks
+# and service marks of AT&T Intellectual Property.
+#
+
+echo "Creating requestdb database . . ." 1>/tmp/mariadb-requestdb.log 2>&1
+
+mysql -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+DROP DATABASE IF EXISTS `requestdb`;
+CREATE DATABASE /*!32312 IF NOT EXISTS*/ `requestdb` /*!40100 DEFAULT CHARACTER SET latin1 */;
+DROP USER IF EXISTS 'requestuser';
+CREATE USER 'requestuser';
+GRANT ALL on requestdb.* to 'requestuser' identified by 'request123' with GRANT OPTION;
+FLUSH PRIVILEGES;
+EOF
+
+echo "Created requestdb database . . ." 1>>/tmp/mariadb-requestdb.log 2>&1
--- /dev/null
+#!/bin/sh
+#
+# ============LICENSE_START==========================================
+# ===================================================================
+# Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# ===================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END============================================
+#
+# ECOMP and OpenECOMP are trademarks
+# and service marks of AT&T Intellectual Property.
+#
+
+echo "Creating catalogdb database . . ." 1>/tmp/mariadb-catalogdb.log 2>&1
+
+mysql -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+DROP DATABASE IF EXISTS `catalogdb`;
+CREATE DATABASE /*!32312 IF NOT EXISTS*/ `catalogdb` /*!40100 DEFAULT CHARACTER SET latin1 */;
+DROP USER IF EXISTS 'cataloguser';
+CREATE USER 'cataloguser';
+GRANT ALL on catalogdb.* to 'cataloguser' identified by 'catalog123' with GRANT OPTION;
+FLUSH PRIVILEGES;
+EOF
+
+echo "Created catalogdb database . . ." 1>>/tmp/mariadb-catalogdb.log 2>&1
--- /dev/null
+#!/bin/sh
+#
+# ============LICENSE_START==========================================
+# ===================================================================
+# Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# ===================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END============================================
+#
+# ECOMP and OpenECOMP are trademarks
+# and service marks of AT&T Intellectual Property.
+#
+
+echo "Creating so user . . ." 1>/tmp/mariadb-so-user.log 2>&1
+
+mysql -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+DROP USER IF EXISTS 'so_user';
+CREATE USER 'so_user';
+GRANT USAGE ON *.* TO 'so_user'@'%' IDENTIFIED BY 'so_User123';
+GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE, SHOW VIEW ON `requestdb`.* TO 'so_user'@'%';
+GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE, SHOW VIEW ON `catalogdb`.* TO 'so_user'@'%';
+GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE, SHOW VIEW ON `camundabpmn`.* TO 'so_user'@'%';
+FLUSH PRIVILEGES;
+EOF
+
+echo "Created so user . . ." 1>>/tmp/mariadb-so-user.log 2>&1
--- /dev/null
+#!/bin/sh
+#
+# ============LICENSE_START==========================================
+# ===================================================================
+# Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# ===================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END============================================
+#
+# ECOMP and OpenECOMP are trademarks
+# and service marks of AT&T Intellectual Property.
+#
+
+echo "Creating so admin user . . ." 1>/tmp/mariadb-so-admin.log 2>&1
+
+mysql -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1
+DROP USER IF EXISTS 'so_admin';
+CREATE USER 'so_admin';
+GRANT USAGE ON *.* TO 'so_admin'@'%' IDENTIFIED BY 'so_Admin123';
+GRANT ALL PRIVILEGES ON `camundabpmn`.* TO 'so_admin'@'%' WITH GRANT OPTION;
+GRANT ALL PRIVILEGES ON `requestdb`.* TO 'so_admin'@'%' WITH GRANT OPTION;
+GRANT ALL PRIVILEGES ON `catalogdb`.* TO 'so_admin'@'%' WITH GRANT OPTION;
+FLUSH PRIVILEGES;
+EOF
+
+echo "Created so admin user . . ." 1>>/tmp/mariadb-so-admin.log 2>&1
--- /dev/null
+--
+-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com)
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+--
+
+use camundabpmn;
+
+create table ACT_GE_PROPERTY (
+ NAME_ varchar(64),
+ VALUE_ varchar(300),
+ REV_ integer,
+ primary key (NAME_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+insert into ACT_GE_PROPERTY
+values ('schema.version', 'fox', 1);
+
+insert into ACT_GE_PROPERTY
+values ('schema.history', 'create(fox)', 1);
+
+insert into ACT_GE_PROPERTY
+values ('next.dbid', '1', 1);
+
+insert into ACT_GE_PROPERTY
+values ('deployment.lock', '0', 1);
+
+insert into ACT_GE_PROPERTY
+values ('history.cleanup.job.lock', '0', 1);
+
+insert into ACT_GE_PROPERTY
+values ('startup.lock', '0', 1);
+
+create table ACT_GE_BYTEARRAY (
+ ID_ varchar(64),
+ REV_ integer,
+ NAME_ varchar(255),
+ DEPLOYMENT_ID_ varchar(64),
+ BYTES_ LONGBLOB,
+ GENERATED_ TINYINT,
+ TENANT_ID_ varchar(64),
+ TYPE_ integer,
+ CREATE_TIME_ datetime(3),
+ ROOT_PROC_INST_ID_ varchar(64),
+ REMOVAL_TIME_ datetime(3),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_RE_DEPLOYMENT (
+ ID_ varchar(64),
+ NAME_ varchar(255),
+ DEPLOY_TIME_ timestamp(3),
+ SOURCE_ varchar(255),
+ TENANT_ID_ varchar(64),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_RU_EXECUTION (
+ ID_ varchar(64),
+ REV_ integer,
+ ROOT_PROC_INST_ID_ varchar(64),
+ PROC_INST_ID_ varchar(64),
+ BUSINESS_KEY_ varchar(255),
+ PARENT_ID_ varchar(64),
+ PROC_DEF_ID_ varchar(64),
+ SUPER_EXEC_ varchar(64),
+ SUPER_CASE_EXEC_ varchar(64),
+ CASE_INST_ID_ varchar(64),
+ ACT_ID_ varchar(255),
+ ACT_INST_ID_ varchar(64),
+ IS_ACTIVE_ TINYINT,
+ IS_CONCURRENT_ TINYINT,
+ IS_SCOPE_ TINYINT,
+ IS_EVENT_SCOPE_ TINYINT,
+ SUSPENSION_STATE_ integer,
+ CACHED_ENT_STATE_ integer,
+ SEQUENCE_COUNTER_ bigint,
+ TENANT_ID_ varchar(64),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_RU_JOB (
+ ID_ varchar(64) NOT NULL,
+ REV_ integer,
+ TYPE_ varchar(255) NOT NULL,
+ LOCK_EXP_TIME_ timestamp(3) NULL,
+ LOCK_OWNER_ varchar(255),
+ EXCLUSIVE_ boolean,
+ EXECUTION_ID_ varchar(64),
+ PROCESS_INSTANCE_ID_ varchar(64),
+ PROCESS_DEF_ID_ varchar(64),
+ PROCESS_DEF_KEY_ varchar(255),
+ RETRIES_ integer,
+ EXCEPTION_STACK_ID_ varchar(64),
+ EXCEPTION_MSG_ varchar(4000),
+ DUEDATE_ timestamp(3) NULL,
+ REPEAT_ varchar(255),
+ HANDLER_TYPE_ varchar(255),
+ HANDLER_CFG_ varchar(4000),
+ DEPLOYMENT_ID_ varchar(64),
+ SUSPENSION_STATE_ integer NOT NULL DEFAULT 1,
+ JOB_DEF_ID_ varchar(64),
+ PRIORITY_ bigint NOT NULL DEFAULT 0,
+ SEQUENCE_COUNTER_ bigint,
+ TENANT_ID_ varchar(64),
+ CREATE_TIME_ datetime(3),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_RU_JOBDEF (
+ ID_ varchar(64) NOT NULL,
+ REV_ integer,
+ PROC_DEF_ID_ varchar(64),
+ PROC_DEF_KEY_ varchar(255),
+ ACT_ID_ varchar(255),
+ JOB_TYPE_ varchar(255) NOT NULL,
+ JOB_CONFIGURATION_ varchar(255),
+ SUSPENSION_STATE_ integer,
+ JOB_PRIORITY_ bigint,
+ TENANT_ID_ varchar(64),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_RE_PROCDEF (
+ ID_ varchar(64) not null,
+ REV_ integer,
+ CATEGORY_ varchar(255),
+ NAME_ varchar(255),
+ KEY_ varchar(255) not null,
+ VERSION_ integer not null,
+ DEPLOYMENT_ID_ varchar(64),
+ RESOURCE_NAME_ varchar(4000),
+ DGRM_RESOURCE_NAME_ varchar(4000),
+ HAS_START_FORM_KEY_ TINYINT,
+ SUSPENSION_STATE_ integer,
+ TENANT_ID_ varchar(64),
+ VERSION_TAG_ varchar(64),
+ HISTORY_TTL_ integer,
+ STARTABLE_ boolean NOT NULL default TRUE,
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_RU_TASK (
+ ID_ varchar(64),
+ REV_ integer,
+ EXECUTION_ID_ varchar(64),
+ PROC_INST_ID_ varchar(64),
+ PROC_DEF_ID_ varchar(64),
+ CASE_EXECUTION_ID_ varchar(64),
+ CASE_INST_ID_ varchar(64),
+ CASE_DEF_ID_ varchar(64),
+ NAME_ varchar(255),
+ PARENT_TASK_ID_ varchar(64),
+ DESCRIPTION_ varchar(4000),
+ TASK_DEF_KEY_ varchar(255),
+ OWNER_ varchar(255),
+ ASSIGNEE_ varchar(255),
+ DELEGATION_ varchar(64),
+ PRIORITY_ integer,
+ CREATE_TIME_ timestamp(3),
+ DUE_DATE_ datetime(3),
+ FOLLOW_UP_DATE_ datetime(3),
+ SUSPENSION_STATE_ integer,
+ TENANT_ID_ varchar(64),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_RU_IDENTITYLINK (
+ ID_ varchar(64),
+ REV_ integer,
+ GROUP_ID_ varchar(255),
+ TYPE_ varchar(255),
+ USER_ID_ varchar(255),
+ TASK_ID_ varchar(64),
+ PROC_DEF_ID_ varchar(64),
+ TENANT_ID_ varchar(64),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_RU_VARIABLE (
+ ID_ varchar(64) not null,
+ REV_ integer,
+ TYPE_ varchar(255) not null,
+ NAME_ varchar(255) not null,
+ EXECUTION_ID_ varchar(64),
+ PROC_INST_ID_ varchar(64),
+ CASE_EXECUTION_ID_ varchar(64),
+ CASE_INST_ID_ varchar(64),
+ TASK_ID_ varchar(64),
+ BYTEARRAY_ID_ varchar(64),
+ DOUBLE_ double,
+ LONG_ bigint,
+ TEXT_ LONGBLOB,
+ TEXT2_ LONGBLOB,
+ VAR_SCOPE_ varchar(64) not null,
+ SEQUENCE_COUNTER_ bigint,
+ IS_CONCURRENT_LOCAL_ TINYINT,
+ TENANT_ID_ varchar(64),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_RU_EVENT_SUBSCR (
+ ID_ varchar(64) not null,
+ REV_ integer,
+ EVENT_TYPE_ varchar(255) not null,
+ EVENT_NAME_ varchar(255),
+ EXECUTION_ID_ varchar(64),
+ PROC_INST_ID_ varchar(64),
+ ACTIVITY_ID_ varchar(255),
+ CONFIGURATION_ varchar(255),
+ CREATED_ timestamp(3) not null,
+ TENANT_ID_ varchar(64),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_RU_INCIDENT (
+ ID_ varchar(64) not null,
+ REV_ integer not null,
+ INCIDENT_TIMESTAMP_ timestamp(3) not null,
+ INCIDENT_MSG_ varchar(4000),
+ INCIDENT_TYPE_ varchar(255) not null,
+ EXECUTION_ID_ varchar(64),
+ ACTIVITY_ID_ varchar(255),
+ PROC_INST_ID_ varchar(64),
+ PROC_DEF_ID_ varchar(64),
+ CAUSE_INCIDENT_ID_ varchar(64),
+ ROOT_CAUSE_INCIDENT_ID_ varchar(64),
+ CONFIGURATION_ varchar(255),
+ TENANT_ID_ varchar(64),
+ JOB_DEF_ID_ varchar(64),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_RU_AUTHORIZATION (
+ ID_ varchar(64) not null,
+ REV_ integer not null,
+ TYPE_ integer not null,
+ GROUP_ID_ varchar(255),
+ USER_ID_ varchar(255),
+ RESOURCE_TYPE_ integer not null,
+ RESOURCE_ID_ varchar(255),
+ PERMS_ integer,
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_RU_FILTER (
+ ID_ varchar(64) not null,
+ REV_ integer not null,
+ RESOURCE_TYPE_ varchar(255) not null,
+ NAME_ varchar(255) not null,
+ OWNER_ varchar(255),
+ QUERY_ LONGTEXT not null,
+ PROPERTIES_ LONGTEXT,
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_RU_METER_LOG (
+ ID_ varchar(64) not null,
+ NAME_ varchar(64) not null,
+ REPORTER_ varchar(255),
+ VALUE_ bigint,
+ TIMESTAMP_ timestamp(3),
+ MILLISECONDS_ bigint DEFAULT 0,
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_RU_EXT_TASK (
+ ID_ varchar(64) not null,
+ REV_ integer not null,
+ WORKER_ID_ varchar(255),
+ TOPIC_NAME_ varchar(255),
+ RETRIES_ integer,
+ ERROR_MSG_ varchar(4000),
+ ERROR_DETAILS_ID_ varchar(64),
+ LOCK_EXP_TIME_ timestamp(3) NULL,
+ SUSPENSION_STATE_ integer,
+ EXECUTION_ID_ varchar(64),
+ PROC_INST_ID_ varchar(64),
+ PROC_DEF_ID_ varchar(64),
+ PROC_DEF_KEY_ varchar(255),
+ ACT_ID_ varchar(255),
+ ACT_INST_ID_ varchar(64),
+ TENANT_ID_ varchar(64),
+ PRIORITY_ bigint NOT NULL DEFAULT 0,
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_RU_BATCH (
+ ID_ varchar(64) not null,
+ REV_ integer not null,
+ TYPE_ varchar(255),
+ TOTAL_JOBS_ integer,
+ JOBS_CREATED_ integer,
+ JOBS_PER_SEED_ integer,
+ INVOCATIONS_PER_JOB_ integer,
+ SEED_JOB_DEF_ID_ varchar(64),
+ BATCH_JOB_DEF_ID_ varchar(64),
+ MONITOR_JOB_DEF_ID_ varchar(64),
+ SUSPENSION_STATE_ integer,
+ CONFIGURATION_ varchar(255),
+ TENANT_ID_ varchar(64),
+ CREATE_USER_ID_ varchar(255),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create index ACT_IDX_EXEC_ROOT_PI on ACT_RU_EXECUTION(ROOT_PROC_INST_ID_);
+create index ACT_IDX_EXEC_BUSKEY on ACT_RU_EXECUTION(BUSINESS_KEY_);
+create index ACT_IDX_EXEC_TENANT_ID on ACT_RU_EXECUTION(TENANT_ID_);
+create index ACT_IDX_TASK_CREATE on ACT_RU_TASK(CREATE_TIME_);
+create index ACT_IDX_TASK_ASSIGNEE on ACT_RU_TASK(ASSIGNEE_);
+create index ACT_IDX_TASK_TENANT_ID on ACT_RU_TASK(TENANT_ID_);
+create index ACT_IDX_IDENT_LNK_USER on ACT_RU_IDENTITYLINK(USER_ID_);
+create index ACT_IDX_IDENT_LNK_GROUP on ACT_RU_IDENTITYLINK(GROUP_ID_);
+create index ACT_IDX_EVENT_SUBSCR_CONFIG_ on ACT_RU_EVENT_SUBSCR(CONFIGURATION_);
+create index ACT_IDX_EVENT_SUBSCR_TENANT_ID on ACT_RU_EVENT_SUBSCR(TENANT_ID_);
+create index ACT_IDX_VARIABLE_TASK_ID on ACT_RU_VARIABLE(TASK_ID_);
+create index ACT_IDX_VARIABLE_TENANT_ID on ACT_RU_VARIABLE(TENANT_ID_);
+create index ACT_IDX_ATHRZ_PROCEDEF on ACT_RU_IDENTITYLINK(PROC_DEF_ID_);
+create index ACT_IDX_INC_CONFIGURATION on ACT_RU_INCIDENT(CONFIGURATION_);
+create index ACT_IDX_INC_TENANT_ID on ACT_RU_INCIDENT(TENANT_ID_);
+-- CAM-5914
+create index ACT_IDX_JOB_EXECUTION_ID on ACT_RU_JOB(EXECUTION_ID_);
+-- this index needs to be limited in mariadb see CAM-6938
+create index ACT_IDX_JOB_HANDLER on ACT_RU_JOB(HANDLER_TYPE_(100),HANDLER_CFG_(155));
+create index ACT_IDX_JOB_PROCINST on ACT_RU_JOB(PROCESS_INSTANCE_ID_);
+create index ACT_IDX_JOB_TENANT_ID on ACT_RU_JOB(TENANT_ID_);
+create index ACT_IDX_JOBDEF_TENANT_ID on ACT_RU_JOBDEF(TENANT_ID_);
+
+-- new metric milliseconds column
+CREATE INDEX ACT_IDX_METER_LOG_MS ON ACT_RU_METER_LOG(MILLISECONDS_);
+CREATE INDEX ACT_IDX_METER_LOG_NAME_MS ON ACT_RU_METER_LOG(NAME_, MILLISECONDS_);
+CREATE INDEX ACT_IDX_METER_LOG_REPORT ON ACT_RU_METER_LOG(NAME_, REPORTER_, MILLISECONDS_);
+
+-- old metric timestamp column
+CREATE INDEX ACT_IDX_METER_LOG_TIME ON ACT_RU_METER_LOG(TIMESTAMP_);
+CREATE INDEX ACT_IDX_METER_LOG ON ACT_RU_METER_LOG(NAME_, TIMESTAMP_);
+
+create index ACT_IDX_EXT_TASK_TOPIC on ACT_RU_EXT_TASK(TOPIC_NAME_);
+create index ACT_IDX_EXT_TASK_TENANT_ID on ACT_RU_EXT_TASK(TENANT_ID_);
+create index ACT_IDX_EXT_TASK_PRIORITY ON ACT_RU_EXT_TASK(PRIORITY_);
+create index ACT_IDX_EXT_TASK_ERR_DETAILS ON ACT_RU_EXT_TASK(ERROR_DETAILS_ID_);
+create index ACT_IDX_AUTH_GROUP_ID ON ACT_RU_AUTHORIZATION(GROUP_ID_);
+create index ACT_IDX_JOB_JOB_DEF_ID on ACT_RU_JOB(JOB_DEF_ID_);
+
+alter table ACT_GE_BYTEARRAY
+ add constraint ACT_FK_BYTEARR_DEPL
+ foreign key (DEPLOYMENT_ID_)
+ references ACT_RE_DEPLOYMENT (ID_);
+
+alter table ACT_RU_EXECUTION
+ add constraint ACT_FK_EXE_PROCINST
+ foreign key (PROC_INST_ID_)
+ references ACT_RU_EXECUTION (ID_) on delete cascade on update cascade;
+
+alter table ACT_RU_EXECUTION
+ add constraint ACT_FK_EXE_PARENT
+ foreign key (PARENT_ID_)
+ references ACT_RU_EXECUTION (ID_);
+
+alter table ACT_RU_EXECUTION
+ add constraint ACT_FK_EXE_SUPER
+ foreign key (SUPER_EXEC_)
+ references ACT_RU_EXECUTION (ID_);
+
+alter table ACT_RU_EXECUTION
+ add constraint ACT_FK_EXE_PROCDEF
+ foreign key (PROC_DEF_ID_)
+ references ACT_RE_PROCDEF (ID_);
+
+alter table ACT_RU_IDENTITYLINK
+ add constraint ACT_FK_TSKASS_TASK
+ foreign key (TASK_ID_)
+ references ACT_RU_TASK (ID_);
+
+alter table ACT_RU_IDENTITYLINK
+ add constraint ACT_FK_ATHRZ_PROCEDEF
+ foreign key (PROC_DEF_ID_)
+ references ACT_RE_PROCDEF(ID_);
+
+alter table ACT_RU_TASK
+ add constraint ACT_FK_TASK_EXE
+ foreign key (EXECUTION_ID_)
+ references ACT_RU_EXECUTION (ID_);
+
+alter table ACT_RU_TASK
+ add constraint ACT_FK_TASK_PROCINST
+ foreign key (PROC_INST_ID_)
+ references ACT_RU_EXECUTION (ID_);
+
+alter table ACT_RU_TASK
+ add constraint ACT_FK_TASK_PROCDEF
+ foreign key (PROC_DEF_ID_)
+ references ACT_RE_PROCDEF (ID_);
+
+alter table ACT_RU_VARIABLE
+ add constraint ACT_FK_VAR_EXE
+ foreign key (EXECUTION_ID_)
+ references ACT_RU_EXECUTION (ID_);
+
+alter table ACT_RU_VARIABLE
+ add constraint ACT_FK_VAR_PROCINST
+ foreign key (PROC_INST_ID_)
+ references ACT_RU_EXECUTION(ID_);
+
+alter table ACT_RU_VARIABLE
+ add constraint ACT_FK_VAR_BYTEARRAY
+ foreign key (BYTEARRAY_ID_)
+ references ACT_GE_BYTEARRAY (ID_);
+
+alter table ACT_RU_JOB
+ add constraint ACT_FK_JOB_EXCEPTION
+ foreign key (EXCEPTION_STACK_ID_)
+ references ACT_GE_BYTEARRAY (ID_);
+
+alter table ACT_RU_EVENT_SUBSCR
+ add constraint ACT_FK_EVENT_EXEC
+ foreign key (EXECUTION_ID_)
+ references ACT_RU_EXECUTION(ID_);
+
+alter table ACT_RU_INCIDENT
+ add constraint ACT_FK_INC_EXE
+ foreign key (EXECUTION_ID_)
+ references ACT_RU_EXECUTION (ID_);
+
+alter table ACT_RU_INCIDENT
+ add constraint ACT_FK_INC_PROCINST
+ foreign key (PROC_INST_ID_)
+ references ACT_RU_EXECUTION (ID_);
+
+alter table ACT_RU_INCIDENT
+ add constraint ACT_FK_INC_PROCDEF
+ foreign key (PROC_DEF_ID_)
+ references ACT_RE_PROCDEF (ID_);
+
+alter table ACT_RU_INCIDENT
+ add constraint ACT_FK_INC_CAUSE
+ foreign key (CAUSE_INCIDENT_ID_)
+ references ACT_RU_INCIDENT (ID_) on delete cascade on update cascade;
+
+alter table ACT_RU_INCIDENT
+ add constraint ACT_FK_INC_RCAUSE
+ foreign key (ROOT_CAUSE_INCIDENT_ID_)
+ references ACT_RU_INCIDENT (ID_) on delete cascade on update cascade;
+
+alter table ACT_RU_EXT_TASK
+ add constraint ACT_FK_EXT_TASK_ERROR_DETAILS
+ foreign key (ERROR_DETAILS_ID_)
+ references ACT_GE_BYTEARRAY (ID_);
+
+create index ACT_IDX_INC_JOB_DEF on ACT_RU_INCIDENT(JOB_DEF_ID_);
+alter table ACT_RU_INCIDENT
+ add constraint ACT_FK_INC_JOB_DEF
+ foreign key (JOB_DEF_ID_)
+ references ACT_RU_JOBDEF (ID_);
+
+alter table ACT_RU_AUTHORIZATION
+ add constraint ACT_UNIQ_AUTH_USER
+ unique (USER_ID_,TYPE_,RESOURCE_TYPE_,RESOURCE_ID_);
+
+alter table ACT_RU_AUTHORIZATION
+ add constraint ACT_UNIQ_AUTH_GROUP
+ unique (GROUP_ID_,TYPE_,RESOURCE_TYPE_,RESOURCE_ID_);
+
+alter table ACT_RU_VARIABLE
+ add constraint ACT_UNIQ_VARIABLE
+ unique (VAR_SCOPE_, NAME_);
+
+alter table ACT_RU_EXT_TASK
+ add constraint ACT_FK_EXT_TASK_EXE
+ foreign key (EXECUTION_ID_)
+ references ACT_RU_EXECUTION (ID_);
+
+create index ACT_IDX_BATCH_SEED_JOB_DEF ON ACT_RU_BATCH(SEED_JOB_DEF_ID_);
+alter table ACT_RU_BATCH
+ add constraint ACT_FK_BATCH_SEED_JOB_DEF
+ foreign key (SEED_JOB_DEF_ID_)
+ references ACT_RU_JOBDEF (ID_);
+
+create index ACT_IDX_BATCH_MONITOR_JOB_DEF ON ACT_RU_BATCH(MONITOR_JOB_DEF_ID_);
+alter table ACT_RU_BATCH
+ add constraint ACT_FK_BATCH_MONITOR_JOB_DEF
+ foreign key (MONITOR_JOB_DEF_ID_)
+ references ACT_RU_JOBDEF (ID_);
+
+create index ACT_IDX_BATCH_JOB_DEF ON ACT_RU_BATCH(BATCH_JOB_DEF_ID_);
+alter table ACT_RU_BATCH
+ add constraint ACT_FK_BATCH_JOB_DEF
+ foreign key (BATCH_JOB_DEF_ID_)
+ references ACT_RU_JOBDEF (ID_);
+
+-- indexes for deadlock problems - https://app.camunda.com/jira/browse/CAM-2567 --
+create index ACT_IDX_INC_CAUSEINCID on ACT_RU_INCIDENT(CAUSE_INCIDENT_ID_);
+create index ACT_IDX_INC_EXID on ACT_RU_INCIDENT(EXECUTION_ID_);
+create index ACT_IDX_INC_PROCDEFID on ACT_RU_INCIDENT(PROC_DEF_ID_);
+create index ACT_IDX_INC_PROCINSTID on ACT_RU_INCIDENT(PROC_INST_ID_);
+create index ACT_IDX_INC_ROOTCAUSEINCID on ACT_RU_INCIDENT(ROOT_CAUSE_INCIDENT_ID_);
+-- index for deadlock problem - https://app.camunda.com/jira/browse/CAM-4440 --
+create index ACT_IDX_AUTH_RESOURCE_ID on ACT_RU_AUTHORIZATION(RESOURCE_ID_);
+-- index to prevent deadlock on fk constraint - https://app.camunda.com/jira/browse/CAM-5440 --
+create index ACT_IDX_EXT_TASK_EXEC on ACT_RU_EXT_TASK(EXECUTION_ID_);
+
+-- indexes to improve deployment
+create index ACT_IDX_BYTEARRAY_ROOT_PI on ACT_GE_BYTEARRAY(ROOT_PROC_INST_ID_);
+create index ACT_IDX_BYTEARRAY_RM_TIME on ACT_GE_BYTEARRAY(REMOVAL_TIME_);
+create index ACT_IDX_BYTEARRAY_NAME on ACT_GE_BYTEARRAY(NAME_);
+create index ACT_IDX_DEPLOYMENT_NAME on ACT_RE_DEPLOYMENT(NAME_);
+create index ACT_IDX_DEPLOYMENT_TENANT_ID on ACT_RE_DEPLOYMENT(TENANT_ID_);
+create index ACT_IDX_JOBDEF_PROC_DEF_ID ON ACT_RU_JOBDEF(PROC_DEF_ID_);
+create index ACT_IDX_JOB_HANDLER_TYPE ON ACT_RU_JOB(HANDLER_TYPE_);
+create index ACT_IDX_EVENT_SUBSCR_EVT_NAME ON ACT_RU_EVENT_SUBSCR(EVENT_NAME_);
+create index ACT_IDX_PROCDEF_DEPLOYMENT_ID ON ACT_RE_PROCDEF(DEPLOYMENT_ID_);
+create index ACT_IDX_PROCDEF_TENANT_ID ON ACT_RE_PROCDEF(TENANT_ID_);
+create index ACT_IDX_PROCDEF_VER_TAG ON ACT_RE_PROCDEF(VERSION_TAG_);
+--
+-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com)
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+--
+
+-- create case definition table --
+create table ACT_RE_CASE_DEF (
+ ID_ varchar(64) not null,
+ REV_ integer,
+ CATEGORY_ varchar(255),
+ NAME_ varchar(255),
+ KEY_ varchar(255) not null,
+ VERSION_ integer not null,
+ DEPLOYMENT_ID_ varchar(64),
+ RESOURCE_NAME_ varchar(4000),
+ DGRM_RESOURCE_NAME_ varchar(4000),
+ TENANT_ID_ varchar(64),
+ HISTORY_TTL_ integer,
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+-- create case execution table --
+create table ACT_RU_CASE_EXECUTION (
+ ID_ varchar(64) NOT NULL,
+ REV_ integer,
+ CASE_INST_ID_ varchar(64),
+ SUPER_CASE_EXEC_ varchar(64),
+ SUPER_EXEC_ varchar(64),
+ BUSINESS_KEY_ varchar(255),
+ PARENT_ID_ varchar(64),
+ CASE_DEF_ID_ varchar(64),
+ ACT_ID_ varchar(255),
+ PREV_STATE_ integer,
+ CURRENT_STATE_ integer,
+ REQUIRED_ boolean,
+ TENANT_ID_ varchar(64),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+-- create case sentry part table --
+
+create table ACT_RU_CASE_SENTRY_PART (
+ ID_ varchar(64) NOT NULL,
+ REV_ integer,
+ CASE_INST_ID_ varchar(64),
+ CASE_EXEC_ID_ varchar(64),
+ SENTRY_ID_ varchar(255),
+ TYPE_ varchar(255),
+ SOURCE_CASE_EXEC_ID_ varchar(64),
+ STANDARD_EVENT_ varchar(255),
+ SOURCE_ varchar(255),
+ VARIABLE_EVENT_ varchar(255),
+ VARIABLE_NAME_ varchar(255),
+ SATISFIED_ boolean,
+ TENANT_ID_ varchar(64),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+-- create index on business key --
+create index ACT_IDX_CASE_EXEC_BUSKEY on ACT_RU_CASE_EXECUTION(BUSINESS_KEY_);
+
+-- https://app.camunda.com/jira/browse/CAM-9165
+create index ACT_IDX_CASE_EXE_CASE_INST on ACT_RU_CASE_EXECUTION(CASE_INST_ID_);
+
+-- create foreign key constraints on ACT_RU_CASE_EXECUTION --
+alter table ACT_RU_CASE_EXECUTION
+ add constraint ACT_FK_CASE_EXE_CASE_INST
+ foreign key (CASE_INST_ID_)
+ references ACT_RU_CASE_EXECUTION(ID_) on delete cascade on update cascade;
+
+alter table ACT_RU_CASE_EXECUTION
+ add constraint ACT_FK_CASE_EXE_PARENT
+ foreign key (PARENT_ID_)
+ references ACT_RU_CASE_EXECUTION(ID_);
+
+alter table ACT_RU_CASE_EXECUTION
+ add constraint ACT_FK_CASE_EXE_CASE_DEF
+ foreign key (CASE_DEF_ID_)
+ references ACT_RE_CASE_DEF(ID_);
+
+-- create foreign key constraints on ACT_RU_VARIABLE --
+alter table ACT_RU_VARIABLE
+ add constraint ACT_FK_VAR_CASE_EXE
+ foreign key (CASE_EXECUTION_ID_)
+ references ACT_RU_CASE_EXECUTION(ID_);
+
+alter table ACT_RU_VARIABLE
+ add constraint ACT_FK_VAR_CASE_INST
+ foreign key (CASE_INST_ID_)
+ references ACT_RU_CASE_EXECUTION(ID_);
+
+-- create foreign key constraints on ACT_RU_TASK --
+alter table ACT_RU_TASK
+ add constraint ACT_FK_TASK_CASE_EXE
+ foreign key (CASE_EXECUTION_ID_)
+ references ACT_RU_CASE_EXECUTION(ID_);
+
+alter table ACT_RU_TASK
+ add constraint ACT_FK_TASK_CASE_DEF
+ foreign key (CASE_DEF_ID_)
+ references ACT_RE_CASE_DEF(ID_);
+
+-- create foreign key constraints on ACT_RU_CASE_SENTRY_PART --
+alter table ACT_RU_CASE_SENTRY_PART
+ add constraint ACT_FK_CASE_SENTRY_CASE_INST
+ foreign key (CASE_INST_ID_)
+ references ACT_RU_CASE_EXECUTION(ID_);
+
+alter table ACT_RU_CASE_SENTRY_PART
+ add constraint ACT_FK_CASE_SENTRY_CASE_EXEC
+ foreign key (CASE_EXEC_ID_)
+ references ACT_RU_CASE_EXECUTION(ID_);
+
+create index ACT_IDX_CASE_DEF_TENANT_ID on ACT_RE_CASE_DEF(TENANT_ID_);
+create index ACT_IDX_CASE_EXEC_TENANT_ID on ACT_RU_CASE_EXECUTION(TENANT_ID_);
+--
+-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com)
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+--
+
+-- create decision definition table --
+create table ACT_RE_DECISION_DEF (
+ ID_ varchar(64) not null,
+ REV_ integer,
+ CATEGORY_ varchar(255),
+ NAME_ varchar(255),
+ KEY_ varchar(255) not null,
+ VERSION_ integer not null,
+ DEPLOYMENT_ID_ varchar(64),
+ RESOURCE_NAME_ varchar(4000),
+ DGRM_RESOURCE_NAME_ varchar(4000),
+ DEC_REQ_ID_ varchar(64),
+ DEC_REQ_KEY_ varchar(255),
+ TENANT_ID_ varchar(64),
+ HISTORY_TTL_ integer,
+ VERSION_TAG_ varchar(64),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+-- create decision requirements definition table --
+create table ACT_RE_DECISION_REQ_DEF (
+ ID_ varchar(64) NOT NULL,
+ REV_ integer,
+ CATEGORY_ varchar(255),
+ NAME_ varchar(255),
+ KEY_ varchar(255) NOT NULL,
+ VERSION_ integer NOT NULL,
+ DEPLOYMENT_ID_ varchar(64),
+ RESOURCE_NAME_ varchar(4000),
+ DGRM_RESOURCE_NAME_ varchar(4000),
+ TENANT_ID_ varchar(64),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+alter table ACT_RE_DECISION_DEF
+ add constraint ACT_FK_DEC_REQ
+ foreign key (DEC_REQ_ID_)
+ references ACT_RE_DECISION_REQ_DEF(ID_);
+
+create index ACT_IDX_DEC_DEF_TENANT_ID on ACT_RE_DECISION_DEF(TENANT_ID_);
+create index ACT_IDX_DEC_DEF_REQ_ID on ACT_RE_DECISION_DEF(DEC_REQ_ID_);
+create index ACT_IDX_DEC_REQ_DEF_TENANT_ID on ACT_RE_DECISION_REQ_DEF(TENANT_ID_);
+--
+-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com)
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+--
+
+create table ACT_HI_PROCINST (
+ ID_ varchar(64) not null,
+ PROC_INST_ID_ varchar(64) not null,
+ BUSINESS_KEY_ varchar(255),
+ PROC_DEF_KEY_ varchar(255),
+ PROC_DEF_ID_ varchar(64) not null,
+ START_TIME_ datetime(3) not null,
+ END_TIME_ datetime(3),
+ REMOVAL_TIME_ datetime(3),
+ DURATION_ bigint,
+ START_USER_ID_ varchar(255),
+ START_ACT_ID_ varchar(255),
+ END_ACT_ID_ varchar(255),
+ SUPER_PROCESS_INSTANCE_ID_ varchar(64),
+ ROOT_PROC_INST_ID_ varchar(64),
+ SUPER_CASE_INSTANCE_ID_ varchar(64),
+ CASE_INST_ID_ varchar(64),
+ DELETE_REASON_ varchar(4000),
+ TENANT_ID_ varchar(64),
+ STATE_ varchar(255),
+ primary key (ID_),
+ unique (PROC_INST_ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_HI_ACTINST (
+ ID_ varchar(64) not null,
+ PARENT_ACT_INST_ID_ varchar(64),
+ PROC_DEF_KEY_ varchar(255),
+ PROC_DEF_ID_ varchar(64) not null,
+ ROOT_PROC_INST_ID_ varchar(64),
+ PROC_INST_ID_ varchar(64) not null,
+ EXECUTION_ID_ varchar(64) not null,
+ ACT_ID_ varchar(255) not null,
+ TASK_ID_ varchar(64),
+ CALL_PROC_INST_ID_ varchar(64),
+ CALL_CASE_INST_ID_ varchar(64),
+ ACT_NAME_ varchar(255),
+ ACT_TYPE_ varchar(255) not null,
+ ASSIGNEE_ varchar(64),
+ START_TIME_ datetime(3) not null,
+ END_TIME_ datetime(3),
+ DURATION_ bigint,
+ ACT_INST_STATE_ integer,
+ SEQUENCE_COUNTER_ bigint,
+ TENANT_ID_ varchar(64),
+ REMOVAL_TIME_ datetime(3),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_HI_TASKINST (
+ ID_ varchar(64) not null,
+ TASK_DEF_KEY_ varchar(255),
+ PROC_DEF_KEY_ varchar(255),
+ PROC_DEF_ID_ varchar(64),
+ ROOT_PROC_INST_ID_ varchar(64),
+ PROC_INST_ID_ varchar(64),
+ EXECUTION_ID_ varchar(64),
+ CASE_DEF_KEY_ varchar(255),
+ CASE_DEF_ID_ varchar(64),
+ CASE_INST_ID_ varchar(64),
+ CASE_EXECUTION_ID_ varchar(64),
+ ACT_INST_ID_ varchar(64),
+ NAME_ varchar(255),
+ PARENT_TASK_ID_ varchar(64),
+ DESCRIPTION_ varchar(4000),
+ OWNER_ varchar(255),
+ ASSIGNEE_ varchar(255),
+ START_TIME_ datetime(3) not null,
+ END_TIME_ datetime(3),
+ DURATION_ bigint,
+ DELETE_REASON_ varchar(4000),
+ PRIORITY_ integer,
+ DUE_DATE_ datetime(3),
+ FOLLOW_UP_DATE_ datetime(3),
+ TENANT_ID_ varchar(64),
+ REMOVAL_TIME_ datetime(3),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_HI_VARINST (
+ ID_ varchar(64) not null,
+ PROC_DEF_KEY_ varchar(255),
+ PROC_DEF_ID_ varchar(64),
+ ROOT_PROC_INST_ID_ varchar(64),
+ PROC_INST_ID_ varchar(64),
+ EXECUTION_ID_ varchar(64),
+ ACT_INST_ID_ varchar(64),
+ CASE_DEF_KEY_ varchar(255),
+ CASE_DEF_ID_ varchar(64),
+ CASE_INST_ID_ varchar(64),
+ CASE_EXECUTION_ID_ varchar(64),
+ TASK_ID_ varchar(64),
+ NAME_ varchar(255) not null,
+ VAR_TYPE_ varchar(100),
+ CREATE_TIME_ datetime(3),
+ REV_ integer,
+ BYTEARRAY_ID_ varchar(64),
+ DOUBLE_ double,
+ LONG_ bigint,
+ TEXT_ LONGBLOB,
+ TEXT2_ LONGBLOB,
+ TENANT_ID_ varchar(64),
+ STATE_ varchar(20),
+ REMOVAL_TIME_ datetime(3),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_HI_DETAIL (
+ ID_ varchar(64) not null,
+ TYPE_ varchar(255) not null,
+ PROC_DEF_KEY_ varchar(255),
+ PROC_DEF_ID_ varchar(64),
+ ROOT_PROC_INST_ID_ varchar(64),
+ PROC_INST_ID_ varchar(64),
+ EXECUTION_ID_ varchar(64),
+ CASE_DEF_KEY_ varchar(255),
+ CASE_DEF_ID_ varchar(64),
+ CASE_INST_ID_ varchar(64),
+ CASE_EXECUTION_ID_ varchar(64),
+ TASK_ID_ varchar(64),
+ ACT_INST_ID_ varchar(64),
+ VAR_INST_ID_ varchar(64),
+ NAME_ varchar(255) not null,
+ VAR_TYPE_ varchar(255),
+ REV_ integer,
+ TIME_ datetime(3) not null,
+ BYTEARRAY_ID_ varchar(64),
+ DOUBLE_ double,
+ LONG_ bigint,
+ TEXT_ LONGBLOB,
+ TEXT2_ LONGBLOB,
+ SEQUENCE_COUNTER_ bigint,
+ TENANT_ID_ varchar(64),
+ OPERATION_ID_ varchar(64),
+ REMOVAL_TIME_ datetime(3),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_HI_IDENTITYLINK (
+ ID_ varchar(64) not null,
+ TIMESTAMP_ timestamp(3) not null,
+ TYPE_ varchar(255),
+ USER_ID_ varchar(255),
+ GROUP_ID_ varchar(255),
+ TASK_ID_ varchar(64),
+ ROOT_PROC_INST_ID_ varchar(64),
+ PROC_DEF_ID_ varchar(64),
+ OPERATION_TYPE_ varchar(64),
+ ASSIGNER_ID_ varchar(64),
+ PROC_DEF_KEY_ varchar(255),
+ TENANT_ID_ varchar(64),
+ REMOVAL_TIME_ datetime(3),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_HI_COMMENT (
+ ID_ varchar(64) not null,
+ TYPE_ varchar(255),
+ TIME_ datetime(3) not null,
+ USER_ID_ varchar(255),
+ TASK_ID_ varchar(64),
+ ROOT_PROC_INST_ID_ varchar(64),
+ PROC_INST_ID_ varchar(64),
+ ACTION_ varchar(255),
+ MESSAGE_ varchar(4000),
+ FULL_MSG_ LONGBLOB,
+ TENANT_ID_ varchar(64),
+ REMOVAL_TIME_ datetime(3),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_HI_ATTACHMENT (
+ ID_ varchar(64) not null,
+ REV_ integer,
+ USER_ID_ varchar(255),
+ NAME_ varchar(255),
+ DESCRIPTION_ varchar(4000),
+ TYPE_ varchar(255),
+ TASK_ID_ varchar(64),
+ ROOT_PROC_INST_ID_ varchar(64),
+ PROC_INST_ID_ varchar(64),
+ URL_ varchar(4000),
+ CONTENT_ID_ varchar(64),
+ TENANT_ID_ varchar(64),
+ CREATE_TIME_ datetime(3),
+ REMOVAL_TIME_ datetime(3),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_HI_OP_LOG (
+ ID_ varchar(64) not null,
+ DEPLOYMENT_ID_ varchar(64),
+ PROC_DEF_ID_ varchar(64),
+ PROC_DEF_KEY_ varchar(255),
+ ROOT_PROC_INST_ID_ varchar(64),
+ PROC_INST_ID_ varchar(64),
+ EXECUTION_ID_ varchar(64),
+ CASE_DEF_ID_ varchar(64),
+ CASE_INST_ID_ varchar(64),
+ CASE_EXECUTION_ID_ varchar(64),
+ TASK_ID_ varchar(64),
+ JOB_ID_ varchar(64),
+ JOB_DEF_ID_ varchar(64),
+ BATCH_ID_ varchar(64),
+ USER_ID_ varchar(255),
+ TIMESTAMP_ timestamp(3) not null,
+ OPERATION_TYPE_ varchar(64),
+ OPERATION_ID_ varchar(64),
+ ENTITY_TYPE_ varchar(30),
+ PROPERTY_ varchar(64),
+ ORG_VALUE_ varchar(4000),
+ NEW_VALUE_ varchar(4000),
+ TENANT_ID_ varchar(64),
+ REMOVAL_TIME_ datetime(3),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_HI_INCIDENT (
+ ID_ varchar(64) not null,
+ PROC_DEF_KEY_ varchar(255),
+ PROC_DEF_ID_ varchar(64),
+ ROOT_PROC_INST_ID_ varchar(64),
+ PROC_INST_ID_ varchar(64),
+ EXECUTION_ID_ varchar(64),
+ CREATE_TIME_ timestamp(3) not null,
+ END_TIME_ timestamp(3) null,
+ INCIDENT_MSG_ varchar(4000),
+ INCIDENT_TYPE_ varchar(255) not null,
+ ACTIVITY_ID_ varchar(255),
+ CAUSE_INCIDENT_ID_ varchar(64),
+ ROOT_CAUSE_INCIDENT_ID_ varchar(64),
+ CONFIGURATION_ varchar(255),
+ INCIDENT_STATE_ integer,
+ TENANT_ID_ varchar(64),
+ JOB_DEF_ID_ varchar(64),
+ REMOVAL_TIME_ datetime(3),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_HI_JOB_LOG (
+ ID_ varchar(64) not null,
+ TIMESTAMP_ timestamp(3) not null,
+ JOB_ID_ varchar(64) not null,
+ JOB_DUEDATE_ timestamp(3) NULL,
+ JOB_RETRIES_ integer,
+ JOB_PRIORITY_ bigint NOT NULL DEFAULT 0,
+ JOB_EXCEPTION_MSG_ varchar(4000),
+ JOB_EXCEPTION_STACK_ID_ varchar(64),
+ JOB_STATE_ integer,
+ JOB_DEF_ID_ varchar(64),
+ JOB_DEF_TYPE_ varchar(255),
+ JOB_DEF_CONFIGURATION_ varchar(255),
+ ACT_ID_ varchar(255),
+ ROOT_PROC_INST_ID_ varchar(64),
+ EXECUTION_ID_ varchar(64),
+ PROCESS_INSTANCE_ID_ varchar(64),
+ PROCESS_DEF_ID_ varchar(64),
+ PROCESS_DEF_KEY_ varchar(255),
+ DEPLOYMENT_ID_ varchar(64),
+ SEQUENCE_COUNTER_ bigint,
+ TENANT_ID_ varchar(64),
+ REMOVAL_TIME_ datetime(3),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_HI_BATCH (
+ ID_ varchar(64) not null,
+ TYPE_ varchar(255),
+ TOTAL_JOBS_ integer,
+ JOBS_PER_SEED_ integer,
+ INVOCATIONS_PER_JOB_ integer,
+ SEED_JOB_DEF_ID_ varchar(64),
+ MONITOR_JOB_DEF_ID_ varchar(64),
+ BATCH_JOB_DEF_ID_ varchar(64),
+ TENANT_ID_ varchar(64),
+ CREATE_USER_ID_ varchar(255),
+ START_TIME_ datetime(3) not null,
+ END_TIME_ datetime(3),
+ REMOVAL_TIME_ datetime(3),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_HI_EXT_TASK_LOG (
+ ID_ varchar(64) not null,
+ TIMESTAMP_ timestamp(3) not null,
+ EXT_TASK_ID_ varchar(64) not null,
+ RETRIES_ integer,
+ TOPIC_NAME_ varchar(255),
+ WORKER_ID_ varchar(255),
+ PRIORITY_ bigint NOT NULL DEFAULT 0,
+ ERROR_MSG_ varchar(4000),
+ ERROR_DETAILS_ID_ varchar(64),
+ ACT_ID_ varchar(255),
+ ACT_INST_ID_ varchar(64),
+ EXECUTION_ID_ varchar(64),
+ ROOT_PROC_INST_ID_ varchar(64),
+ PROC_INST_ID_ varchar(64),
+ PROC_DEF_ID_ varchar(64),
+ PROC_DEF_KEY_ varchar(255),
+ TENANT_ID_ varchar(64),
+ STATE_ integer,
+ REMOVAL_TIME_ datetime(3),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create index ACT_IDX_HI_PRO_INST_END on ACT_HI_PROCINST(END_TIME_);
+create index ACT_IDX_HI_PRO_I_BUSKEY on ACT_HI_PROCINST(BUSINESS_KEY_);
+create index ACT_IDX_HI_PRO_INST_TENANT_ID on ACT_HI_PROCINST(TENANT_ID_);
+create index ACT_IDX_HI_PRO_INST_PROC_DEF_KEY on ACT_HI_PROCINST(PROC_DEF_KEY_);
+create index ACT_IDX_HI_PRO_INST_PROC_TIME on ACT_HI_PROCINST(START_TIME_, END_TIME_);
+create index ACT_IDX_HI_PI_PDEFID_END_TIME on ACT_HI_PROCINST(PROC_DEF_ID_, END_TIME_);
+create index ACT_IDX_HI_PRO_INST_ROOT_PI on ACT_HI_PROCINST(ROOT_PROC_INST_ID_);
+create index ACT_IDX_HI_PRO_INST_RM_TIME on ACT_HI_PROCINST(REMOVAL_TIME_);
+
+create index ACT_IDX_HI_ACTINST_ROOT_PI on ACT_HI_ACTINST(ROOT_PROC_INST_ID_);
+create index ACT_IDX_HI_ACT_INST_START on ACT_HI_ACTINST(START_TIME_);
+create index ACT_IDX_HI_ACT_INST_END on ACT_HI_ACTINST(END_TIME_);
+create index ACT_IDX_HI_ACT_INST_PROCINST on ACT_HI_ACTINST(PROC_INST_ID_, ACT_ID_);
+create index ACT_IDX_HI_ACT_INST_COMP on ACT_HI_ACTINST(EXECUTION_ID_, ACT_ID_, END_TIME_, ID_);
+create index ACT_IDX_HI_ACT_INST_STATS on ACT_HI_ACTINST(PROC_DEF_ID_, PROC_INST_ID_, ACT_ID_, END_TIME_, ACT_INST_STATE_);
+create index ACT_IDX_HI_ACT_INST_TENANT_ID on ACT_HI_ACTINST(TENANT_ID_);
+create index ACT_IDX_HI_ACT_INST_PROC_DEF_KEY on ACT_HI_ACTINST(PROC_DEF_KEY_);
+create index ACT_IDX_HI_AI_PDEFID_END_TIME on ACT_HI_ACTINST(PROC_DEF_ID_, END_TIME_);
+create index ACT_IDX_HI_ACT_INST_RM_TIME on ACT_HI_ACTINST(REMOVAL_TIME_);
+
+create index ACT_IDX_HI_TASKINST_ROOT_PI on ACT_HI_TASKINST(ROOT_PROC_INST_ID_);
+create index ACT_IDX_HI_TASK_INST_TENANT_ID on ACT_HI_TASKINST(TENANT_ID_);
+create index ACT_IDX_HI_TASK_INST_PROC_DEF_KEY on ACT_HI_TASKINST(PROC_DEF_KEY_);
+create index ACT_IDX_HI_TASKINST_PROCINST on ACT_HI_TASKINST(PROC_INST_ID_);
+create index ACT_IDX_HI_TASKINSTID_PROCINST on ACT_HI_TASKINST(ID_,PROC_INST_ID_);
+create index ACT_IDX_HI_TASK_INST_RM_TIME on ACT_HI_TASKINST(REMOVAL_TIME_);
+create index ACT_IDX_HI_TASK_INST_START on ACT_HI_TASKINST(START_TIME_);
+create index ACT_IDX_HI_TASK_INST_END on ACT_HI_TASKINST(END_TIME_);
+
+create index ACT_IDX_HI_DETAIL_ROOT_PI on ACT_HI_DETAIL(ROOT_PROC_INST_ID_);
+create index ACT_IDX_HI_DETAIL_PROC_INST on ACT_HI_DETAIL(PROC_INST_ID_);
+create index ACT_IDX_HI_DETAIL_ACT_INST on ACT_HI_DETAIL(ACT_INST_ID_);
+create index ACT_IDX_HI_DETAIL_CASE_INST on ACT_HI_DETAIL(CASE_INST_ID_);
+create index ACT_IDX_HI_DETAIL_CASE_EXEC on ACT_HI_DETAIL(CASE_EXECUTION_ID_);
+create index ACT_IDX_HI_DETAIL_TIME on ACT_HI_DETAIL(TIME_);
+create index ACT_IDX_HI_DETAIL_NAME on ACT_HI_DETAIL(NAME_);
+create index ACT_IDX_HI_DETAIL_TASK_ID on ACT_HI_DETAIL(TASK_ID_);
+create index ACT_IDX_HI_DETAIL_TENANT_ID on ACT_HI_DETAIL(TENANT_ID_);
+create index ACT_IDX_HI_DETAIL_PROC_DEF_KEY on ACT_HI_DETAIL(PROC_DEF_KEY_);
+create index ACT_IDX_HI_DETAIL_BYTEAR on ACT_HI_DETAIL(BYTEARRAY_ID_);
+create index ACT_IDX_HI_DETAIL_RM_TIME on ACT_HI_DETAIL(REMOVAL_TIME_);
+create index ACT_IDX_HI_DETAIL_TASK_BYTEAR on ACT_HI_DETAIL(BYTEARRAY_ID_, TASK_ID_);
+
+create index ACT_IDX_HI_IDENT_LNK_ROOT_PI on ACT_HI_IDENTITYLINK(ROOT_PROC_INST_ID_);
+create index ACT_IDX_HI_IDENT_LNK_USER on ACT_HI_IDENTITYLINK(USER_ID_);
+create index ACT_IDX_HI_IDENT_LNK_GROUP on ACT_HI_IDENTITYLINK(GROUP_ID_);
+create index ACT_IDX_HI_IDENT_LNK_TENANT_ID on ACT_HI_IDENTITYLINK(TENANT_ID_);
+create index ACT_IDX_HI_IDENT_LNK_PROC_DEF_KEY on ACT_HI_IDENTITYLINK(PROC_DEF_KEY_);
+create index ACT_IDX_HI_IDENT_LINK_TASK on ACT_HI_IDENTITYLINK(TASK_ID_);
+create index ACT_IDX_HI_IDENT_LINK_RM_TIME on ACT_HI_IDENTITYLINK(REMOVAL_TIME_);
+
+create index ACT_IDX_HI_VARINST_ROOT_PI on ACT_HI_VARINST(ROOT_PROC_INST_ID_);
+create index ACT_IDX_HI_PROCVAR_PROC_INST on ACT_HI_VARINST(PROC_INST_ID_);
+create index ACT_IDX_HI_PROCVAR_NAME_TYPE on ACT_HI_VARINST(NAME_, VAR_TYPE_);
+create index ACT_IDX_HI_CASEVAR_CASE_INST on ACT_HI_VARINST(CASE_INST_ID_);
+create index ACT_IDX_HI_VAR_INST_TENANT_ID on ACT_HI_VARINST(TENANT_ID_);
+create index ACT_IDX_HI_VAR_INST_PROC_DEF_KEY on ACT_HI_VARINST(PROC_DEF_KEY_);
+create index ACT_IDX_HI_VARINST_BYTEAR on ACT_HI_VARINST(BYTEARRAY_ID_);
+create index ACT_IDX_HI_VARINST_RM_TIME on ACT_HI_VARINST(REMOVAL_TIME_);
+
+create index ACT_IDX_HI_INCIDENT_TENANT_ID on ACT_HI_INCIDENT(TENANT_ID_);
+create index ACT_IDX_HI_INCIDENT_PROC_DEF_KEY on ACT_HI_INCIDENT(PROC_DEF_KEY_);
+create index ACT_IDX_HI_INCIDENT_ROOT_PI on ACT_HI_INCIDENT(ROOT_PROC_INST_ID_);
+create index ACT_IDX_HI_INCIDENT_PROCINST on ACT_HI_INCIDENT(PROC_INST_ID_);
+create index ACT_IDX_HI_INCIDENT_RM_TIME on ACT_HI_INCIDENT(REMOVAL_TIME_);
+
+create index ACT_IDX_HI_JOB_LOG_ROOT_PI on ACT_HI_JOB_LOG(ROOT_PROC_INST_ID_);
+create index ACT_IDX_HI_JOB_LOG_PROCINST on ACT_HI_JOB_LOG(PROCESS_INSTANCE_ID_);
+create index ACT_IDX_HI_JOB_LOG_PROCDEF on ACT_HI_JOB_LOG(PROCESS_DEF_ID_);
+create index ACT_IDX_HI_JOB_LOG_TENANT_ID on ACT_HI_JOB_LOG(TENANT_ID_);
+create index ACT_IDX_HI_JOB_LOG_JOB_DEF_ID on ACT_HI_JOB_LOG(JOB_DEF_ID_);
+create index ACT_IDX_HI_JOB_LOG_PROC_DEF_KEY on ACT_HI_JOB_LOG(PROCESS_DEF_KEY_);
+create index ACT_IDX_HI_JOB_LOG_EX_STACK on ACT_HI_JOB_LOG(JOB_EXCEPTION_STACK_ID_);
+create index ACT_IDX_HI_JOB_LOG_RM_TIME on ACT_HI_JOB_LOG(REMOVAL_TIME_);
+
+create index ACT_HI_BAT_RM_TIME on ACT_HI_BATCH(REMOVAL_TIME_);
+
+create index ACT_HI_EXT_TASK_LOG_ROOT_PI on ACT_HI_EXT_TASK_LOG(ROOT_PROC_INST_ID_);
+create index ACT_HI_EXT_TASK_LOG_PROCINST on ACT_HI_EXT_TASK_LOG(PROC_INST_ID_);
+create index ACT_HI_EXT_TASK_LOG_PROCDEF on ACT_HI_EXT_TASK_LOG(PROC_DEF_ID_);
+create index ACT_HI_EXT_TASK_LOG_PROC_DEF_KEY on ACT_HI_EXT_TASK_LOG(PROC_DEF_KEY_);
+create index ACT_HI_EXT_TASK_LOG_TENANT_ID on ACT_HI_EXT_TASK_LOG(TENANT_ID_);
+create index ACT_IDX_HI_EXTTASKLOG_ERRORDET on ACT_HI_EXT_TASK_LOG(ERROR_DETAILS_ID_);
+create index ACT_HI_EXT_TASK_LOG_RM_TIME on ACT_HI_EXT_TASK_LOG(REMOVAL_TIME_);
+
+create index ACT_IDX_HI_OP_LOG_ROOT_PI on ACT_HI_OP_LOG(ROOT_PROC_INST_ID_);
+create index ACT_IDX_HI_OP_LOG_PROCINST on ACT_HI_OP_LOG(PROC_INST_ID_);
+create index ACT_IDX_HI_OP_LOG_PROCDEF on ACT_HI_OP_LOG(PROC_DEF_ID_);
+create index ACT_IDX_HI_OP_LOG_TASK on ACT_HI_OP_LOG(TASK_ID_);
+create index ACT_IDX_HI_OP_LOG_RM_TIME on ACT_HI_OP_LOG(REMOVAL_TIME_);
+create index ACT_IDX_HI_OP_LOG_TIMESTAMP on ACT_HI_OP_LOG(TIMESTAMP_);
+
+create index ACT_IDX_HI_COMMENT_TASK on ACT_HI_COMMENT(TASK_ID_);
+create index ACT_IDX_HI_COMMENT_ROOT_PI on ACT_HI_COMMENT(ROOT_PROC_INST_ID_);
+create index ACT_IDX_HI_COMMENT_PROCINST on ACT_HI_COMMENT(PROC_INST_ID_);
+create index ACT_IDX_HI_COMMENT_RM_TIME on ACT_HI_COMMENT(REMOVAL_TIME_);
+
+create index ACT_IDX_HI_ATTACHMENT_CONTENT on ACT_HI_ATTACHMENT(CONTENT_ID_);
+create index ACT_IDX_HI_ATTACHMENT_ROOT_PI on ACT_HI_ATTACHMENT(ROOT_PROC_INST_ID_);
+create index ACT_IDX_HI_ATTACHMENT_PROCINST on ACT_HI_ATTACHMENT(PROC_INST_ID_);
+create index ACT_IDX_HI_ATTACHMENT_TASK on ACT_HI_ATTACHMENT(TASK_ID_);
+create index ACT_IDX_HI_ATTACHMENT_RM_TIME on ACT_HI_ATTACHMENT(REMOVAL_TIME_);
+--
+-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com)
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+--
+
+create table ACT_HI_CASEINST (
+ ID_ varchar(64) not null,
+ CASE_INST_ID_ varchar(64) not null,
+ BUSINESS_KEY_ varchar(255),
+ CASE_DEF_ID_ varchar(64) not null,
+ CREATE_TIME_ datetime(3) not null,
+ CLOSE_TIME_ datetime(3),
+ DURATION_ bigint,
+ STATE_ integer,
+ CREATE_USER_ID_ varchar(255),
+ SUPER_CASE_INSTANCE_ID_ varchar(64),
+ SUPER_PROCESS_INSTANCE_ID_ varchar(64),
+ TENANT_ID_ varchar(64),
+ primary key (ID_),
+ unique (CASE_INST_ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_HI_CASEACTINST (
+ ID_ varchar(64) not null,
+ PARENT_ACT_INST_ID_ varchar(64),
+ CASE_DEF_ID_ varchar(64) not null,
+ CASE_INST_ID_ varchar(64) not null,
+ CASE_ACT_ID_ varchar(255) not null,
+ TASK_ID_ varchar(64),
+ CALL_PROC_INST_ID_ varchar(64),
+ CALL_CASE_INST_ID_ varchar(64),
+ CASE_ACT_NAME_ varchar(255),
+ CASE_ACT_TYPE_ varchar(255),
+ CREATE_TIME_ datetime(3) not null,
+ END_TIME_ datetime(3),
+ DURATION_ bigint,
+ STATE_ integer,
+ REQUIRED_ boolean,
+ TENANT_ID_ varchar(64),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create index ACT_IDX_HI_CAS_I_CLOSE on ACT_HI_CASEINST(CLOSE_TIME_);
+create index ACT_IDX_HI_CAS_I_BUSKEY on ACT_HI_CASEINST(BUSINESS_KEY_);
+create index ACT_IDX_HI_CAS_I_TENANT_ID on ACT_HI_CASEINST(TENANT_ID_);
+create index ACT_IDX_HI_CAS_A_I_CREATE on ACT_HI_CASEACTINST(CREATE_TIME_);
+create index ACT_IDX_HI_CAS_A_I_END on ACT_HI_CASEACTINST(END_TIME_);
+create index ACT_IDX_HI_CAS_A_I_COMP on ACT_HI_CASEACTINST(CASE_ACT_ID_, END_TIME_, ID_);
+create index ACT_IDX_HI_CAS_A_I_CASEINST on ACT_HI_CASEACTINST(CASE_INST_ID_, CASE_ACT_ID_);
+create index ACT_IDX_HI_CAS_A_I_TENANT_ID on ACT_HI_CASEACTINST(TENANT_ID_);
+--
+-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com)
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+--
+
+-- create history decision instance table --
+create table ACT_HI_DECINST (
+ ID_ varchar(64) NOT NULL,
+ DEC_DEF_ID_ varchar(64) NOT NULL,
+ DEC_DEF_KEY_ varchar(255) NOT NULL,
+ DEC_DEF_NAME_ varchar(255),
+ PROC_DEF_KEY_ varchar(255),
+ PROC_DEF_ID_ varchar(64),
+ PROC_INST_ID_ varchar(64),
+ CASE_DEF_KEY_ varchar(255),
+ CASE_DEF_ID_ varchar(64),
+ CASE_INST_ID_ varchar(64),
+ ACT_INST_ID_ varchar(64),
+ ACT_ID_ varchar(255),
+ EVAL_TIME_ datetime(3) not null,
+ REMOVAL_TIME_ datetime(3),
+ COLLECT_VALUE_ double,
+ USER_ID_ varchar(255),
+ ROOT_DEC_INST_ID_ varchar(64),
+ ROOT_PROC_INST_ID_ varchar(64),
+ DEC_REQ_ID_ varchar(64),
+ DEC_REQ_KEY_ varchar(255),
+ TENANT_ID_ varchar(64),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+-- create history decision input table --
+create table ACT_HI_DEC_IN (
+ ID_ varchar(64) NOT NULL,
+ DEC_INST_ID_ varchar(64) NOT NULL,
+ CLAUSE_ID_ varchar(64),
+ CLAUSE_NAME_ varchar(255),
+ VAR_TYPE_ varchar(100),
+ BYTEARRAY_ID_ varchar(64),
+ DOUBLE_ double,
+ LONG_ bigint,
+ TEXT_ LONGBLOB,
+ TEXT2_ LONGBLOB,
+ TENANT_ID_ varchar(64),
+ CREATE_TIME_ datetime(3),
+ ROOT_PROC_INST_ID_ varchar(64),
+ REMOVAL_TIME_ datetime(3),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+-- create history decision output table --
+create table ACT_HI_DEC_OUT (
+ ID_ varchar(64) NOT NULL,
+ DEC_INST_ID_ varchar(64) NOT NULL,
+ CLAUSE_ID_ varchar(64),
+ CLAUSE_NAME_ varchar(255),
+ RULE_ID_ varchar(64),
+ RULE_ORDER_ integer,
+ VAR_NAME_ varchar(255),
+ VAR_TYPE_ varchar(100),
+ BYTEARRAY_ID_ varchar(64),
+ DOUBLE_ double,
+ LONG_ bigint,
+ TEXT_ LONGBLOB,
+ TEXT2_ LONGBLOB,
+ TENANT_ID_ varchar(64),
+ CREATE_TIME_ datetime(3),
+ ROOT_PROC_INST_ID_ varchar(64),
+ REMOVAL_TIME_ datetime(3),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+
+create index ACT_IDX_HI_DEC_INST_ID on ACT_HI_DECINST(DEC_DEF_ID_);
+create index ACT_IDX_HI_DEC_INST_KEY on ACT_HI_DECINST(DEC_DEF_KEY_);
+create index ACT_IDX_HI_DEC_INST_PI on ACT_HI_DECINST(PROC_INST_ID_);
+create index ACT_IDX_HI_DEC_INST_CI on ACT_HI_DECINST(CASE_INST_ID_);
+create index ACT_IDX_HI_DEC_INST_ACT on ACT_HI_DECINST(ACT_ID_);
+create index ACT_IDX_HI_DEC_INST_ACT_INST on ACT_HI_DECINST(ACT_INST_ID_);
+create index ACT_IDX_HI_DEC_INST_TIME on ACT_HI_DECINST(EVAL_TIME_);
+create index ACT_IDX_HI_DEC_INST_TENANT_ID on ACT_HI_DECINST(TENANT_ID_);
+create index ACT_IDX_HI_DEC_INST_ROOT_ID on ACT_HI_DECINST(ROOT_DEC_INST_ID_);
+create index ACT_IDX_HI_DEC_INST_REQ_ID on ACT_HI_DECINST(DEC_REQ_ID_);
+create index ACT_IDX_HI_DEC_INST_REQ_KEY on ACT_HI_DECINST(DEC_REQ_KEY_);
+create index ACT_IDX_HI_DEC_INST_ROOT_PI on ACT_HI_DECINST(ROOT_PROC_INST_ID_);
+create index ACT_IDX_HI_DEC_INST_RM_TIME on ACT_HI_DECINST(REMOVAL_TIME_);
+
+
+create index ACT_IDX_HI_DEC_IN_INST on ACT_HI_DEC_IN(DEC_INST_ID_);
+create index ACT_IDX_HI_DEC_IN_CLAUSE on ACT_HI_DEC_IN(DEC_INST_ID_, CLAUSE_ID_);
+create index ACT_IDX_HI_DEC_IN_ROOT_PI on ACT_HI_DEC_IN(ROOT_PROC_INST_ID_);
+create index ACT_IDX_HI_DEC_IN_RM_TIME on ACT_HI_DEC_IN(REMOVAL_TIME_);
+
+create index ACT_IDX_HI_DEC_OUT_INST on ACT_HI_DEC_OUT(DEC_INST_ID_);
+create index ACT_IDX_HI_DEC_OUT_RULE on ACT_HI_DEC_OUT(RULE_ORDER_, CLAUSE_ID_);
+create index ACT_IDX_HI_DEC_OUT_ROOT_PI on ACT_HI_DEC_OUT(ROOT_PROC_INST_ID_);
+create index ACT_IDX_HI_DEC_OUT_RM_TIME on ACT_HI_DEC_OUT(REMOVAL_TIME_);
--- /dev/null
+--
+-- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com)
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+--
+
+use camundabpmn;
+
+create table ACT_ID_GROUP (
+ ID_ varchar(64),
+ REV_ integer,
+ NAME_ varchar(255),
+ TYPE_ varchar(255),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_ID_MEMBERSHIP (
+ USER_ID_ varchar(64),
+ GROUP_ID_ varchar(64),
+ primary key (USER_ID_, GROUP_ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_ID_USER (
+ ID_ varchar(64),
+ REV_ integer,
+ FIRST_ varchar(255),
+ LAST_ varchar(255),
+ EMAIL_ varchar(255),
+ PWD_ varchar(255),
+ SALT_ varchar(255),
+ LOCK_EXP_TIME_ timestamp(3) NULL,
+ ATTEMPTS_ integer,
+ PICTURE_ID_ varchar(64),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_ID_INFO (
+ ID_ varchar(64),
+ REV_ integer,
+ USER_ID_ varchar(64),
+ TYPE_ varchar(64),
+ KEY_ varchar(255),
+ VALUE_ varchar(255),
+ PASSWORD_ LONGBLOB,
+ PARENT_ID_ varchar(255),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_ID_TENANT (
+ ID_ varchar(64),
+ REV_ integer,
+ NAME_ varchar(255),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+create table ACT_ID_TENANT_MEMBER (
+ ID_ varchar(64) not null,
+ TENANT_ID_ varchar(64) not null,
+ USER_ID_ varchar(64),
+ GROUP_ID_ varchar(64),
+ primary key (ID_)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;
+
+alter table ACT_ID_MEMBERSHIP
+ add constraint ACT_FK_MEMB_GROUP
+ foreign key (GROUP_ID_)
+ references ACT_ID_GROUP (ID_);
+
+alter table ACT_ID_MEMBERSHIP
+ add constraint ACT_FK_MEMB_USER
+ foreign key (USER_ID_)
+ references ACT_ID_USER (ID_);
+
+alter table ACT_ID_TENANT_MEMBER
+ add constraint ACT_UNIQ_TENANT_MEMB_USER
+ unique (TENANT_ID_, USER_ID_);
+
+alter table ACT_ID_TENANT_MEMBER
+ add constraint ACT_UNIQ_TENANT_MEMB_GROUP
+ unique (TENANT_ID_, GROUP_ID_);
+
+alter table ACT_ID_TENANT_MEMBER
+ add constraint ACT_FK_TENANT_MEMB
+ foreign key (TENANT_ID_)
+ references ACT_ID_TENANT (ID_);
+
+alter table ACT_ID_TENANT_MEMBER
+ add constraint ACT_FK_TENANT_MEMB_USER
+ foreign key (USER_ID_)
+ references ACT_ID_USER (ID_);
+
+alter table ACT_ID_TENANT_MEMBER
+ add constraint ACT_FK_TENANT_MEMB_GROUP
+ foreign key (GROUP_ID_)
+ references ACT_ID_GROUP (ID_);
--- /dev/null
+# Copyright 2018 © Samsung Electronics Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-mariadb-sh
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/docker-entrypoint-initdb.d/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-mariadb-sql
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/docker-entrypoint-initdb.d/db-sql-scripts/*").AsConfig . | indent 2 }}
fieldPath: metadata.namespace
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- - name: {{ include "common.name" . }}-inject-testlab-project
- command:
- - /bin/bash
- - -c
- - >
- git clone -b {{ .Values.config.gerritBranch }} --single-branch {{ .Values.config.gerritProject }} /tmp/gerrit;
- echo "Clone complete. Copying from /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d to /docker-entrypoint-initdb.d";
- cp -rf /tmp/gerrit/volumes/mariadb/docker-entrypoint-initdb.d/* /docker-entrypoint-initdb.d;
- chmod -R 755 /docker-entrypoint-initdb.d;
- echo "Done.";
- image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - name: docker-entrypoint-initdb-d
- mountPath: "/docker-entrypoint-initdb.d"
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- mountPath: /etc/localtime
name: localtime
readOnly: true
- - name: docker-entrypoint-initdb-d
+ - name: docker-entrypoint-initdb-d-sh
mountPath: "/docker-entrypoint-initdb.d"
+ - name: docker-entrypoint-initdb-d-sql
+ mountPath: "/docker-entrypoint-initdb.d/db-sql-scripts"
{{- if .Values.global.migration.enabled }}
- name: backup-storage
mountPath: /var/data/mariadb
- name: localtime
hostPath:
path: /etc/localtime
- - name: docker-entrypoint-initdb-d
- emptyDir: {}
+ - name: docker-entrypoint-initdb-d-sh
+ configMap:
+ name: {{ include "common.fullname" . }}-mariadb-sh
+ - name: docker-entrypoint-initdb-d-sql
+ configMap:
+ name: {{ include "common.fullname" . }}-mariadb-sql
{{- if .Values.global.migration.enabled }}
- name: backup-storage
persistentVolumeClaim:
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end }}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}-migration
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
+ storageClassName: {{ include "common.storageClass" . }}
{{- end }}
-{{- end }}
-{{- end }}
-
--- /dev/null
+{{ include "common.ingress" . }}
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/so-monitoring:1.5.2
+image: onap/so/so-monitoring:1.5.3
pullPolicy: Always
replicaCount: 1
successThreshold: 1
failureThreshold: 3
ingress:
- enabled: false
+ enabled: false
+ service:
+ - baseaddr: "somonitoring"
+ name: "so-monitoring"
+ port: 9091
+ config:
+ ssl: "none"
nodeSelector: {}
tolerations: []
-affinity: {}
+affinity: {}
\ No newline at end of file
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/openstack-adapter:1.5.2
+image: onap/so/openstack-adapter:1.5.3
pullPolicy: Always
repository: nexus3.onap.org:10001
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/request-db-adapter:1.5.2
+image: onap/so/request-db-adapter:1.5.3
pullPolicy: Always
replicaCount: 1
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/sdc-controller:1.5.2
+image: onap/so/sdc-controller:1.5.3
pullPolicy: Always
replicaCount: 1
mobility:
'':
query: GET|60000|sdncurl5|
- myurl: http://so-sdnc-adapter{{ include "common.namespace" . }}:8086/adapters/rest/SDNCNotify
+ myurl: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/rest/SDNCNotify
rest:
bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
sdncauth: ED07A7EE5F099FA53369C3DF2240AD68A00154676EEDBC6F8C16BAA83B1912941B8941ABD48683D2C1072DA7040659692DE936A59BBF42A038CF71DE67B4A375190071EC76EA657801B033C135
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/sdnc-adapter:1.5.2
+image: onap/so/sdnc-adapter:1.5.3
pullPolicy: Always
replicaCount: 1
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/vfc-adapter:1.5.2
+image: onap/so/vfc-adapter:1.5.3
pullPolicy: Always
replicaCount: 1
password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
role: ACTUATOR
server:
- port: {{ index .Values.containerPort }}
+ port: {{ index .Values.containerPort }}
+ ssl:
+ key-alias: so@so.onap.org
+ key--store-password: 'ywsqCy:EEo#j}HJHM7z^Rk[L'
+ key-store: classpath:so-vnfm-adapter.p12
+ key-store-type: PKCS12
+http:
+ client:
+ ssl:
+ trust-store: classpath:org.onap.so.trust.jks
+ trust-store-password: ',sx#.C*W)]wVgJC6ccFHI#:H'
mso:
key: 07a7159d3bf51a0e53be7a8f89699be7
site-name: localSite
key: 566B754875657232314F5548556D3665
endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443
vnfmadapter:
- endpoint: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092
+ endpoint: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092
+etsi-catalog-manager:
+ vnfpkgm:
+ {{- if .Values.global.msbEnabled }}
+ endpoint: http://msb-iag.{{ include "common.namespace" . }}:80/api/vnfpkgm/v1
+ {{- else }}
+ endpoint: http://modeling-etsicatalog.{{ include "common.namespace" . }}:8806/api/vnfpkgm/v1
+ {{- end }}
+
--- /dev/null
+{{ include "common.ingress" . }}
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/vnfm-adapter:1.5.2
+image: onap/so/vnfm-adapter:1.5.3
pullPolicy: Always
replicaCount: 1
failureThreshold: 3
ingress:
enabled: false
+ service:
+ - baseaddr: "sovnfmadapter"
+ name: "so-vnfm-adapter"
+ port: 9092
+ config:
+ ssl: "redirect"
nodeSelector: {}
tolerations: []
-affinity: {}
+affinity: {}
\ No newline at end of file
--- /dev/null
+{{ include "common.ingress" . }}
dbPort: 3306
dbUser: root
dbPassword: secretpassword
+ msbEnabled: true
#################################################################
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/api-handler-infra:1.5.2
+image: onap/so/api-handler-infra:1.5.3
pullPolicy: Always
replicaCount: 1
persistence:
mountSubPath: so/mariadb-galera/data
enabled: true
+
+ingress:
+ enabled: false
+ service:
+ - baseaddr: "so"
+ name: "so"
+ port: 8080
+ config:
+ ssl: "none"
--- /dev/null
+{{ include "common.ingress" . }}
ingress:
enabled: false
+ service:
+ - baseaddr: uuiserver
+ name: "uui-server"
+ port: 8082
+ config:
+ ssl: "none"
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
--- /dev/null
+{{ include "common.ingress" . }}
ingress:
enabled: false
+ service:
+ - baseaddr: uui
+ name: "uui"
+ port: 8080
+ config:
+ ssl: "none"
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# limitations under the License.
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
+{{- end -}}
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: ONAP VID MariaDB Galera cluster
-name: vid_mariadb_galera
-version: 5.0.0
-keywords:
- - mariadb
- - mysql
- - database
- - sql
- - galera
- - cluster
\ No newline at end of file
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-MariaDB-Galera service can be accessed via port 3306 on the following DNS name from within your cluster:
-{{ include "common.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
-
-To connect to your database:
-
-1. Run a pod that you can use as a client:
-
- kubectl run {{ include "common.fullname" . }}-client --rm --tty -i --image mariadb --command -- bash
-
-2. Connect using the mysql cli, then provide your password:
- $ mysql -h {{ include "common.fullname" . }} {{- if .Values.mysqlRootPassword }} -p {{ .Values.mysqlRootPassword }}{{- end -}}
-
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-confd
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }}
----
-{{- if .Values.externalConfig }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-externalconfig
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-data:
- my_extra.cnf: |-
- [mysqld]
- lower_case_table_names = 1
-
-#{{ toYaml .Values.externalConfig | indent 4 }}
-#{{- end -}}
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- annotations:
- service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
-# name: {{ include "common.servicename" . }}
- name: {{ .Values.service.name }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-spec:
- ports:
- - name: {{ .Values.service.portName }}
- port: {{ .Values.service.internalPort }}
- clusterIP: None
- selector:
- app: {{ include "common.fullname" . }}
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: apps/v1beta1
-kind: StatefulSet
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-spec:
-# serviceName: {{ include "common.fullname" . }}
- serviceName: {{ .Values.service.name }}
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.fullname" . }}
- release: {{ .Release.Name }}
- annotations:
- pod.alpha.kubernetes.io/initialized: "true"
- spec:
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 8 }}
- {{- end }}
- volumes:
- {{- if .Values.externalConfig }}
- - name: config
- configMap:
- name: {{ include "common.fullname" . }}-externalconfig
- {{- end}}
- - name: localtime
- hostPath:
- path: /etc/localtime
- imagePullSecrets:
- - name: {{ include "common.namespace" . }}-docker-registry-key
- containers:
- - name: {{ include "common.fullname" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy | quote}}
- env:
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- - name: MYSQL_USER
- value: {{ default "" .Values.config.userName | quote }}
- - name: MYSQL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: user-password
- - name: MYSQL_DATABASE
- value: {{ default "" .Values.config.mysqlDatabase | quote }}
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}
- key: db-root-password
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
- - containerPort: {{ .Values.service.sstPort }}
- name: {{ .Values.service.sstName }}
- - containerPort: {{ .Values.service.replicationPort }}
- name: {{ .Values.service.replicationName }}
- - containerPort: {{ .Values.service.istPort }}
- name: {{ .Values.service.istName }}
- readinessProbe:
- exec:
- command:
- - /usr/share/container-scripts/mysql/readiness-probe.sh
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- exec:
- command: ["mysqladmin", "ping"]
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
- {{- end }}
- resources:
-{{ include "common.resources" . | indent 12 }}
- volumeMounts:
- {{- if .Values.externalConfig }}
- - mountPath: /etc/config
- name: config
- {{- end}}
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
-{{- if .Values.persistence.enabled }}
- - mountPath: /var/lib/mysql
- name: {{ include "common.fullname" . }}-data
- subPath: data
- initContainers:
- - name: mariadb-galera-prepare
- image: "{{ include "common.repository" . }}/{{ .Values.imageInit }}"
- command: ["sh", "-c", "chown -R 27:27 /var/lib/mysql"]
- volumeMounts:
- - name: {{ include "common.fullname" . }}-data
- mountPath: /var/lib/mysql
- volumeClaimTemplates:
- - metadata:
- name: {{ include "common.fullname" . }}-data
- labels:
- name: {{ include "common.fullname" . }}
- annotations:
- {{- if .Values.persistence.storageClass }}
- volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass | quote }}
- {{- else }}
- volume.alpha.kubernetes.io/storage-class: default
- {{- end }}
- spec:
- accessModes:
- - {{ .Values.persistence.accessMode | quote }}
- resources:
- requests:
- storage: {{ .Values.persistence.size | quote }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
-{{- end }}
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
- repository: nexus3.onap.org:10001
-
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-
-#repository: mysql
-repository: nexus3.onap.org:10001
-image: adfinissygroup/k8s-mariadb-galera-centos:v004
-imageInit: busybox
-pullPolicy: IfNotPresent
-
-# application configuration
-config:
- mariadbRootPassword: secretpassword
-# userName: my-user
-# userPassword: my-password
-# mysqlDatabase: my-database
- userName: vidadmin
- userPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
- mysqlDatabase: vid_openecomp_epsdk
-
-
-# default number of instances in the StatefulSet
-replicaCount: 2
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 30
- periodSeconds: 10
- timeoutSeconds: 5
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: false
-
-readiness:
- initialDelaySeconds: 15
- periodSeconds: 10
-
-## Persist data to a persitent volume
-persistence:
- enabled: false
-
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
-
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- ##
- # storageClass: "-"
- accessMode: ReadWriteOnce
- size: 2Gi
-
-
-service:
- internalPort: 3306
- name: vid-galera
- portName: vid-galera
- sstPort: 4444
- sstName: sst
- replicationPort: 4567
- replicationName: replication
- istPort: 4568
- istName: ist
-
-ingress:
- enabled: false
-
-
-## Configure MariaDB-Galera with a custom my.cnf file
-## ref: https://mariadb.com/kb/en/mariadb/configuring-mariadb-with-mycnf/#example-of-configuration-file
-##
-#externalConfig: {}
-externalConfig: |-
- lower_case_table_names = 1
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 10m
- memory: 1Gi
- requests:
- cpu: 10m
- memory: 500Mi
- large:
- limits:
- cpu: 20m
- memory: 2Gi
- requests:
- cpu: 20m
- memory: 1Gi
- unlimited: {}
-# Name for mariadb-galera cluster - should be unique accross all projects or other clusters
-nameOverride: vid-mariadb-galera
-
-# DNS name for mariadb-galera cluster - should be unique accross all projects other clusters
-#dnsnameOverride: mariadb-galera
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: mariadb-galera
+ version: ~5.x-0
+ repository: '@local'
-<?xml version="1.0" encoding="UTF-8"?>\r
-<!--\r
- ================================================================================\r
- eCOMP Portal SDK\r
- ================================================================================\r
- Copyright (C) 2017 AT&T Intellectual Property\r
- ================================================================================\r
- Licensed under the Apache License, Version 2.0 (the "License");\r
- you may not use this file except in compliance with the License.\r
- You may obtain a copy of the License at\r
- \r
- http://www.apache.org/licenses/LICENSE-2.0\r
- \r
- Unless required by applicable law or agreed to in writing, software\r
- distributed under the License is distributed on an "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- See the License for the specific language governing permissions and\r
- limitations under the License.\r
- ================================================================================\r
- -->\r
-<configuration scan="true" scanPeriod="3 seconds" debug="true">\r
- <!-- specify the base path of the log directory -->\r
- <property name="logDir" value="/var/log/onap" />\r
- <!-- specify the component name -->\r
- <property name="componentName" value="vid" />\r
- <!-- The directory where logs are written -->\r
- <property name="logDirectory" value="${logDir}/${componentName}" />\r
- <property name="pattern" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />\r
- <!-- log file names -->\r
- <property name="generalLogName" value="application" />\r
- <property name="errorLogName" value="error" />\r
- <property name="metricsLogName" value="metrics" />\r
- <property name="auditLogName" value="audit" />\r
- <property name="debugLogName" value="debug" />\r
- <!-- other constants -->\r
- <property name="queueSize" value="256" />\r
- <property name="maxFileSize" value="50MB" />\r
- <property name="maxHistory" value="30" />\r
- <property name="totalSizeCap" value="10GB" />\r
- <!-- Example evaluator filter applied against console appender -->\r
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">\r
- <encoder>\r
- <pattern>${pattern}</pattern>\r
- </encoder>\r
- </appender>\r
- <!-- ============================================================================ -->\r
- <!-- EELF Appenders -->\r
- <!-- ============================================================================ -->\r
- <!-- The EELFAppender is used to record events to the general application \r
- log -->\r
- <appender name="EELF" class="ch.qos.logback.core.rolling.RollingFileAppender">\r
- <file>${logDirectory}/${generalLogName}.log</file>\r
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">\r
- <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>\r
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">\r
- <maxFileSize>${maxFileSize}</maxFileSize>\r
- </timeBasedFileNamingAndTriggeringPolicy>\r
- <maxHistory>${maxHistory}</maxHistory>\r
- <totalSizeCap>${totalSizeCap}</totalSizeCap>\r
- </rollingPolicy>\r
- <encoder>\r
- <pattern>${pattern}</pattern>\r
- </encoder>\r
- <filter class="org.openecomp.portalapp.util.CustomLoggingFilter" />\r
- </appender>\r
- <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">\r
- <queueSize>${queueSize}</queueSize>\r
- <includeCallerData>true</includeCallerData>\r
- <appender-ref ref="EELF" />\r
- </appender>\r
- <!-- EELF Security Appender. This appender is used to record security events \r
- to the security log file. Security events are separate from other loggers \r
- in EELF so that security log records can be captured and managed in a secure \r
- way separate from the other logs. This appender is set to never discard any \r
- events. -->\r
- <!-- \r
- <appender name="EELFSecurity"\r
- class="ch.qos.logback.core.rolling.RollingFileAppender">\r
- <file>${logDirectory}/${securityLogName}.log</file>\r
- <rollingPolicy\r
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">\r
- <fileNamePattern>${logDirectory}/${securityLogName}.%i.log.zip\r
- </fileNamePattern>\r
- <minIndex>1</minIndex>\r
- <maxIndex>9</maxIndex>\r
- </rollingPolicy>\r
- <triggeringPolicy\r
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">\r
- <maxFileSize>5MB</maxFileSize>\r
- </triggeringPolicy>\r
- <encoder>\r
- <pattern>${defaultPattern}</pattern>\r
- </encoder>\r
- </appender>\r
- \r
- <appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender">\r
- <queueSize>256</queueSize>\r
- <discardingThreshold>0</discardingThreshold>\r
- <appender-ref ref="EELFSecurity" />\r
- </appender>\r
- -->\r
- <!-- EELF Performance Appender. This appender is used to record performance \r
- records. -->\r
- <!--\r
- <appender name="EELFPerformance"\r
- class="ch.qos.logback.core.rolling.RollingFileAppender">\r
- <file>${logDirectory}/${performanceLogName}.log</file>\r
- <rollingPolicy\r
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">\r
- <fileNamePattern>${logDirectory}/${performanceLogName}.%i.log.zip\r
- </fileNamePattern>\r
- <minIndex>1</minIndex>\r
- <maxIndex>9</maxIndex>\r
- </rollingPolicy>\r
- <triggeringPolicy\r
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">\r
- <maxFileSize>5MB</maxFileSize>\r
- </triggeringPolicy>\r
- <encoder>\r
- <outputPatternAsHeader>true</outputPatternAsHeader>\r
- <pattern>${defaultPattern}</pattern>\r
- </encoder>\r
- </appender>\r
- <appender name="asyncEELFPerformance" class="ch.qos.logback.classic.AsyncAppender">\r
- <queueSize>256</queueSize>\r
- <appender-ref ref="EELFPerformance" />\r
- </appender>\r
- -->\r
- <!-- EELF Server Appender. This appender is used to record Server related \r
- logging events. The Server logger and appender are specializations of the \r
- EELF application root logger and appender. This can be used to segregate Server \r
- events from other components, or it can be eliminated to record these events \r
- as part of the application root log. -->\r
- <!--\r
- <appender name="EELFServer"\r
- class="ch.qos.logback.core.rolling.RollingFileAppender">\r
- <file>${logDirectory}/${serverLogName}.log</file>\r
- <rollingPolicy\r
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">\r
- <fileNamePattern>${logDirectory}/${serverLogName}.%i.log.zip\r
- </fileNamePattern>\r
- <minIndex>1</minIndex>\r
- <maxIndex>9</maxIndex>\r
- </rollingPolicy>\r
- <triggeringPolicy\r
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">\r
- <maxFileSize>5MB</maxFileSize>\r
- </triggeringPolicy>\r
- <encoder>\r
- <pattern>${defaultPattern}</pattern>\r
- </encoder>\r
- </appender>\r
- <appender name="asyncEELFServer" class="ch.qos.logback.classic.AsyncAppender">\r
- <queueSize>256</queueSize>\r
- <appender-ref ref="EELFServer" />\r
- </appender>\r
- -->\r
- <!-- EELF Policy Appender. This appender is used to record Policy engine \r
- related logging events. The Policy logger and appender are specializations \r
- of the EELF application root logger and appender. This can be used to segregate \r
- Policy engine events from other components, or it can be eliminated to record \r
- these events as part of the application root log. -->\r
- <!--\r
- <appender name="EELFPolicy"\r
- class="ch.qos.logback.core.rolling.RollingFileAppender">\r
- <file>${logDirectory}/${policyLogName}.log</file>\r
- <rollingPolicy\r
- class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">\r
- <fileNamePattern>${logDirectory}/${policyLogName}.%i.log.zip\r
- </fileNamePattern>\r
- <minIndex>1</minIndex>\r
- <maxIndex>9</maxIndex>\r
- </rollingPolicy>\r
- <triggeringPolicy\r
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">\r
- <maxFileSize>5MB</maxFileSize>\r
- </triggeringPolicy>\r
- <encoder>\r
- <pattern>${defaultPattern}</pattern>\r
- </encoder>\r
- </appender>\r
- <appender name="asyncEELFPolicy" class="ch.qos.logback.classic.AsyncAppender">\r
- <queueSize>256</queueSize>\r
- <appender-ref ref="EELFPolicy" />\r
- </appender>\r
- -->\r
- <!-- EELF Audit Appender. This appender is used to record audit engine \r
- related logging events. The audit logger and appender are specializations \r
- of the EELF application root logger and appender. This can be used to segregate \r
- Policy engine events from other components, or it can be eliminated to record \r
- these events as part of the application root log. -->\r
- <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender">\r
- <file>${logDirectory}/${auditLogName}.log</file>\r
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">\r
- <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>\r
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">\r
- <maxFileSize>${maxFileSize}</maxFileSize>\r
- </timeBasedFileNamingAndTriggeringPolicy>\r
- <maxHistory>${maxHistory}</maxHistory>\r
- <totalSizeCap>${totalSizeCap}</totalSizeCap>\r
- </rollingPolicy>\r
- <encoder>\r
- <pattern>${pattern}</pattern>\r
- </encoder>\r
- </appender>\r
- <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">\r
- <queueSize>${queueSize}</queueSize>\r
- <appender-ref ref="EELFAudit" />\r
- </appender>\r
- <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender">\r
- <file>${logDirectory}/${metricsLogName}.log</file>\r
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">\r
- <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>\r
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">\r
- <maxFileSize>${maxFileSize}</maxFileSize>\r
- </timeBasedFileNamingAndTriggeringPolicy>\r
- <maxHistory>${maxHistory}</maxHistory>\r
- <totalSizeCap>${totalSizeCap}</totalSizeCap>\r
- </rollingPolicy>\r
- <encoder>\r
- <pattern>${pattern}</pattern>\r
- </encoder>\r
- </appender>\r
- <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">\r
- <queueSize>${queueSize}</queueSize>\r
- <appender-ref ref="EELFMetrics" />\r
- </appender>\r
- <appender name="EELFError" class="ch.qos.logback.core.rolling.RollingFileAppender">\r
- <file>${logDirectory}/${errorLogName}.log</file>\r
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">\r
- <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>\r
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">\r
- <maxFileSize>${maxFileSize}</maxFileSize>\r
- </timeBasedFileNamingAndTriggeringPolicy>\r
- <maxHistory>${maxHistory}</maxHistory>\r
- <totalSizeCap>${totalSizeCap}</totalSizeCap>\r
- </rollingPolicy>\r
- <encoder>\r
- <pattern>${pattern}</pattern>\r
- </encoder>\r
- </appender>\r
- <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">\r
- <queueSize>${queueSize}</queueSize>\r
- <appender-ref ref="EELFError" />\r
- </appender>\r
- <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">\r
- <file>${logDirectory}/${debugLogName}.log</file>\r
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">\r
- <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>\r
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">\r
- <maxFileSize>${maxFileSize}</maxFileSize>\r
- </timeBasedFileNamingAndTriggeringPolicy>\r
- <maxHistory>${maxHistory}</maxHistory>\r
- <totalSizeCap>${totalSizeCap}</totalSizeCap>\r
- </rollingPolicy>\r
- <encoder>\r
- <pattern>${pattern}</pattern>\r
- </encoder>\r
- </appender>\r
- <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">\r
- <queueSize>${queueSize}</queueSize>\r
- <appender-ref ref="EELFDebug" />\r
- </appender>\r
- <!-- ============================================================================ -->\r
- <!-- EELF loggers -->\r
- <!-- ============================================================================ -->\r
- <logger name="com.att.eelf" level="debug" additivity="false">\r
- <appender-ref ref="asyncEELF" />\r
- </logger>\r
- <!--\r
- <logger name="com.att.eelf.security" level="info" additivity="false">\r
- <appender-ref ref="asyncEELFSecurity" />\r
- </logger>\r
- <logger name="com.att.eelf.perf" level="info" additivity="false">\r
- <appender-ref ref="asyncEELFPerformance" />\r
- </logger>\r
- <logger name="com.att.eelf.server" level="info" additivity="false">\r
- <appender-ref ref="asyncEELFServer" />\r
- </logger>\r
- <logger name="com.att.eelf.policy" level="info" additivity="false">\r
- <appender-ref ref="asyncEELFPolicy" />\r
- </logger>\r
- -->\r
- <logger name="com.att.eelf.audit" level="info" additivity="false">\r
- <appender-ref ref="asyncEELFAudit" />\r
- </logger>\r
- <logger name="com.att.eelf.metrics" level="info" additivity="false">\r
- <appender-ref ref="asyncEELFMetrics" />\r
- </logger>\r
- <logger name="com.att.eelf.error" level="info" additivity="false">\r
- <appender-ref ref="asyncEELFError" />\r
- </logger>\r
- <logger name="com.att.eelf.debug" level="debug" additivity="false">\r
- <appender-ref ref="asyncEELFDebug" />\r
- </logger>\r
- <root level="INFO">\r
- <appender-ref ref="asyncEELF" />\r
- </root>\r
-</configuration>\r
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ================================================================================
+ eCOMP Portal SDK
+ ================================================================================
+ Copyright (C) 2017 AT&T Intellectual Property
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ================================================================================
+ -->
+<configuration scan="true" scanPeriod="3 seconds" debug="true">
+ <!-- specify the component name -->
+ <property name="componentName" value="vid"/>
+ <!-- specify the base path of the log directory -->
+ <property name="logDirPrefix" value="/var/log/onap" />
+ <!-- The directory where logs are written -->
+ <property name="logDirectory" value="${logDirPrefix}/${componentName}" />
+
+ <!-- log file names -->
+ <property name="generalLogName" value="application" />
+ <property name="errorLogName" value="error" />
+ <property name="metricsLogName" value="metrics" />
+ <property name="auditLogName" value="audit" />
+ <property name="debugLogName" value="debug" />
+ <property name="outgoingRequestsLogName" value="outgoingRequests" />
+
+ <!-- other constants -->
+ <property name="queueSize" value="256" />
+ <property name="maxFileSize" value="50MB" />
+ <property name="maxHistory" value="30" />
+ <property name="totalSizeCap" value="10GB" />
+
+ <!-- ONAP Application Logging Specification v1.2 (Casablanca)
+ https://wiki.onap.org/pages/viewpage.action?pageId=28378955 -->
+
+ <property name="auditLoggerPattern"
+ value="%X{EntryTimestamp}|%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX,UTC}|%X{RequestID}|%X{ServiceInstanceId}|%thread||%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level||%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ClassName}|||%marker|%mdc|||%msg%n"/>
+
+ <property name="metricsLoggerPattern"
+ value="%X{InvokeTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|0|%X{ServerIPAddress}|%replace(%X{ElapsedTime}){' ms',''}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVisualEntity}|%marker|%mdc|%X{CustomField3}|%X{CustomField4}| %msg%nopexception%n" />
+
+ <property name="errorLoggerPattern"
+ value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestID}|%thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%.-5level|%X{ErrorCode:-900}|%replace(%msg){'[\r\n]+', '\\\\n'}|%nopexception%replace(%xThrowable){'[\r\n]+', '\\\\n'}%n" />
+
+ <property name="debugLoggerPattern" value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestID}|%msg %nopexception%replace(%xThrowable){'[\r\n]+', '\\\\n'}|^%n" />
+
+ <!-- use %class so library logging calls yield their class name -->
+ <property name="applicationLoggerPattern"
+ value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestID}|%thread|%.-5level|%class{36}| %msg%n" />
+
+
+
+ <!-- Example evaluator filter applied against console appender -->
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${debugLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+
+ <!-- The EELFAppender is used to record events to the general application log -->
+ <appender name="EELF" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${generalLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${applicationLoggerPattern}</pattern>
+ </encoder>
+ <filter class="org.onap.portalapp.util.CustomLoggingFilter" />
+ </appender>
+
+ <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>${queueSize}</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="EELF" />
+ </appender>
+
+ <!-- EELF Security Appender. This appender is used to record security events
+ to the security log file. Security events are separate from other loggers
+ in EELF so that security log records can be captured and managed in a secure
+ way separate from the other logs. This appender is set to never discard any
+ events. -->
+ <!--
+ <appender name="EELFSecurity"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${securityLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${securityLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <discardingThreshold>0</discardingThreshold>
+ <appender-ref ref="EELFSecurity" />
+ </appender>
+ -->
+ <!-- EELF Performance Appender. This appender is used to record performance
+ records. -->
+ <!--
+ <appender name="EELFPerformance"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${performanceLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${performanceLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <outputPatternAsHeader>true</outputPatternAsHeader>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFPerformance" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFPerformance" />
+ </appender>
+ -->
+ <!-- EELF Server Appender. This appender is used to record Server related
+ logging events. The Server logger and appender are specializations of the
+ EELF application root logger and appender. This can be used to segregate Server
+ events from other components, or it can be eliminated to record these events
+ as part of the application root log. -->
+ <!--
+ <appender name="EELFServer"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${serverLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${serverLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFServer" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFServer" />
+ </appender>
+ -->
+ <!-- EELF Policy Appender. This appender is used to record Policy engine
+ related logging events. The Policy logger and appender are specializations
+ of the EELF application root logger and appender. This can be used to segregate
+ Policy engine events from other components, or it can be eliminated to record
+ these events as part of the application root log. -->
+ <!--
+ <appender name="EELFPolicy"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${policyLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${policyLogName}.%i.log.zip
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFPolicy" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFPolicy" />
+ </appender>
+ -->
+ <!-- EELF Audit Appender. This appender is used to record audit engine
+ related logging events. The audit logger and appender are specializations
+ of the EELF application root logger and appender. This can be used to segregate
+ Policy engine events from other components, or it can be eliminated to record
+ these events as part of the application root log. -->
+ <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${auditLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${auditLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFAudit" />
+ <includeCallerData>true</includeCallerData>
+ </appender>
+
+ <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
+ <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator">
+ <marker>INVOKE</marker>
+ <marker>INVOKE-RETURN</marker>
+ </evaluator>
+ <onMismatch>DENY</onMismatch>
+ <onMatch>ACCEPT</onMatch>
+ </filter>
+ <file>${logDirectory}/${metricsLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${metricsLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFMetrics" />
+ <includeCallerData>true</includeCallerData>
+ </appender>
+
+ <appender name="EELFError" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>ERROR</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>NEUTRAL</onMismatch>
+ </filter>
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>WARN</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/${errorLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFError" />
+ <includeCallerData>true</includeCallerData>
+ </appender>
+
+ <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${debugLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${debugLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFDebug" />
+ <includeCallerData>true</includeCallerData>
+ </appender>
+
+ <appender name="OutgoingRequests" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${outgoingRequestsLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${outgoingRequestsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${debugLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncOutgoingRequests" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="OutgoingRequests" />
+ <includeCallerData>true</includeCallerData>
+ </appender>
+
+
+ <!-- ============================================================================ -->
+ <!-- EELF loggers -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="debug" additivity="false">
+ <appender-ref ref="asyncEELF" />
+ </logger>
+
+ <!--
+ <logger name="com.att.eelf.security" level="info" additivity="false">
+ <appender-ref ref="asyncEELFSecurity" />
+ </logger>
+ <logger name="com.att.eelf.perf" level="info" additivity="false">
+ <appender-ref ref="asyncEELFPerformance" />
+ </logger>
+ <logger name="com.att.eelf.server" level="info" additivity="false">
+ <appender-ref ref="asyncEELFServer" />
+ </logger>
+ <logger name="com.att.eelf.policy" level="info" additivity="false">
+ <appender-ref ref="asyncEELFPolicy" />
+ </logger>
+ -->
+
+ <logger name="org.onap.logging.filter.base.AbstractAuditLogFilter" level="info" additivity="false">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+
+ <logger name="org.onap.logging.filter.base.AbstractMetricLogFilter" level="info" additivity="false">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+
+ <logger name="com.att.eelf.error" level="info" additivity="false">
+ <appender-ref ref="asyncEELFError" />
+ <appender-ref ref="asyncEELFDebug" />
+ </logger>
+
+ <logger name="com.att.eelf.debug" level="debug" additivity="false">
+ <appender-ref ref="asyncEELFDebug" />
+ </logger>
+
+ <logger name="http.requests.outgoing" level="DEBUG" additivity="false">
+ <appender-ref ref="asyncOutgoingRequests"/>
+ </logger>
+
+ <root level="INFO">
+ <appender-ref ref="asyncEELF" />
+ <appender-ref ref="asyncEELFError" />
+ </root>
+
+</configuration>
value: "{{ .Values.config.vidcontactuslink }}"
- name: VID_KEYSTORE_PASSWORD
value: {{ .Values.config.vidkeystorepassword | quote }}
- - name: CATALINA_OPTS
- value: "-Dvid.keystore.password=$(VID_KEYSTORE_PASSWORD) -Dvid.keyalias=vid@vid.onap.org -Dvid.keystore.filename=/opt/app/vid/etc/org.onap.vid.jks -Dcom.att.eelf.logging.file=logback.xml -Dcom.att.eelf.logging.path=/tmp"
- name: VID_UEB_URL_LIST
value: message-router.{{ include "common.namespace" . }}
- name: VID_MYSQL_HOST
- value: "{{ .Values.config.vidmysqlhost }}"
+ value: {{ index .Values "mariadb-galera" "service" "name" }}
- name: VID_MYSQL_PORT
- value: "{{ .Values.config.vidmysqlport }}"
+ value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}"
- name: VID_MYSQL_DBNAME
- value: "{{ .Values.config.vidmysqldbname }}"
+ value: {{ index .Values "mariadb-galera" "config" "mysqlDatabase" }}
- name: VID_MYSQL_USER
- value: "{{ .Values.config.vidmysqluser }}"
+ value: {{ index .Values "mariadb-galera" "config" "userName" }}
- name: VID_MYSQL_PASS
- value: "{{ .Values.config.vidmysqlpassword }}"
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-db
+ key: db-user-password
#valueFrom:
# secretKeyRef: {name: {{ include "common.fullname" . }}, key: vid-password}
- name: VID_MYSQL_MAXCONNECTIONS
name: {{ include "common.fullname" . }}-log-configmap
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
-
--- /dev/null
+{{ include "common.ingress" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command:
- /root/ready.py
-{{- $fullname := include "common.fullname" . -}}
-{{- range $i,$t := until (int .Values.vid_mariadb_galera.replicaCount)}}
- --container-name
- - {{ $fullname }}-mariadb-galera-{{$i}}
-{{- end }}
+ - {{ index .Values "mariadb-galera" "service" "name" }}
env:
- name: NAMESPACE
valueFrom:
- /dbcmd-config/db_cmd.sh
env:
- name: MYSQL_PASSWORD
- value: "{{ .Values.config.vidmysqlpassword }}"
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-db
+ key: db-user-password
- name: MYSQL_HOST
- value: "{{ .Values.config.vidmysqlhost }}"
+ value: {{ index .Values "mariadb-galera" "service" "name" }}
- name: MYSQL_USER
- value: "{{ .Values.config.vidmysqluser }}"
+ value: {{ index .Values "mariadb-galera" "config" "userName" }}
- name: MYSQL_PORT
- value: "{{ .Values.config.vidmysqlport }}"
+ value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}"
restartPolicy: Never
volumes:
- name: {{ include "common.fullname" . }}-config
path: db_cmd.sh
- key: vid-pre-init.sql
path: vid-pre-init.sql
-
type: Opaque
data:
{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-db
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+type: Opaque
+data:
+ db-user-password: {{ index .Values "mariadb-galera" "config" "userPassword" | b64enc | quote }}
+ db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }}
global:
nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.1
+ readinessImage: readiness-check:2.0.2
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
# application image
repository: nexus3.onap.org:10001
-image: onap/vid:5.0.3
+image: onap/vid:6.0.2
pullPolicy: Always
# mariadb image for initializing
vidmsopass: OBF:1ih71i271vny1yf41ymf1ylz1yf21vn41hzj1icz
msodme2serverurl: http://localhost:8081
vidcontactuslink: https://todo_contact_us_link.com
- vidmysqlhost: vid-galera
- vidmysqlport: "3306"
- vidmysqldbname: vid_openecomp_epsdk
- vidmysqluser: vidadmin
vidmysqlmaxconnections: "5"
logstashServiceName: log-ls
logstashPort: 5044
roleaccesscentralized: remote
-# subchart configuration
-vid_mariadb_galera:
-# nameOverride: vid-mariadb-galera
- replicaCount: 1
+mariadb-galera:
+ config:
+ userName: vidadmin
+ userPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+ mariadbRootPassword: kjgsdhjqhawxvnbpoiawsfgjsqhsgjhjhdqihhjqdvcbxkjchizpw
+ mysqlDatabase: vid_openecomp_epsdk
+ nameOverride: vid-galera
+ service:
+ name: vid-galera
+ portName: mysql-vid
+ internalPort: "3306"
+ replicaCount: 3
+ persistence:
+ enabled: true
+ mountSubPath: vid/maria/data
+ externalConfig: |-
+ [mysqld]
+ lower_case_table_names = 1
# default number of instances
replicaCount: 1
ingress:
enabled: false
+ service:
+ - baseaddr: "vid"
+ name: "vid-http"
+ port: 8080
+ config:
+ ssl: "none"
# Resource Limit flavor -By Default using small
flavor: small
--- /dev/null
+{{ include "common.ingress" . }}
ingress:
enabled: false
+ service:
+ - baseaddr: "refrepo"
+ name: "refrepo"
+ port: 97
+ config:
+ ssl: "none"