Code Review / oom.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw (from parent 2: 6cda610)
Merge "[COMMON][Readiness] Uses new tpls for repos / images"
authorKrzysztof Opasiak <k.opasiak@samsung.com>
Tue, 12 Jan 2021 08:31:59 +0000 (08:31 +0000)
committerGerrit Code Review <gerrit@onap.org>
Tue, 12 Jan 2021 08:31:59 +0000 (08:31 +0000)
17 files changed:
.gitignore patch | blob | history
kubernetes/aaf/.gitignore patch | blob | history
kubernetes/common/cmpv2Config/values.yaml patch | blob | history
kubernetes/common/common/templates/_certificate.tpl [new file with mode: 0644] patch | blob
kubernetes/contrib/.gitignore [new file with mode: 0644] patch | blob
kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml patch | blob | history
kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml patch | blob | history
kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml patch | blob | history
kubernetes/onap/values.yaml patch | blob | history
kubernetes/platform/components/cmpv2-cert-provider/values.yaml patch | blob | history
kubernetes/platform/components/oom-cert-service/values.yaml patch | blob | history
kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal.cql patch | blob | history
kubernetes/portal/components/portal-cassandra/templates/deployment.yaml patch | blob | history
kubernetes/portal/components/portal-cassandra/values.yaml patch | blob | history
kubernetes/sdnc/templates/certificates.yaml [new file with mode: 0644] patch | blob
kubernetes/sdnc/values.yaml patch | blob | history
kubernetes/uui/components/uui-server/values.yaml patch | blob | history

diff --git a/.gitignore b/.gitignore
index 11c7e80..cb4cb34 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -31,3 +31,6 @@ requirements.lock
 
 # Mac OS
 *DS_Store*
+
+# dist
+dist
diff --git a/kubernetes/aaf/.gitignore b/kubernetes/aaf/.gitignore
index 3a4f8ba..71fbb5c 100644 (file)
--- a/kubernetes/aaf/.gitignore
+++ b/kubernetes/aaf/.gitignore
@@ -1 +1,2 @@
 /sms/
+components/dist
diff --git a/kubernetes/common/cmpv2Config/values.yaml b/kubernetes/common/cmpv2Config/values.yaml
index c22f973..19b87b1 100644 (file)
--- a/kubernetes/common/cmpv2Config/values.yaml
+++ b/kubernetes/common/cmpv2Config/values.yaml
@@ -14,7 +14,7 @@
 global:
   platform:
     certServiceClient:
-      image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.1
+      image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.2
       secretName: oom-cert-service-client-tls-secret
       envVariables:
         # Certificate related
@@ -29,5 +29,5 @@ global:
         keystorePassword: "secret"
         truststorePassword: "secret"
     certPostProcessor:
-      image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.1
+      image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.2
 
diff --git a/kubernetes/common/common/templates/_certificate.tpl b/kubernetes/common/common/templates/_certificate.tpl
new file mode 100644 (file)
index 0000000..74f81af
--- /dev/null
+++ b/kubernetes/common/common/templates/_certificate.tpl
@@ -0,0 +1,192 @@
+{{/*#
+# Copyright © 2020, Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.*/}}
+
+{{/*
+# This is a template for requesting a certificate from the cert-manager (https://cert-manager.io).
+#
+# To request a certificate following steps are to be done:
+#  - create an object 'certificates' in the values.yaml
+#  - create a file templates/certificates.yaml and invoke the function "commom.certificate".
+#
+# Here is an example of the certificate request for a component:
+#
+# Directory structure:
+#   component
+#     templates
+#       certifictes.yaml
+#     values.yaml
+#
+# To be added in the file certificates.yamll
+#
+# To be added in the file values.yaml
+#  1. Minimal version (certificates only in PEM format)
+#  certificates:
+#    - name:       onap-component-certificate
+#      secretName: onap-component-certificate
+#      commonName: component.onap.org
+#   2. Extended version (with defined own issuer and additional certificate format):
+#   certificates:
+#    - name:       onap-component-certificate
+#      secretName: onap-component-certificate
+#      commonName: component.onap.org
+#      dnsNames:
+#        - component.onap.org
+#      issuer:
+#        group: certmanager.onap.org
+#        kind: CMPv2Issuer
+#        name: cmpv2-issuer-for-the-component
+#      p12Keystore:
+#        create: true
+#        passwordSecretRef:
+#          name: secret-name
+#          key:  secret-key
+#      jksKeystore:
+#        create: true
+#        passwordSecretRef:
+#          name: secret-name
+#          key:  secret-key
+#
+# Fields 'name', 'secretName' and 'commonName' are mandatory and required to be defined.
+# Other mandatory fields for the certificate definition do not have to be defined directly,
+# in that case they will be taken from default values.
+#
+# Default values are defined in file onap/values.yaml (see-> global.certificate.default)
+# and can be overriden during onap installation process.
+#
+*/}}
+
+{{- define "common.certificate" -}}
+{{- $dot := default . .dot -}}
+{{- $certificates := $dot.Values.certificates -}}
+
+{{ range $certificate := $certificates }}
+{{/*# General certifiacate attributes  #*/}}
+{{- $name           := $certificate.name                                                                          -}}
+{{- $secretName     := $certificate.secretName                                                                    -}}
+{{- $commonName     := default $dot.Values.global.certificate.default.commonName      $certificate.commonName     -}}
+{{- $renewBefore    := default $dot.Values.global.certificate.default.renewBefore     $certificate.renewBefore    -}}
+{{- $duration       := $certificate.duration                                                                      -}}
+{{- $namespace      := default $dot.Release.Namespace         $dot.Values.global.certificate.default.namespace    -}}
+{{- if $certificate.namespace -}}
+{{-   $namespace    = default $namespace                                              $certificate.namespace      -}}
+{{- end -}}
+{{/*# SAN's #*/}}
+{{- $dnsNames       := default $dot.Values.global.certificate.default.dnsNames        $certificate.dnsNames       -}}
+{{- $ipAddresses    := default $dot.Values.global.certificate.default.ipAddresses     $certificate.ipAddresses    -}}
+{{- $uris           := default $dot.Values.global.certificate.default.uris            $certificate.uris           -}}
+{{- $emailAddresses := default $dot.Values.global.certificate.default.emailAddresses  $certificate.emailAddresses -}}
+{{/*# Subject #*/}}
+{{- $subject        := $dot.Values.global.certificate.default.subject                                             -}}
+{{- if $certificate.subject -}}
+{{-   $subject       = mergeOverwrite $subject  $certificate.subject                                              -}}
+{{- end -}}
+{{/*# Issuer #*/}}
+{{- $issuer         := $dot.Values.global.certificate.default.issuer                                              -}}
+{{- if $certificate.issuer -}}
+{{-   $issuer        = mergeOverwrite $issuer   $certificate.issuer                                               -}}
+{{- end -}}
+{{/*# Keystores #*/}}
+{{- $createJksKeystore                  := $dot.Values.global.certificate.default.jksKeystore.create                  -}}
+{{- $jksKeystorePasswordSecretName      := $dot.Values.global.certificate.default.jksKeystore.passwordSecretRef.name  -}}
+{{- $jksKeystorePasswordSecreKey        := $dot.Values.global.certificate.default.jksKeystore.passwordSecretRef.key   -}}
+{{- $createP12Keystore                  := $dot.Values.global.certificate.default.p12Keystore.create                  -}}
+{{- $p12KeystorePasswordSecretName      := $dot.Values.global.certificate.default.p12Keystore.passwordSecretRef.name  -}}
+{{- $p12KeystorePasswordSecreKey        := $dot.Values.global.certificate.default.p12Keystore.passwordSecretRef.key   -}}
+{{- if $certificate.jksKeystore -}}
+{{-   $createJksKeystore                 = default $createJksKeystore                $certificate.jksKeystore.create                   -}}
+{{-   if $certificate.jksKeystore.passwordSecretRef -}}
+{{-     $jksKeystorePasswordSecretName   = default $jksKeystorePasswordSecretName    $certificate.jksKeystore.passwordSecretRef.name   -}}
+{{-     $jksKeystorePasswordSecreKey     = default $jksKeystorePasswordSecreKey      $certificate.jksKeystore.passwordSecretRef.key    -}}
+{{-   end -}}
+{{- end -}}
+{{- if $certificate.p12Keystore -}}
+{{-   $createP12Keystore                 = default $createP12Keystore                $certificate.p12Keystore.create                   -}}
+{{-   if $certificate.p12Keystore.passwordSecretRef -}}
+{{-     $p12KeystorePasswordSecretName   = default $p12KeystorePasswordSecretName    $certificate.p12Keystore.passwordSecretRef.name   -}}
+{{-     $p12KeystorePasswordSecreKey     = default $p12KeystorePasswordSecreKey      $certificate.p12Keystore.passwordSecretRef.key    -}}
+{{-   end -}}
+{{- end -}}
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name:        {{ $name }}
+  namespace:   {{ $namespace }}
+spec:
+  secretName:  {{ $secretName }}
+  commonName:  {{ $commonName }}
+  renewBefore: {{ $renewBefore }}
+  {{- if $duration }}
+  duration:    {{ $duration }}
+  {{- end }}
+  subject:
+    organizations:
+      - {{ $subject.organization }}
+    countries:
+      - {{ $subject.country }}
+    localities:
+      - {{ $subject.locality }}
+    provinces:
+      - {{ $subject.province }}
+    organizationalUnits:
+      - {{ $subject.organizationalUnit }}
+  {{- if $dnsNames }}
+  dnsNames:
+    {{- range $dnsName := $dnsNames }}
+      - {{ $dnsName }}
+    {{- end }}
+  {{- end }}
+  {{- if $ipAddresses }}
+  ipAddresses:
+    {{- range $ipAddress := $ipAddresses }}
+      - {{ $ipAddress }}
+    {{- end }}
+  {{- end }}
+  {{- if $uris }}
+  uris:
+    {{- range $uri := $uris }}
+      - {{ $uri }}
+    {{- end }}
+  {{- end }}
+  {{- if $emailAddresses }}
+  emailAddresses:
+    {{- range $emailAddress := $emailAddresses }}
+      - {{ $emailAddress }}
+    {{- end }}
+  {{- end }}
+  issuerRef:
+    group: {{ $issuer.group }}
+    kind:  {{ $issuer.kind }}
+    name:  {{ $issuer.name }}
+  {{- if or $createJksKeystore $createP12Keystore }}
+  keystores:
+    {{- if $createJksKeystore }}
+    jks:
+      create: {{ $createJksKeystore }}
+      passwordSecretRef:
+        name: {{ $jksKeystorePasswordSecretName }}
+        key:  {{ $jksKeystorePasswordSecreKey }}
+    {{- end }}
+    {{- if $createP12Keystore }}
+    pkcs12:
+      create: {{ $createP12Keystore }}
+      passwordSecretRef:
+        name: {{ $p12KeystorePasswordSecretName }}
+        key:  {{ $p12KeystorePasswordSecreKey }}
+    {{- end }}
+  {{- end }}
+{{ end }}
+
+{{- end -}}
diff --git a/kubernetes/contrib/.gitignore b/kubernetes/contrib/.gitignore
new file mode 100644 (file)
index 0000000..7020381
--- /dev/null
+++ b/kubernetes/contrib/.gitignore
@@ -0,0 +1 @@
+components/dist
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml
index 8c2c0a2..d05129b 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-datafile-collector-inputs.yaml
@@ -21,14 +21,23 @@
 {{ if .Values.componentImages.datafile_collector }}
 tag_version: {{ include "repositoryGenerator.repository" . }}/{{ .Values.componentImages.datafile_collector }}
 {{ end }}
-host_port: {{ .Values.config.address.datafile_collector.port }}
-host_port_secure: {{ .Values.config.address.datafile_collector.portSecure }}
-dmaap_mr_host: "{{ .Values.config.address.message_router }}"
-dmaap_mr_port: 3904
-dmaap_mr_user: "admin"
-dmaap_mr_passwd: "admin"
-dmaap_dr_host: "{{ .Values.config.address.dmaap_dr_prov }}"
-dmaap_dr_port: 8443
-dmaap_dr_user: "dradmin"
-dmaap_dr_passwd: "dradmin"
 replicas: 1
+log_directory: "/var/log/ONAP"
+topic_name: "unauthenticated.VES_NOTIFICATION_OUTPUT"
+envs: {}
+use_tls: true
+PM_MEAS_FILES_feed0_location: "loc00"
+feed0_name: "bulk_pm_feed"
+consumer_id: "C12"
+consumer_group: "OpenDcae-c12"
+cert_directory: "/opt/app/datafile/etc/cert/"
+external_port: ":0"
+datafile-collector_memory_limit: "512Mi"
+datafile-collector_memory_request: "512Mi"
+datafile-collector_cpu_limit: "250m"
+datafile-collector_cpu_request: "250m"
+external_cert_use_external_tls: false
+external_cert_ca_name: "RA"
+external_cert_common_name: "dcae-datafile-collector"
+external_cert_sans: "dcae-datafile-collector,datafile-collector,datafile"
+external_cert_cert_type: "P12"
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
index a3bff07..b3ff95a 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
@@ -103,7 +103,7 @@ mongo:
   disableNfsProvisioner: true
 
 # application image
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:2.2.1
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:2.2.3
 default_k8s_location: central
 
 # DCAE component images to be deployed via Cloudify Manager
@@ -115,7 +115,8 @@ componentImages:
   ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.9
   snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0
   prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.4
-  hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.5.1
+  hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.6.0
+  datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.5.0
 
 # Resource Limit flavor -By Default using small
 flavor: small
diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
index c13d3ce..e187e11 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
@@ -49,7 +49,7 @@ config:
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/org.onap.dcaegen2.deployments.cm-container:3.4.1
+image: onap/org.onap.dcaegen2.deployments.cm-container:3.4.2
 pullPolicy: Always
 
 # name of shared ConfigMap with kubeconfig for multiple clusters
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 1998539..5376940 100755 (executable)
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -172,11 +172,37 @@ global:
   aafEnabled: true
   aafAgentImage: onap/aaf/aaf_agent:2.1.20
 
+ # default values for certificates
+  certificate:
+    default:
+      renewBefore: 8h
+      subject:
+        organization: "Linux-Foundation"
+        country: "US"
+        locality: "San-Francisco"
+        province: "California"
+        organizationalUnit: "ONAP"
+      issuer:
+        group: certmanager.onap.org
+        kind: CMPv2Issuer
+        name: cmpv2-issuer-onap
+      p12Keystore:
+        create: false
+        passwordSecretRef:
+          name: ""
+          key:  ""
+      jksKeystore:
+        create: false
+        passwordSecretRef:
+          name: ""
+          key:  ""
+
   # Enabling CMPv2
   cmpv2Enabled: true
+  CMPv2CertManagerIntegration: false
   platform:
     certServiceClient:
-      image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.1
+      image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.2
       secret:
         name: oom-cert-service-client-tls-secret
         mountPath: /etc/onap/oom/certservice/certs/
diff --git a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml
index 990c36d..0614819 100644 (file)
--- a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml
+++ b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml
@@ -38,7 +38,7 @@ service:
 # Deployment configuration
 deployment:
   name: oom-certservice-cmpv2issuer
-  image: onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.3.0
+  image: onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.3.2
   proxyImage: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0
   # fol local development use IfNotPresent
   pullPolicy: Always
diff --git a/kubernetes/platform/components/oom-cert-service/values.yaml b/kubernetes/platform/components/oom-cert-service/values.yaml
index bd415c0..8f31124 100644 (file)
--- a/kubernetes/platform/components/oom-cert-service/values.yaml
+++ b/kubernetes/platform/components/oom-cert-service/values.yaml
@@ -38,7 +38,7 @@ certificateGenerationImage: onap/integration-java11:7.2.0
 
 # Deployment configuration
 repository: "nexus3.onap.org:10001"
-image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.3.1
+image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.3.2
 pullPolicy: Always
 replicaCount: 1
 
diff --git a/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal.cql b/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal.cql
index 4fd368a..21715a9 100644 (file)
--- a/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal.cql
+++ b/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal.cql
@@ -1,4 +1,5 @@
-// Copyright © 2018 Amdocs, Bell Canada, AT&T
+// Copyright (c) 2018 Amdocs, Bell Canada, AT&T
+// Modifications Copyright (c) 2020 Nokia
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -66,3 +67,6 @@ CREATE TABLE portal.spring_session_attributes (
     AND min_index_interval = 128
     AND read_repair_chance = 0.0
     AND speculative_retry = '99PERCENTILE';
+
+CREATE TABLE portal.health_check (primary_id text PRIMARY KEY, creation_time text);
+insert into portal.health_check (primary_id,creation_time) values ('ECOMPPortal-25927','2018-05-25T20:14:39.408Z');
diff --git a/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml b/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml
index 80197a6..84a78ab 100644 (file)
--- a/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml
+++ b/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml
@@ -1,6 +1,7 @@
 {{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Copyright (c) 2017 Amdocs, Bell Canada
+# Modifications Copyright (c) 2018 AT&T
+# Modifications Copyright (c) 2020 Nokia
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -38,8 +39,13 @@ spec:
     spec:
       containers:
       - name: {{ include "common.name" . }}
-        image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
+        image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        command:
+        - /bin/bash
+        - -c
+        - |
+          /opt/bitnami/scripts/cassandra/entrypoint.sh /opt/bitnami/scripts/cassandra/run.sh
         ports:
         - containerPort: {{ .Values.service.internalPort }}
         - containerPort: {{ .Values.service.internalPort2 }}
@@ -51,37 +57,64 @@ spec:
           exec:
             command:
             - /bin/bash
-            - -c
-            - nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }'
+            - -ec
+            - |
+              nodetool status
           initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
           periodSeconds: {{ .Values.liveness.periodSeconds }}
+          successThreshold: {{ .Values.liveness.successThreshold }}
+          failureThreshold: {{ .Values.liveness.failureThreshold }}
         {{ end }}
         readinessProbe:
           exec:
             command:
             - /bin/bash
-            - -c
-            - nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }'
+            - -ec
+            - |
+              nodetool status | grep -E "^UN\\s+${POD_IP}"
           initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
           periodSeconds: {{ .Values.readiness.periodSeconds }}
+          successThreshold: {{ .Values.readiness.successThreshold }}
+          failureThreshold: {{ .Values.readiness.failureThreshold }}
+        lifecycle:
+          preStop:
+            exec:
+              command:
+              - bash
+              - -ec
+              - nodetool decommission
         env:
-          - name: CASSUSER
+          - name: CASSANDRA_USER
             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "login") | indent 12}}
-          - name: CASSPASS
+          - name: CASSANDRA_PASSWORD
             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "password") | indent 12}}
-          - name: JVM_OPTS
-            value: "{{ .Values.config.cassandraJvmOpts }}"
           - name: POD_IP
             valueFrom:
               fieldRef:
                 fieldPath: status.podIP
+          - name: CASSANDRA_PASSWORD_SEEDER
+            value: "yes"
+          - name: BITNAMI_DEBUG
+            value: "true"
+          - name: CASSANDRA_CLUSTER_NAME
+            value: cassandra
+          - name: CASSANDRA_NUM_TOKENS
+            value: "256"
+          - name: CASSANDRA_DATACENTER
+            value: dc1
+          - name: CASSANDRA_ENDPOINT_SNITCH
+            value: SimpleSnitch
+          - name: CASSANDRA_RACK
+            value: rack1
+          - name: CASSANDRA_ENABLE_RPC
+            value: "true"
         volumeMounts:
         - mountPath: /etc/localtime
           name: localtime
           readOnly: true
         - name: cassandra-docker-entrypoint-initdb
-          mountPath: /docker-entrypoint-initdb.d/aaa_portal_single.cql
-          subPath: portal_single.cql
+          mountPath: /docker-entrypoint-initdb.d/aaa_portal.cql
+          subPath: portal.cql
         - name: {{ include "common.fullname" . }}-data
           mountPath: /var/lib/cassandra/data
         resources:
diff --git a/kubernetes/portal/components/portal-cassandra/values.yaml b/kubernetes/portal/components/portal-cassandra/values.yaml
index a0488e5..ec76d08 100644 (file)
--- a/kubernetes/portal/components/portal-cassandra/values.yaml
+++ b/kubernetes/portal/components/portal-cassandra/values.yaml
@@ -1,5 +1,6 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Copyright (c) 2017 Amdocs, Bell Canada
+# Modifications Copyright (c) 2018 AT&T
+# Modifications Copyright (c) 2020 Nokia
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -22,7 +23,7 @@ global: # global defaults
 
 
 # application image
-image: onap/music/cassandra_music:3.0.0
+image: bitnami/cassandra:3.11.9-debian-10-r30
 pullPolicy: Always
 
 #################################################################
@@ -56,10 +57,14 @@ liveness:
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
   enabled: true
+  successThreshold: 1
+  failureThreshold: 3
 
 readiness:
   initialDelaySeconds: 10
   periodSeconds: 10
+  successThreshold: 1
+  failureThreshold: 3
 
 ## Persist data to a persitent volume
 persistence:
diff --git a/kubernetes/sdnc/templates/certificates.yaml b/kubernetes/sdnc/templates/certificates.yaml
new file mode 100644 (file)
index 0000000..dda1617
--- /dev/null
+++ b/kubernetes/sdnc/templates/certificates.yaml
@@ -0,0 +1,19 @@
+{{/*
+# Copyright © 2020 Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ if .Values.global.CMPv2CertManagerIntegration }}
+{{ include "common.certificate" . }}
+{{ end }}
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index f4f0910..1d2fa26 100644 (file)
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -32,9 +32,10 @@ global:
     service: mariadb-galera
   # Enabling CMPv2
   cmpv2Enabled: true
+  CMPv2CertManagerIntegration: false
   platform:
     certServiceClient:
-      image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.1
+      image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.2
       secret:
         name: oom-cert-service-client-tls-secret
         mountPath: /etc/onap/oom/certservice/certs/
@@ -132,6 +133,29 @@ secrets:
     login: '{{ .Values.config.scaleoutUser }}'
     password: '{{ .Values.config.scaleoutPassword }}'
     passwordPolicy: required
+  - uid: keystore-password
+    type: password
+    password: secret
+    passwordPolicy: required
+#################################################################
+# Certificates
+#################################################################
+certificates:
+  - name:       onap-sdnc-certificate
+    secretName: onap-sdnc-certificate
+    commonName: sdnc.simpledemo.onap.org
+    dnsNames:
+        - sdnc.simpledemo.onap.org
+    p12Keystore:
+      create: true
+      passwordSecretRef:
+        name: keystore-password
+        key: password
+    jksKeystore:
+      create: true
+      passwordSecretRef:
+        name: keystore-password
+        key: password
 #################################################################
 # Application configuration defaults.
 #################################################################
diff --git a/kubernetes/uui/components/uui-server/values.yaml b/kubernetes/uui/components/uui-server/values.yaml
index a43ae6e..3232d82 100644 (file)
--- a/kubernetes/uui/components/uui-server/values.yaml
+++ b/kubernetes/uui/components/uui-server/values.yaml
@@ -25,7 +25,7 @@ flavor: small
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/usecase-ui-server:3.0.6
+image: onap/usecase-ui-server:3.0.7
 pullPolicy: Always
 
 # application configuration
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).