+{{/*
# Copyright © 2017 Amdocs, Bell Canada
# Modifications © 2020 Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: apps/v1
kind: Deployment
+{{/*
# Copyright © 2017 Amdocs, Bell Canada
# Modifications © 2020 Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "common.service" . }}
+{{/*
# Copyright © 2017 Amdocs
# Modifications © 2020 Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "aaf.deployment" . }}
+{{/*
# Copyright © 2017 Amdocs, Orange
# Modifications © 2020 Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "common.service" . }}
+{{/*
# Copyright © 2017 Amdocs, Orange
# Modifications © 2020 Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "aaf.deployment" . }}
+{{/*
# Copyright © 2017 Amdocs, Orange
# Modifications © 2020 Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "common.service" . }}
+{{/*
# Copyright © 2017 Amdocs, Orange
# Modifications © 2020 Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "aaf.deployment" . }}
+{{/*
# Copyright © 2017 Amdocs, Orange
# Modifications © 2020 Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "common.service" . }}
+{{/*
# Copyright © 2017 Amdocs, Bell Canada
# Modifications © 2020 Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: apps/v1
kind: Deployment
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+{{/*
# Copyright © 2020 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "common.secretFast" . }}
+{{/*
# Copyright © 2017 Amdocs, Bell Canada
# Modifications © 2020 Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "common.service" . }}
+{{/*
# Copyright © 2017 Amdocs
# Modifications © 2020 Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "aaf.deployment" . }}
+{{/*
# Copyright © 2017 Amdocs, Orange
# Modifications © 2020 Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "common.service" . }}
+{{/*
# Copyright © 2017 Amdocs
# Modifications © 2020 Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "aaf.deployment" . }}
+{{/*
# Copyright © 2017 Amdocs, Orange
# Modifications © 2020 Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "common.service" . }}
+{{/*
# Copyright © 2017 Amdocs
# Modifications © 2020 Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "aaf.deployment" . }}
+{{/*
# Copyright © 2017 Amdocs, Orange
# Modifications © 2020 Orange
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "common.service" . }}
+{{/*
# Copyright 2018 Intel Corporation, Inc
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: v1
kind: ConfigMap
+{{/*
# Copyright 2018 Intel Corporation, Inc
# Modifications © 2020 AT&T
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: apps/v1
kind: StatefulSet
+{{/*
# Copyright 2018 Intel Corporation, Inc
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: v1
kind: ConfigMap
+{{/*
# Copyright 2018 Intel Corporation, Inc
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: v1
kind: Service
+{{/*
# Copyright 2018 Intel Corporation, Inc
# Modifications © 2020 AT&T
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: apps/v1
kind: StatefulSet
+{{/*
# Copyright 2018 Intel Corporation, Inc
# Modifications © 2020 AT&T
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: apps/v1
kind: Deployment
+{{/*
# Copyright 2018 Intel Corporation, Inc
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: v1
kind: Service
+{{/*
# Copyright 2018 Intel Corporation, Inc
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: v1
kind: Secret
resources:
small:
limits:
- cpu: 2
- memory: 4Gi
+ cpu: 500m
+ memory: 1.5Gi
requests:
- cpu: 1
- memory: 2Gi
+ cpu: 100m
+ memory: 750Mi
large:
limits:
cpu: 2
external_port: 0
external_port_tls: {{ .Values.config.address.ves.portSecure }}
auth_method: "certBasicAuth"
-component_name: "dcae-ves-collector"
-dns_component_name: "dcae-ves-collector"
+service_component_type: "dcae-ves-collector"
+service_id: "dcae-ves-collector"
+service_component_name_override: "dcae-ves-collector"
enable_tls: true
ves_other_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_OTHER_OUTPUT/"
ves_heartbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT/"
external_port_tls: 0
external_port: {{ .Values.config.address.ves.port }}
auth_method: "noAuth"
-component_name: "dcae-ves-collector-http"
-dns_component_name: "dcae-ves-collector-http"
+service_component_type: "dcae-ves-collector-http"
+service_id: "dcae-ves-collector-http"
+service_component_name_override: "dcae-ves-collector-http"
ves_other_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_OTHER_OUTPUT/"
ves_heartbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT/"
ves_fault_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_FAULT_OUTPUT/"
ves_3gpp_fault_supervision_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT/"
ves_3gpp_provisioning_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT/"
ves_3gpp_hearbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT/"
-ves_3gpp_performance_assurance_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT/"
\ No newline at end of file
+ves_3gpp_performance_assurance_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT/"
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:2.1.6
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:2.1.7
default_k8s_location: central
# DCAE component images to be deployed via Cloudify Manager
# Use to override default setting in blueprints
componentImages:
- holmes_rules: onap/holmes/rule-management:1.2.7
- holmes_engine: onap/holmes/engine-management:1.2.6
- tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.2.0
- ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.6
+ holmes_rules: onap/holmes/rule-management:1.2.8
+ holmes_engine: onap/holmes/engine-management:1.2.8
+ tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.2.1
+ ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.8
snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0
prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.4
hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.5.0
FLAGS=${@:3}
CHART_REPO="$(cut -d'/' -f1 <<<"$CHART_URL")"
CHART_NAME="$(cut -d'/' -f2 <<<"$CHART_URL")"
- CACHE_DIR=~/.helm/plugins/deploy/cache
+ if [[ $HELM_VER == "v3."* ]]; then
+ CACHE_DIR=~/.local/share/helm/plugins/deploy/cache
+ else
+ CACHE_DIR=~/.helm/plugins/deploy/cache
+ fi
+ echo "Use cache dir: $CACHE_DIR"
CHART_DIR=$CACHE_DIR/$CHART_NAME
CACHE_SUBCHART_DIR=$CHART_DIR-subcharts
LOG_DIR=$CHART_DIR/logs
if [[ $FLAGS = *"--delay"* ]]; then
FLAGS="$(echo $FLAGS| sed -n 's/--delay//p')"
DELAY="true"
- fi
+ fi
# determine if set-last-applied flag is enabled
SET_LAST_APPLIED="false"
if [[ $FLAGS = *"--set-last-applied"* ]]; then
if [[ $DELAY == "true" ]]; then
echo sleep 3m
sleep 3m
- fi
+ fi
else
array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}"))
n=${#array[*]}
for (( i = n-1; i >= 0; i-- )); do
- helm del "${array[i]}" --purge
+ if [[ $HELM_VER == "v3."* ]]; then
+ helm del "${array[i]}"
+ else
+ helm del "${array[i]}" --purge
+ fi
done
fi
done
# report on success/failures of installs/upgrades
helm ls | grep FAILED | grep $RELEASE
}
+HELM_VER=$(helm version --template "{{.Version}}")
+echo $HELM_VER
case "${1:-"help"}" in
"help")
version: v19
endpoint: https://aai.{{ include "common.namespace" . }}:8443
spring:
+ datasource:
+ hikari:
+ camunda:
+ jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/camundabpmn
+ username: ${DB_USERNAME}
+ password: ${DB_PASSWORD}
+ driver-class-name: org.mariadb.jdbc.Driver
+ pool-name: bpmn-pool
+ registerMbeans: true
+ nfvo:
+ jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/nfvo
+ username: ${DB_ADMIN_USERNAME}
+ password: ${DB_ADMIN_PASSWORD}
+ driver-class-name: org.mariadb.jdbc.Driver
+ pool-name: nfvo-pool
+ registerMbeans: true
security:
usercredentials:
- username: ${ETSI_NFVO_USERNAME}
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "etsi-nfvo-nslcm-creds" "key" "login") | indent 14 }}
- name: ETSI_NFVO_PASSWORD_INPUT
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "etsi-nfvo-nslcm-creds" "key" "password") | indent 14 }}
+ - name: DB_HOST
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.release" . }}-so-db-secrets
+ key: mariadb.readwrite.host
+ - name: DB_PORT
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.release" . }}-so-db-secrets
+ key: mariadb.readwrite.port
+ - name: DB_USERNAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 14 }}
+ - name: DB_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 14 }}
+ - name: DB_ADMIN_USERNAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 14 }}
+ - name: DB_ADMIN_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 14 }}
{{ include "so.certificates.env" . | indent 12 | trim }}
envFrom:
- configMapRef:
externalSecret: '{{ tpl (default "" .Values.etsi.nfvo.nslcm.credsExternalSecret) . }}'
login: '{{ .Values.etsi.nfvo.nslcm.username }}'
password: '{{ .Values.etsi.nfvo.nslcm.password }}'
+ - uid: db-user-creds
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}'
+ login: '{{ .Values.db.userName }}'
+ password: '{{ .Values.db.userPassword }}'
+ passwordPolicy: required
+ - uid: db-admin-creds
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}'
+ login: '{{ .Values.db.adminName }}'
+ password: '{{ .Values.db.adminPassword }}'
+ passwordPolicy: required
#################################################################
# Application configuration defaults.
aai:
auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586
+db:
+ userName: so_user
+ userPassword: so_User123
+ # userCredsExternalSecret: some secret
+ adminName: so_admin
+ adminPassword: so_Admin123
+ # adminCredsExternalSecret: some secret
etsi:
nfvo:
nslcm:
mariadbGalera:
nameOverride: mariadb-galera
serviceName: mariadb-galera
- servicePort: "3306"
+ servicePort: '3306'
# mariadbRootPassword: secretpassword
# rootPasswordExternalSecret: some secret
#This flag allows SO to instantiate its own mariadb-galera cluster,
passwordPolicy: required
annotations:
helm.sh/hook: pre-upgrade,pre-install
- helm.sh/hook-weight: "0"
+ helm.sh/hook-weight: '0'
helm.sh/hook-delete-policy: before-hook-creation
- uid: db-user-creds
name: &dbUserCredsSecretName '{{ include "common.release" . }}-so-db-user-creds'
login: '{{ .Values.dbCreds.adminName }}'
password: '{{ .Values.dbCreds.adminPassword }}'
passwordPolicy: generate
- - uid: "so-onap-certs"
+ - uid: 'so-onap-certs'
name: &so-certs '{{ include "common.release" . }}-so-certs'
externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
type: generic
ingress:
enabled: false
service:
- - baseaddr: "so.api"
- name: "so"
+ - baseaddr: 'so.api'
+ name: 'so'
port: 8080
config:
- ssl: "none"
+ ssl: 'none'
mso:
adapters:
so-etsi-nfvo-ns-lcm:
enabled: true
+ db:
+ <<: *dbSecrets
so-monitoring:
enabled: true