-Subproject commit 1a2274dc0d8089b12a4b6feff328153dd9b26215
+Subproject commit 81954e51ef4c04fb08182d779f4871dfca766221
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
- accessMode: ReadWriteMany
+ accessMode: ReadWriteOnce
size: 1Gi
mountPath: /dockerdata-nfs
mountSubPath: appc/ansible
cpu: 1
memory: 1Gi
unlimited: {}
-
-
# Self Service Response Kafka Message Producer
blueprintsprocessor.messageproducer.self-service-api.bootstrapServers=message-router-kafka:9092
+
+
+# Used in Health Check
+endpoints.user.name=ccsdkapps
+endpoints.user.password=ccsdkapps
blueprintsprocessor.messageproducer.self-service-api.type=kafka-basic-auth
blueprintsprocessor.messageproducer.self-service-api.clientId=cds-client
blueprintsprocessor.messageproducer.self-service-api.topic=cds-producer
## GKE, AWS & OpenStack)
##
# storageClass: "-"
- accessMode: ReadWriteMany
+ accessMode: ReadWriteOnce
size: 2Gi
mountPath: /dockerdata-nfs
mountSubPath: clamp/mariadb/data
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
+
+apiVersion: v1
name: etcd
home: https://github.com/coreos/etcd
version: 5.0.0
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
- name: {{ template "common.name" . }}-data
mountPath: /var/lib/cassandra
resources:
-{{ toYaml .Values.resources | indent 10 }}
+{{ include "common.resources" . | indent 12 }}
volumes:
- name: localtime
hostPath:
storageType: local
storageClass: ""
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
resources:
- limits:
- cpu: 4
- memory: 8Gi
- requests:
- cpu: 2
- memory: 4Gi
+ small:
+ limits:
+ cpu: 500m
+ memory: 1.2Gi
+ requests:
+ cpu: 160m
+ memory: 900Mi
+ large:
+ limits:
+ cpu: 4
+ memory: 10Gi
+ requests:
+ cpu: 2
+ memory: 6Gi
+ unlimited: {}
- /root/ready.py
args:
- --container-name
- - zookeeper
+ - zookeeper
env:
- name: NAMESPACE
valueFrom:
mountPath: /opt/app/music/etc/music.properties
subPath: music.properties
resources:
-{{ toYaml .Values.resources | indent 10 }}
+{{ include "common.resources" . | indent 12 }}
volumes:
- name: shared-data
emptyDir: {}
ingress:
enabled: false
-#resources: {}
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
resources:
- limits:
- cpu: 2
- memory: 2Gi
- requests:
- cpu: 2
- memory: 1Gi
+ small:
+ limits:
+ cpu: 900m
+ memory: 460Mi
+ requests:
+ cpu: 550m
+ memory: 360Mi
+ large:
+ limits:
+ cpu: 4
+ memory: 2Gi
+ requests:
+ cpu: 2
+ memory: 1Gi
+ unlimited: {}
+
properties:
# Admin API
# ONAP AAF
aafAdminUrl:
-
protocol: TCP # Protocol for zookeeper container server port.
# Resource Limit flavor -By Default using small
-flavor: large
+flavor: small
# Segregation for Different environment (Small and Large)
resources:
small:
limits:
- cpu: 1
- memory: 1Gi
+ cpu: 500m
+ memory: 900Mi
requests:
- cpu: 500m
- memory: 500Mi
+ cpu: 10m
+ memory: 730Mi
large:
limits:
cpu: 3
memory: 2Gi
requests:
- cpu: 2
- memory: 1Gi
+ cpu: 2
+ memory: 1Gi
unlimited: {}
nodeSelector: {} # Node label-values required to run zookeeper pods.
tolerations: [] # Node taint overrides for zookeeper pods.
affinity: {} # Criteria by which pod label-values influence scheduling for zookeeper pods.
-affinity:
+affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- topologyKey: "kubernetes.io/hostname"
# storageClass: "nfs-dev-sc"
- accessMode: ReadWriteMany
+ accessMode: ReadWriteOnce
size: 1Gi
# When using storage class, mountPath and mountSubPath are
# storageClass: "nfs-dev-sc"
- accessMode: ReadWriteMany
+ accessMode: ReadWriteOnce
size: 5Gi
# When using storage class, mountPath and mountSubPath are
# storageClass: "nfs-dev-sc"
- accessMode: ReadWriteMany
+ accessMode: ReadWriteOnce
size: 1Gi
# When using storage class, mountPath and mountSubPath are
# DCAE component images to be deployed via Cloudify Manager
# Use to override default setting in blueprints
componentImages:
- holmes_rules: onap/holmes/rule-management:1.2.6
- holmes_engine: onap/holmes/engine-management:1.2.5
+ holmes_rules: onap/holmes/rule-management:1.2.7
+ holmes_engine: onap/holmes/engine-management:1.2.6
tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.2
ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.4.5
snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0
#
#####################################################
# Indicator for whether to use AAF
-UseAAF: true
+UseAAF: {{ .Values.global.aafEnabled }}
# csit: stubs out some southbound APIs for csit
csit: No
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
- hostAliases:
- - ip: "10.12.5.145"
- hostnames:
- - "aaf-onap-test.osaaf.org"
initContainers:
+{{- if .Values.global.aafEnabled }}
- command:
- /root/ready.py
args:
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-aaf-readiness
-{{ if .Values.PG.enabled }}
+{{- end }}
+{{- if .Values.PG.enabled }}
- command:
- /root/ready.py
args:
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
- {{if eq .Values.liveness.enabled true }}
+ {{ if eq .Values.liveness.enabled true -}}
livenessProbe:
httpGet:
port: {{ .Values.service.internalPort }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
-
# NOTE: on the following several configMaps, careful to include / at end
# since there may be more than one file in each mountPath
- name: {{ include "common.name" . }}-config
- name: {{ include "common.name" . }}-aaf-config
mountPath: /opt/app/dmaapbc/etc/org.onap.dmaap-bc.props
subPath: org.onap.dmaap-bc.props
-
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
+++ /dev/null
-cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
-cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile
-cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
-cadi_keystore_password=WGxd2P6MDo*Bi4+UdzWs{?$8
-cadi_key_password=WGxd2P6MDo*Bi4+UdzWs{?$8
-cadi_alias=dmaap-dr-node@dmaap-dr.onap.org
-cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
-cadi_truststore_password=)OBvCd{e{aWq.^mJJdX:S:1&
-
-aaf_env=DEV
-aaf_locate_url=https://aaf-locate:8095
-aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect
-aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token
-aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
-cadi_protocols=TLSv1.1,TLSv1.2
-cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1
-fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1
-gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1
-
-cadi_latitude=53.423
-cadi_longitude=7.940
-
-cadi_loglevel=INFO
\ No newline at end of file
#
# The path to the redirection data file
#
-#RedirectionFile: etc/redirections.dat
+RedirectionFile = etc/redirections.dat
#
# The type of keystore for https
-#
-KeyStoreType=jks
-#
-# The path to the keystore for https
-#
-KeyStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
-#
-# The password for the https keystore
-#
-KeyStorePassword=WGxd2P6MDo*Bi4+UdzWs{?$8
-#
-# The password for the private key in the https keystore
-#
-KeyPassword=WGxd2P6MDo*Bi4+UdzWs{?$8
+KeyStoreType = PKCS12
#
# The type of truststore for https
-#
-TrustStoreType=jks
-#
-# The path to the truststore for https
-#
-TrustStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
-#
-# The password for the https truststore
-#
-TrustStorePassword=)OBvCd{e{aWq.^mJJdX:S:1&
+TrustStoreType = jks
#
# The path to the file used to trigger an orderly shutdown
-#
-QuiesceFile=etc/SHUTDOWN
+QuiesceFile = etc/SHUTDOWN
#
# The key used to generate passwords for node to node transfers
-#
-NodeAuthKey=Node123!
+NodeAuthKey = Node123!
#
# DR_NODE DEFAULT ENABLED TLS PROTOCOLS
NodeHttpsProtocols = TLSv1.1|TLSv1.2
# AAF action to generate permission string - default should be publish
AAFAction = publish
#
-# AAF URL to connect to AAF server
-AafUrl = https://aaf-locate:8095
-#
# AAF CADI enabled flag
CadiEnabled = false
+#
+# AAF Props file path
+AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props
storageClassName: "{{ include "common.fullname" . }}-event-logs-stcl"
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
hostPath:
- path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.eventLogsMountSubPath }}
\ No newline at end of file
+ path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.eventLogsMountSubPath }}
+---
+{{- if .Values.global.aafEnabled }}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-aaf-props-pv
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}-aaf-props-pv
+spec:
+ capacity:
+ storage: {{ .Values.persistence.aafCredsSize }}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" . }}-aaf-props-stcl"
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.aafCredsMountSubPath }}
+{{ end -}}
\ No newline at end of file
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ {{- if .Values.global.aafEnabled }}
+ - name: {{ include "common.name" . }}-dr-node-aaf-config
+ image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: {{ .Values.persistence.aafCredsPath }}
+ name: {{ include "common.fullname" . }}-aaf-props-pvc
+ command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"]
+ env:
+ - name: APP_FQI
+ value: "{{ .Values.aafConfig.fqi }}"
+ - name: aaf_locate_url
+ value: "https://aaf-locate.{{ .Release.Namespace }}:8095"
+ - name: aaf_locator_container
+ value: "{{ .Values.global.aafLocatorContainer }}"
+ - name: aaf_locator_container_ns
+ value: "{{ .Release.Namespace }}"
+ - name: aaf_locator_fqdn
+ value: "{{ .Values.aafConfig.fqdn }}"
+ - name: aaf_locator_public_fqdn
+ value: "{{.Values.aafConfig.publicFqdn}}"
+ - name: aaf_locator_app_ns
+ value: "{{ .Values.global.aafAppNs }}"
+ - name: DEPLOY_FQI
+ value: "{{ .Values.aafConfig.aafDeployFqi }}"
+ - name: DEPLOY_PASSWORD
+ value: "{{ .Values.aafConfig.aafDeployPass }}"
+ - name: cadi_longitude
+ value: "{{ .Values.aafConfig.cadiLongitude }}"
+ - name: cadi_latitude
+ value: "{{ .Values.aafConfig.cadiLatitude }}"
+ {{- end }}
- name: {{ include "common.name" . }}-permission-fixer
image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.fullname" . }}-spool-data-pvc
- mountPath: {{ .Values.persistence.eventLogsPath }}
name: {{ include "common.fullname" . }}-event-logs-pvc
- command: ["chown","-Rf","1000:1001", "/opt/app/datartr"]
+ {{- if .Values.global.aafEnabled }}
+ - mountPath: {{ .Values.persistence.aafCredsPath }}
+ name: {{ include "common.fullname" . }}-aaf-props-pvc
+ {{- end }}
+ command: ["chown","-Rf","1000:1001", "/opt/app/"]
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
+ {{- if .Values.global.aafEnabled }}
+ - mountPath: {{ .Values.persistence.aafCredsPath }}
+ name: {{ include "common.fullname" . }}-aaf-props-pvc
+ {{- end }}
- mountPath: {{ .Values.persistence.spoolPath }}
name: {{ include "common.fullname" . }}-spool-data-pvc
- mountPath: {{ .Values.persistence.eventLogsPath }}
- mountPath: /opt/app/datartr/etc/node.properties
name: {{ include "common.fullname" . }}-config
subPath: node.properties
- - mountPath: /opt/app/datartr/etc/drNodeCadi.properties
- name: {{ include "common.fullname" . }}-config
- subPath: drNodeCadi.properties
- mountPath: /opt/app/datartr/etc/logback.xml
name: {{ include "common.fullname" . }}-log-conf
subPath: logback.xml
- mountPath: {{ .Values.global.loggingDirectory }}
name: {{ include "common.fullname" . }}-logs
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
{{- if .Values.affinity }}
affinity:
{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- # Filebeat sidecar container
+ {{- end -}}
+ # Filebeat sidecar container
- name: {{ include "common.name" . }}-filebeat-onap
image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
items:
- key: node.properties
path: node.properties
- - key: drNodeCadi.properties
- path: drNodeCadi.properties
- name: {{ include "common.fullname" . }}-log-conf
configMap:
name: {{ include "common.fullname" . }}-log
emptyDir: {}
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
+ {{- if .Values.global.aafEnabled }}
+ - name: {{ include "common.fullname" . }}-aaf-props-pvc
+ emptyDir: {}
+ {{- end }}
volumeClaimTemplates:
- metadata:
name: {{ include "common.fullname" . }}-spool-data-pvc
selector:
matchLabels:
name: {{ include "common.fullname" . }}-event-logs-pv
+{{- if .Values.global.aafEnabled }}
+ - metadata:
+ name: {{ include "common.fullname" . }}-aaf-props-pvc
+ labels:
+ name: {{ include "common.fullname" . }}
+ spec:
+ accessModes: [ {{ .Values.persistence.accessMode }} ]
+ storageClassName: {{ include "common.fullname" . }}-aaf-props-stcl
+ resources:
+ requests:
+ storage: {{ .Values.persistence.aafCredsSize }}
+ selector:
+ matchLabels:
+ name: {{ include "common.fullname" . }}-aaf-props-pv
+{{- end }}
#################################################################
global:
loggingDirectory: /var/log/onap/datarouter
- busyBoxImage: busybox:1.30
- busyBoxRepository: docker.io
#################################################################
# Application configuration defaults.
#################################################################
# application image
-image: onap/dmaap/datarouter-node:2.1.2
+image: onap/dmaap/datarouter-node:2.1.3
pullPolicy: Always
# flag to enable debugging - application support required
mountPath: /dockerdata-nfs
spoolMountSubPath: data-router/dr-node/spool-data
- spoolSize: 1Gi
+ spoolSize: 2Gi
spoolPath: /opt/app/datartr/spool
eventLogsMountSubPath: data-router/dr-node/event-logs
- eventLogSize: 1Gi
+ eventLogSize: 2Gi
eventLogsPath: /opt/app/datartr/logs
+ aafCredsMountSubPath: data-router/dr-node/aaf-props
+ aafCredsSize: 10M
+ aafCredsPath: /opt/app/osaaf/local
+
+#AAF local config
+aafConfig:
+ aafDeployFqi: dmaap-dr@dmaap-dr.onap.org
+ aafDeployPass: demo123456!
+ fqdn: dmaap-dr-node
+ fqi: dmaap-dr-node@dmaap-dr.onap.org
+ publicFqdn: dmaap-dr.onap.org
+ cadiLatitude: 0.0
+ cadiLongitude: 0.0
+
+
ingress:
enabled: false
+++ /dev/null
-cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
-cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile
-cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
-cadi_keystore_password=FZNkU,B%NJzcT1v7;^v]M#ZX
-cadi_key_password=FZNkU,B%NJzcT1v7;^v]M#ZX
-cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org
-cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
-cadi_truststore_password=+mzf@J.D^;3!![*Xr.z$c#?b
-
-aaf_env=DEV
-aaf_locate_url=https://aaf-locate:8095
-aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect
-aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token
-aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
-cadi_protocols=TLSv1.1,TLSv1.2
-cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1
-fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1
-gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1
-
-cadi_latitude=53.423
-cadi_longitude=7.940
-
-cadi_loglevel=INFO
\ No newline at end of file
org.onap.dmaap.datarouter.provserver.https.port = {{.Values.config.dmaapDrProv.internalPort2}}
org.onap.dmaap.datarouter.provserver.https.relaxation = true
-org.onap.dmaap.datarouter.provserver.keymanager.password = FZNkU,B%NJzcT1v7;^v]M#ZX
-org.onap.dmaap.datarouter.provserver.keystore.type = jks
-org.onap.dmaap.datarouter.provserver.keystore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
-org.onap.dmaap.datarouter.provserver.keystore.password = FZNkU,B%NJzcT1v7;^v]M#ZX
-org.onap.dmaap.datarouter.provserver.truststore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
-org.onap.dmaap.datarouter.provserver.truststore.password = +mzf@J.D^;3!![*Xr.z$c#?b
+org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props
+
org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs
org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool
org.onap.dmaap.datarouter.provserver.dbscripts = /opt/app/datartr/etc/misc
org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish
org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe
-# AAF URL to connect to AAF server
-org.onap.dmaap.datarouter.provserver.cadi.aaf.url = https://aaf-locate:8095
-
spec:
hostname: {{ .Values.global.dmaapDrProvName }}
initContainers:
- - command:
- - /root/ready.py
- args:
- - --container-name
- - {{ .Values.config.dmaapDrDb.mariadbContName }}
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
+ - name: {{ include "common.name" . }}-readiness
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - {{ .Values.config.dmaapDrDb.mariadbContName }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ {{- if .Values.global.aafEnabled }}
+ - name: {{ include "common.name" . }}-dr-prov-aaf-config
+ image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"]
+ volumeMounts:
+ - mountPath: {{ .Values.persistence.aafCredsPath }}
+ name: {{ include "common.fullname" . }}-aaf-config-vol
+ env:
+ - name: APP_FQI
+ value: "{{ .Values.aafConfig.fqi }}"
+ - name: aaf_locate_url
+ value: "https://aaf-locate.{{ .Release.Namespace }}:8095"
+ - name: aaf_locator_container
+ value: "{{ .Values.global.aafLocatorContainer }}"
+ - name: aaf_locator_container_ns
+ value: "{{ .Release.Namespace }}"
+ - name: aaf_locator_fqdn
+ value: "{{ .Values.aafConfig.fqdn }}"
+ - name: aaf_locator_public_fqdn
+ value: "{{.Values.aafConfig.publicFqdn}}"
+ - name: aaf_locator_app_ns
+ value: "{{ .Values.global.aafAppNs }}"
+ - name: DEPLOY_FQI
+ value: "{{ .Values.aafConfig.aafDeployFqi }}"
+ - name: DEPLOY_PASSWORD
+ value: "{{ .Values.aafConfig.aafDeployPass }}"
+ - name: cadi_longitude
+ value: "{{ .Values.aafConfig.cadiLongitude }}"
+ - name: cadi_latitude
+ value: "{{ .Values.aafConfig.cadiLatitude }}"
+ - name: {{ include "common.name" . }}-permission-fixer
+ image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: {{ .Values.persistence.aafCredsPath }}
+ name: {{ include "common.fullname" . }}-aaf-config-vol
+ command: ["chown","-Rf","1000:1001", "/opt/app/"]
+ {{ end }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
+ {{- if .Values.global.aafEnabled }}
+ - mountPath: {{ .Values.persistence.aafCredsPath }}
+ name: {{ include "common.fullname" . }}-aaf-config-vol
+ {{- end }}
- mountPath: /etc/localtime
name: localtime
readOnly: false
- mountPath: /opt/app/datartr/etc/provserver.properties
name: {{ include "common.fullname" . }}-config
subPath: provserver.properties
- - mountPath: /opt/app/datartr/etc/drProvCadi.properties
- name: {{ include "common.fullname" . }}-config
- subPath: drProvCadi.properties
- mountPath: /opt/app/datartr/etc/logback.xml
name: {{ include "common.fullname" . }}-log-conf
subPath: logback.xml
- mountPath: {{ .Values.global.loggingDirectory }}
name: {{ include "common.fullname" . }}-logs
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
{{- if .Values.affinity }}
affinity:
{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- # Filebeat sidecar container
+ {{- end -}}
+ # Filebeat sidecar container
- name: {{ include "common.name" . }}-filebeat-onap
image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
items:
- key: provserver.properties
path: provserver.properties
- - key: drProvCadi.properties
- path: drProvCadi.properties
- name: {{ include "common.fullname" . }}-log-conf
configMap:
name: {{ include "common.fullname" . }}-log
emptyDir: {}
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
+ {{- if .Values.global.aafEnabled }}
+ - name: {{ include "common.fullname" . }}-aaf-config-vol
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}-aaf-props
+ {{ end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
{{ end }}
- name: REQUESTID
value: "{{.Chart.Name}}-post-install"
-
volumeMounts:
- mountPath: /etc/localtime
name: localtime
readOnly: true
-
# NOTE: on the following several configMaps, careful to include / at end
# since there may be more than one file in each mountPath
# NOTE: the basename of the subdirectory is important - it matches the DBCL API URI
--- /dev/null
+{{/*
+ # ============LICENSE_START=======================================================
+ # Copyright (C) 2019 Nordix Foundation.
+ # ================================================================================
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+ #
+ # SPDX-License-Identifier: Apache-2.0
+ # ============LICENSE_END=========================================================
+*/}}
+{{- if .Values.global.aafEnabled }}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-aaf-props
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-aaf-props
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}-aaf-props
+spec:
+ capacity:
+ storage: {{ .Values.persistence.aafCredsSize}}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" . }}-aaf-props-stcl"
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.aafCredsMountSubPath }}
+{{ end -}}
--- /dev/null
+{{/*
+ # ============LICENSE_START=======================================================
+ # Copyright (C) 2019 Nordix Foundation.
+ # ================================================================================
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+ #
+ # SPDX-License-Identifier: Apache-2.0
+ # ============LICENSE_END=========================================================
+*/}}
+{{- if .Values.global.aafEnabled }}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-aaf-props
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ selector:
+ matchLabels:
+ name: {{ include "common.fullname" . }}-aaf-props
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ storageClassName: "{{ include "common.fullname" . }}-aaf-props-stcl"
+ resources:
+ requests:
+ storage: {{ .Values.persistence.aafCredsSize }}
+{{ end -}}
\ No newline at end of file
spec:
type: {{ .Values.config.dmaapDrProv.servicetype }}
ports:
- {{if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}}
+ {{- if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}}
{{- if .Values.global.allow_http }}
- port: {{ .Values.global.dmaapDrProvExtPort }}
targetPort: {{ .Values.config.dmaapDrProv.internalPort }}
# Application configuration defaults.
#################################################################
# application image
-image: onap/dmaap/datarouter-prov:2.1.2
+image: onap/dmaap/datarouter-prov:2.1.3
pullPolicy: Always
# flag to enable debugging - application support required
## Persist data to a persitent volume
persistence:
- enabled: false
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteOnce
+ mountPath: /dockerdata-nfs
+
+ aafCredsMountSubPath: data-router/dr-prov/aaf-props
+ aafCredsSize: 10M
+ aafCredsPath: /opt/app/osaaf/local
ingress:
enabled: false
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 2000m
- memory: 4Gi
- requests:
- cpu: 500m
- memory: 1Gi
- large:
- limits:
- cpu: 4000m
- memory: 8Gi
- requests:
- cpu: 1000m
- memory: 2Gi
- unlimited: {}
-
config:
# dr provisioning server configuration
dmaapDrProv:
size: 1Gi
mountSubPath: data-router/dr-db-data
disableNfsProvisioner: true
+
+#AAF local config
+aafConfig:
+ aafDeployFqi: dmaap-dr@dmaap-dr.onap.org
+ aafDeployPass: demo123456!
+ fqdn: dmaap-dr-prov
+ fqi: dmaap-dr-prov@dmaap-dr.onap.org
+ publicFqdn: dmaap-dr.onap.org
+ cadiLatitude: 0.0
+ cadiLongitude: 0.0
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2000m
+ memory: 4Gi
+ requests:
+ cpu: 500m
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4000m
+ memory: 8Gi
+ requests:
+ cpu: 1000m
+ memory: 2Gi
+ unlimited: {}
\ No newline at end of file
timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
env:
- name: enableCadi
- value: "true"
+ value: "{{ .Values.global.aafEnabled }}"
volumeMounts:
- mountPath: /etc/localtime
name: localtime
subPath: mykey
name: mykey
resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
volumes:
- name: localtime
hostPath:
loggingImage: beats/filebeat:5.5.0
clientImage: onap/dmaap/dbc-client:1.0.9
repository: nexus3.onap.org:10001
+ busyBoxImage: busybox:1.30
+ busyBoxRepository: docker.io
#Global DMaaP app config
allow_http: true
dmaapDrProvExtPort2: 443
dmaapDrProvExtPort: 80
+ #AAF global config overrides
+ aafEnabled: true
+ aafAgentImage: onap/aaf/aaf_agent:2.1.15
+ aafAppNs: org.osaaf.aaf
+ aafLocatorContainer: oom
+
+
#Component overrides
message-router:
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
- accessMode: ReadWriteMany
+ accessMode: ReadWriteOnce
size: 1Gi
mountPath: /dockerdata-nfs
mountSubPath: log/elasticsearch/data
requests:
cpu: 1
memory: 4Gi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: ONAP NBI MariaDB Service
-name: mariadb
-version: 5.0.0
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-dependencies:
- - name: common
- version: ~5.x-0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
- repository: '@local'
+++ /dev/null
-# Copyright © 2018 Amdocs, Bell Canada , Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- spec:
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- args:
- - --lower-case-table-names=1
- - --wait_timeout=28800
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: MYSQL_DATABASE
- value: "{{ .Values.config.db.database }}"
- - name: MYSQL_USER
- value: "{{ .Values.config.db.user }}"
- - name: MYSQL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-secret
- key: db-user-password
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ template "common.fullname" . }}-secret
- key: db-root-password
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /var/lib/mysql
- name: mariadb-data
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: mariadb-data
- {{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ .Release.Name }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-secret
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-type: Opaque
-data:
- db-user-password: {{ .Values.config.db.password | b64enc | quote }}
- db-root-password: {{ .Values.config.db.root_password | b64enc | quote }}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
- heritage: {{ .Release.Service }}
-spec:
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
- clusterIP: None
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada, Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: mariadb:10.3.14
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-# Example:
-config:
- db:
- user: nbi_user
- password: nbi_user
- root_password: change_me
- database: maria
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- periodSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
- volumeReclaimPolicy: Retain
- accessMode: ReadWriteOnce
- size: 2Gi
- mountPath: /dockerdata-nfs
- mountSubPath: mariadb/data
-
-service:
- type: ClusterIP
- name: policydb
- portName: policydb
- internalPort: 3306
-
-ingress:
- enabled: false
-
-# Resource Limit flavor
-flavor: small
-resources:
- small:
- limits:
- cpu: 1
- memory: 500Mi
- requests:
- cpu: 10m
- memory: 200Mi
- large:
- limits:
- cpu: 1
- memory: 1Gi
- requests:
- cpu: 20m
- memory: 400Mi
- unlimited: {}
- name: mongo
version: ~5.x-0
repository: '@local'
-
+ - name: mariadb-galera
+ version: ~5.x-0
+ repository: '@local'
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: SPRING_DATASOURCE_URL
- value: jdbc:mariadb://{{ .Values.mariadb.service.name }}.{{ include "common.namespace" . }}:{{.Values.mariadb.service.internalPort }}/{{ .Values.mariadb.config.db.database }}
+ value: jdbc:mariadb://{{ index .Values "mariadb-galera" "service" "name" }}.{{ include "common.namespace" . }}:3306/{{ index .Values "mariadb-galera" "config" "mysqlDatabase" }}
- name: SPRING_DATASOURCE_USERNAME
- value: {{ .Values.mariadb.config.db.user }}
+ value: {{ index .Values "mariadb-galera" "config" "userName" }}
- name: SPRING_DATASOURCE_PASSWORD
valueFrom:
secretKeyRef:
heritage: {{ .Release.Service }}
type: Opaque
data:
- db-user-password: {{ .Values.mariadb.config.db.password | b64enc | quote }}
- db-root-password: {{ .Values.mariadb.config.db.root_password | b64enc | quote }}
+ db-user-password: {{ index .Values "mariadb-galera" "config" "userPassword" | b64enc | quote }}
+ db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }}
openStackRegion: RegionOne
openStackVNFTenantId: 31047205ce114b60833b23e400d6a535
-mariadb:
- nameOverride: nbi-mariadb
- service:
- name: nbi-mariadbhost
- internalPort: 3306
+mariadb-galera:
config:
- db:
- database: nbi
- user: rene
- password: lkjgklqsdareyhjujlnnbvfvdttuiukgpiokqbfsjdhfigquosegombvjfqhb
- root_password: dhqjdshjdsguryebvcnbvcvdsqghyjqgktgjjfhjfghbfs
+ userName: rene
+ userPassword: lkjgklqsdareyhjujlnnbvfvdttuiukgpiokqbfsjdhfigquosegombvjfqhb
+ mariadbRootPassword: dhqjdshjdsguryebvcnbvcvdsqghyjqgktgjjfhjfghbfs
+ mysqlDatabase: nbi
+ nameOverride: nbi-galera
+ service:
+ name: nbi-galera
+ portName: nbi-galera
+ replicaCount: 1
persistence:
- mountSubPath: nbi/maria/data
enabled: true
- disableNfsProvisioner: true
+ mountSubPath: nbi/maria/data
mongo:
nameOverride: nbi-mongo
"topic" : "POLICY-PDP-PAP",
"servers" : [ "message-router" ],
"topicCommInfrastructure" : "dmaap"
+ },
+ {
+ "topic" : "POLICY-NOTIFICATION",
+ "servers" : [ "message-router" ],
+ "topicCommInfrastructure" : "dmaap"
}]
}
}
persistence: {}
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
-
+
# application image
repository: nexus3.onap.org:10001
image: onap/data-router:1.3.3
## GKE, AWS & OpenStack)
##
## storageClass: "-"
- accessMode: ReadWriteMany
+ accessMode: ReadWriteOnce
size: 2Gi
mountPath: /dockerdata-nfs
mountSubPath: pomba/data-router/logs
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
- accessMode: ReadWriteMany
+ accessMode: ReadWriteOnce
size: 1Gi
mountPath: /dockerdata-nfs
mountSubPath: pomba/elasticsearch/data
- name: CASSPASS
value: "{{ .Values.config.cassandraPassword }}"
- name: JVM_OPTS
- value: "{{ .Values.config.cassandraJvmOpts }}"
+ value: "{{ .Values.config.cassandraJvmOpts }}"
- name: POD_IP
valueFrom:
fieldRef:
{{ if .Values.liveness.enabled }}
livenessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ .Values.service.internalPort2 }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end }}
readinessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ .Values.service.internalPort2 }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/workflow-backend:1.5.1
-configInitImage: onap/workflow-init:1.5.1
+image: onap/workflow-backend:1.5.2
+configInitImage: onap/workflow-init:1.5.2
pullPolicy: Always
# flag to enable debugging - application support required
cassandraAuthenticationEnabled: true
cassandraThriftClientPort: 9160
cassandraClientPort: 9042
- sdcProtocol: HTTP
- sdcEndpoint: sdc-be:8080
+ sdcProtocol: HTTPS
+ sdcEndpoint: sdc-be:8443
sdcExternalUser: workflow
sdcExternalUserPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
serverSSLEnabled: false
serverSSLKeyStoreType: jks
- serverSSLKeyStorePath: /etc/server-https-keystore/keystore
- serverSSLKeyPassword: password
+ serverSSLKeyStorePath: etc/org.onap.sdc.p12
+ serverSSLKeyPassword: "!ppJ.JvWn0hGh)oVF]([Kv)^"
cassandraSSLEnabled: false
cassandraTrustStorePath: /etc/cassandra-client-truststore/truststore
cassandraTrustStorePassword: password
value: "{{ .Values.config.isHttpsEnabled}}"
{{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }}
- name: KEYSTORE_PASS
- {{- if .Values.global.security.keysFromCa }}
- valueFrom:
- secretKeyRef:
- name: mft-sdc
- key: keystore-password.txt
- {{ else }}
- value: {{ .Values.global.security.keyStorePass}}
- {{- end }}
+ value: "{{ .Values.security.keystorePass}}"
- name: TRUSTSTORE_PASS
- {{- if .Values.global.security.keysFromCa }}
- valueFrom:
- secretKeyRef:
- name: mft-catruststore
- key: keystore-password.txt
- {{ else }}
- value: {{ .Values.global.security.trustStorePass}}
- {{- end }}
+ value: "{{ .Values.security.truststorePass}}"
- name: TRUSTSTORE_PATH
value: "{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}"
- name: KEYSTORE_PATH
value: "{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}"
- - name: TRUSTSTORE_TYPE
- value: {{ .Values.security.truststore.type }}
- - name: KEYSTORE_TYPE
- value: {{ .Values.security.keystore.type }}
{{ end }}
volumeMounts:
- {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }}
- - name: {{ include "common.fullname" . }}-jetty-https-truststore
- mountPath: /var/lib/jetty/{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}
- subPath: {{ .Values.security.truststoreFilename }}
- - name: {{ include "common.fullname" . }}-jetty-https-keystore
- mountPath: /var/lib/jetty/etc/{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}
- subPath: {{ .Values.security.keystoreFilename }}
- {{ end }}
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
readOnly: true
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
-
# side car containers
- name: {{ include "common.name" . }}-filebeat-onap
image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/workflow-frontend:1.5.1
+image: onap/workflow-frontend:1.5.2
pullPolicy: Always
# flag to enable debugging - application support required
# https relevant settings. Change in case you have other trust files then default ones.
security:
- isDefaultStore: true
- truststoreType: "JKS"
- keystoreType: "JKS"
- truststoreFilename: "truststore"
- keystoreFilename: "keystore"
+ isDefaultStore: false
+ truststoreFilename: "org.onap.sdc.trust.jks"
+ keystoreFilename: "org.onap.sdc.p12"
+ keystorePass: "!ppJ.JvWn0hGh)oVF]([Kv)^"
+ truststorePass: "].][xgtze]hBhz*wy]}m#lf*"
storePath: "etc"
# default number of instances
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/bpmn-infra:1.5.2
+image: onap/so/bpmn-infra:1.5.3
pullPolicy: Always
replicaCount: 1
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/catalog-db-adapter:1.5.2
+image: onap/so/catalog-db-adapter:1.5.3
pullPolicy: Always
replicaCount: 1
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/so-monitoring:1.5.2
+image: onap/so/so-monitoring:1.5.3
pullPolicy: Always
replicaCount: 1
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/openstack-adapter:1.5.2
+image: onap/so/openstack-adapter:1.5.3
pullPolicy: Always
repository: nexus3.onap.org:10001
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/request-db-adapter:1.5.2
+image: onap/so/request-db-adapter:1.5.3
pullPolicy: Always
replicaCount: 1
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/sdc-controller:1.5.2
+image: onap/so/sdc-controller:1.5.3
pullPolicy: Always
replicaCount: 1
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/sdnc-adapter:1.5.2
+image: onap/so/sdnc-adapter:1.5.3
pullPolicy: Always
replicaCount: 1
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/vfc-adapter:1.5.2
+image: onap/so/vfc-adapter:1.5.3
pullPolicy: Always
replicaCount: 1
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/vnfm-adapter:1.5.2
+image: onap/so/vnfm-adapter:1.5.3
pullPolicy: Always
replicaCount: 1
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/api-handler-infra:1.5.2
+image: onap/so/api-handler-infra:1.5.3
pullPolicy: Always
replicaCount: 1