cadi_latitude: "0.0"
credsPath: /opt/app/osaaf/local
aaf_add_config: |
- echo "*** retrieving password for keystore and trustore"
- export $(/opt/app/aaf_config/bin/agent.sh local showpass \
- {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0)
- if [ -z "$cadi_keystore_password_p12" ]
- then
- echo " /!\ certificates retrieval failed"
- exit 1
- else
- echo "*** transform AAF certs into pem files"
- mkdir -p {{ .Values.credsPath }}/certs
- keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
- -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
- -alias ca_local_0 \
- -storepass $cadi_truststore_password
- openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
- -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
- -passin pass:$cadi_keystore_password_p12 \
- -passout pass:$cadi_keystore_password_p12
- echo "*** generating needed file"
- cat {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
- {{ .Values.credsPath }}/certs/cert.pem \
- {{ .Values.credsPath }}/certs/cacert.pem \
- > {{ .Values.credsPath }}/certs/fullchain.pem;
- cat {{ .Values.credsPath }}/certs/fullchain.pem
- echo "*** change ownership of certificates to targeted user"
- chown -R 33 {{ .Values.credsPath }}
- fi
+ echo "*** transform AAF certs into pem files"
+ mkdir -p {{ .Values.credsPath }}/certs
+ keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
+ -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
+ -alias ca_local_0 \
+ -storepass $cadi_truststore_password
+ openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
+ -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
+ -passin pass:$cadi_keystore_password_p12 \
+ -passout pass:$cadi_keystore_password_p12
+ echo "*** generating needed file"
+ cat {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
+ {{ .Values.credsPath }}/certs/cert.pem \
+ {{ .Values.credsPath }}/certs/cacert.pem \
+ > {{ .Values.credsPath }}/certs/fullchain.pem;
+ cat {{ .Values.credsPath }}/certs/fullchain.pem
+ echo "*** change ownership of certificates to targeted user"
+ chown -R 33 {{ .Values.credsPath }}
#################################################################
command:
- /app/ready.py
args:
- - --timeout
- - "{{ .Values.readinessTimeout }}"
- --container-name
- music-cassandra
env:
restartPolicy: Never
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
-
timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
successThreshold: {{ .Values.readiness.successThreshold }}
failureThreshold: {{ .Values.readiness.failureThreshold }}
+ startupProbe:
+ exec:
+ command:
+ - /bin/bash
+ - -c
+ - nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }'
+ initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
+ periodSeconds: {{ .Values.startup.periodSeconds }}
+ timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
+ successThreshold: {{ .Values.startup.successThreshold }}
+ failureThreshold: {{ .Values.startup.failureThreshold }}
lifecycle:
preStop:
exec:
nodePortPrefix: 302
persistence: {}
-replicaCount: 3
+replicaCount: 1
# Cassandra Image - This image is modified from the original on
# Docker Hub where the Security has been turned on.
# probe configuration parameters
liveness:
- initialDelaySeconds: 120
- periodSeconds: 20
+ initialDelaySeconds: 1
+ periodSeconds: 10
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
# in debugger so K8s doesn't restart unresponsive container
enabled: true
-readinessTimeout: 240
-
readiness:
- initialDelaySeconds: 10
- periodSeconds: 20
+ initialDelaySeconds: 1
+ periodSeconds: 10
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
+startup:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 10
+ successThreshold: 1
+ failureThreshold: 90
+
podManagementPolicy: OrderedReady
updateStrategy:
type: OnDelete
{{- end }}
{{- end -}}
{{/*
+For internal use only!
+
+dcaegen2-services-common._externalVolumes:
+This template generates a list of volumes associated with the pod,
+based on information provided in .Values.externalVolumes. This
+template works in conjunction with dcaegen2-services-common._externalVolumeMounts
+to give the microservice access to data in volumes created else.
+This initial implementation supports ConfigMaps only, as this is the only
+external volume mounting required by current microservices.
+
+.Values.externalValues is a list of objects. Each object has 3 required fields and 1 optional field:
+ - name: the name of the resource (in the current implementation, it must be a ConfigMap)
+ that is to be set up as a volume. The value is a case sensitive string. Because the
+ names of resources are sometimes set at deployment time (for instance, to prefix the Helm
+ release to the name), the string can be a Helm template fragment that will be expanded at
+ deployment time.
+ - type: the type of the resource (in the current implementation, only "ConfigMap" is supported).
+ The value is a case-INsensitive string.
+ - mountPoint: the path to the mount point for the volume in the container file system. The
+ value is a case-sensitive string.
+ - readOnly: (Optional) Boolean flag. Set to true to mount the volume as read-only.
+ Defaults to false.
+
+Here is an example fragment from a values.yaml file for a microservice:
+
+externalVolumes:
+ - name: my-example-configmap
+ type: configmap
+ mountPath: /opt/app/config
+ - name: '{{ include "common.release" . }}-another-example'
+ type: configmap
+ mountPath: /opt/app/otherconfig
+*/}}
+{{- define "dcaegen2-services-common._externalVolumes" -}}
+ {{- $global := . -}}
+ {{- if .Values.externalVolumes }}
+ {{- range $vol := .Values.externalVolumes }}
+ {{- if eq (lower $vol.type) "configmap" }}
+ {{- $vname := (tpl $vol.name $global) }}
+- configMap:
+ defaultMode: 420
+ name: {{ $vname }}
+ name: {{ $vname }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+{{- end }}
+{{/*
+For internal use only!
+
+dcaegen2-services-common._externalVolumeMounts:
+This template generates a list of volume mounts for the microservice container,
+based on information provided in .Values.externalVolumes. This
+template works in conjunction with dcaegen2-services-common._externalVolumes
+to give the microservice access to data in volumes created else.
+This initial implementation supports ConfigMaps only, as this is the only
+external volume mounting required by current microservices.
+
+See the documentation for dcaegen2-services-common._externalVolumes for
+details on how external volumes are specified in the values.yaml file for
+the microservice.
+*/}}
+{{- define "dcaegen2-services-common._externalVolumeMounts" -}}
+ {{- $global := . -}}
+ {{- if .Values.externalVolumes }}
+ {{- range $vol := .Values.externalVolumes }}
+ {{- if eq (lower $vol.type) "configmap" }}
+ {{- $vname := (tpl $vol.name $global) -}}
+ {{- $readOnly := $vol.readOnly | default false }}
+- mountPath: {{ $vol.mountPath }}
+ name: {{ $vname }}
+ readOnly: {{ $readOnly }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+{{- end }}
+{{/*
dcaegen2-services-common.microserviceDeployment:
This template produces a Kubernetes Deployment for a DCAE microservice.
- name: policy-shared
mountPath: /etc/policies
{{- end }}
+ {{- include "dcaegen2-services-common._externalVolumeMounts" . | nindent 8 }}
{{- if $logDir }}
- image: {{ include "repositoryGenerator.image.logging" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: policy-shared
emptyDir: {}
{{- end }}
+ {{- include "dcaegen2-services-common._externalVolumes" . | nindent 6 }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
{{ end -}}
--- /dev/null
+# ================================ LICENSE_START =============================
+# ============================================================================
+# Copyright (C) 2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ================================= LICENSE_END ==============================
+
+apiVersion: v1
+appVersion: "Honolulu"
+description: A Helm chart for DCAE PMSH
+name: dcae-pmsh
+version: 8.0.0
\ No newline at end of file
--- /dev/null
+# ================================ LICENSE_START =============================
+# ============================================================================
+# Copyright (C) 2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ================================= LICENSE_END ==============================
+
+dependencies:
+ - name: common
+ version: ~8.x-0
+ repository: '@local'
+ - name: postgres
+ version: ~8.x-0
+ repository: '@local'
+ - name: readinessCheck
+ version: ~8.x-0
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~8.x-0
+ repository: '@local'
+ - name: dcaegen2-services-common
+ version: ~8.x-0
+ repository: 'file://../../common/dcaegen2-services-common'
\ No newline at end of file
--- /dev/null
+{{/*
+################################################################################
+# Copyright (c) 2021 Nordix Foundation. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+*/}}
+
+{{ include "dcaegen2-services-common.configMap" . }}
\ No newline at end of file
--- /dev/null
+{{/*
+################################################################################
+# Copyright (c) 2021 Nordix Foundation. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+*/}}
+
+{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file
--- /dev/null
+{{/*
+################################################################################
+# Copyright (c) 2021 Nordix Foundation. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+*/}}
+
+{{ include "common.secretFast" . }}
\ No newline at end of file
--- /dev/null
+{{/*
+################################################################################
+# Copyright (c) 2021 Nordix Foundation. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+*/}}
+
+{{ include "common.service" . }}
\ No newline at end of file
--- /dev/null
+# ================================ LICENSE_START =============================
+# ============================================================================
+# Copyright (C) 2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ================================= LICENSE_END ==============================
+
+#################################################################
+# Global Configuration Defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ nodePortPrefixExt: 304
+
+#################################################################
+# Filebeat Configuration Defaults.
+#################################################################
+filebeatConfig:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+
+#################################################################
+# Secrets Configuration.
+#################################################################
+secrets:
+ - uid: &aafCredsUID aafcreds
+ type: basicAuth
+ login: '{{ .Values.aafCreds.identity }}'
+ password: '{{ .Values.aafCreds.password }}'
+ passwordPolicy: required
+ - uid: &pgUserCredsSecretUid pg-user-creds
+ name: &pgUserCredsSecretName '{{ include "common.release" . }}-pmsh-pg-user-creds'
+ type: basicAuth
+ externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "pmsh-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}'
+ login: '{{ .Values.postgres.config.pgUserName }}'
+ password: '{{ .Values.postgres.config.pgUserPassword }}'
+ passwordPolicy: generate
+
+#################################################################
+# InitContainer Images.
+#################################################################
+tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
+consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
+
+#################################################################
+# Application Configuration Defaults.
+#################################################################
+# Application Image
+image: onap/org.onap.dcaegen2.services.pmsh:1.3.1
+pullPolicy: Always
+
+# Log directory where logging sidecar should look for log files
+# if absent, no sidecar will be deployed
+logDirectory: /var/log/ONAP/dcaegen2/services/pmsh
+
+# Directory where TLS certs should be stored
+# if absent, no certs will be retrieved and stored
+certDirectory: /opt/app/pmsh/etc/certs
+
+# TLS role -- set to true if microservice acts as server
+# If true, an init container will retrieve a server cert
+# and key from AAF and mount them in certDirectory.
+tlsServer: true
+
+# Dependencies
+readinessCheck:
+ wait_for:
+ - dcae-config-binding-service
+ - aaf-cm
+ - &postgresName dcae-pmsh-postgres
+
+# Probe Configuration
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 15
+ timeoutSeconds: 1
+ path: /healthcheck
+ scheme: HTTPS
+ port: 8443
+
+# Service Configuration
+service:
+ type: ClusterIP
+ name: dcae-pmsh
+ ports:
+ - name: https
+ port: 8443
+ port_protocol: http
+
+# AAF Credentials
+aafCreds:
+ identity: dcae@dcae.onap.org
+ password: demo123456!
+
+credentials:
+- name: AAF_IDENTITY
+ uid: *aafCredsUID
+ key: login
+- name: AAF_PASSWORD
+ uid: *aafCredsUID
+ key: password
+
+# Initial Application Configuration
+applicationConfig:
+ enable_tls: true
+ aaf_identity: ${AAF_IDENTITY}
+ aaf_password: ${AAF_PASSWORD}
+ key_path: /opt/app/pmsh/etc/certs/key.pem
+ cert_path: /opt/app/pmsh/etc/certs/cert.pem
+ ca_cert_path: /opt/app/pmsh/etc/certs/cacert.pem
+ control_loop_name: pmsh-control-loop
+ operational_policy_name: pmsh-operational-policy
+ pmsh_policy:
+ subscription:
+ subscriptionName: ExtraPM-All-gNB-R2B
+ administrativeState: LOCKED
+ fileBasedGP: 15
+ fileLocation: "/pm/pm.xml"
+ nfFilter: { "nfNames": [ "^pnf.*","^vnf.*" ],"modelInvariantIDs": [ ],"modelVersionIDs": [ ],"modelNames": [ ] }
+ measurementGroups: [ { "measurementGroup": { "measurementTypes": [ { "measurementType": "countera" },{ "measurementType": "counterb" } ],"managedObjectDNsBasic": [ { "DN": "dna" },{ "DN": "dnb" } ] } },{ "measurementGroup": { "measurementTypes": [ { "measurementType": "counterc" },{ "measurementType": "counterd" } ],"managedObjectDNsBasic": [ { "DN": "dnc" },{ "DN": "dnd" } ] } } ]
+ streams_publishes:
+ policy_pm_publisher:
+ type: message_router
+ dmaap_info:
+ topic_url: "https://message-router:3905/events/unauthenticated.DCAE_CL_OUTPUT"
+ streams_subscribes:
+ policy_pm_subscriber:
+ type: message_router
+ dmaap_info:
+ topic_url: "https://message-router:3905/events/unauthenticated.PMSH_CL_INPUT"
+ aai_subscriber:
+ type: message_router
+ dmaap_info:
+ topic_url: "https://message-router:3905/events/AAI-EVENT"
+
+applicationEnv:
+ PMSH_PG_URL: &dcaePmshPgPrimary dcae-pmsh-pg-primary
+ PMSH_PG_USERNAME:
+ secretUid: *pgUserCredsSecretUid
+ key: login
+ PMSH_PG_PASSWORD:
+ secretUid: *pgUserCredsSecretUid
+ key: password
+
+# Resource Limit Flavor -By Default Using Small
+flavor: small
+
+# Segregation for Different Environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 1
+ memory: 1Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+
+#################################################################
+# Application configuration Overriding Defaults in the Postgres.
+#################################################################
+postgres:
+ nameOverride: *postgresName
+ service:
+ name: *postgresName
+ name2: *dcaePmshPgPrimary
+ name3: dcae-pmsh-pg-replica
+ container:
+ name:
+ primary: dcae-pmsh-pg-primary
+ replica: dcae-pmsh-pg-replica
+ persistence:
+ mountSubPath: pmsh/data
+ mountInitPath: pmsh
+ config:
+ pgUserName: pmsh
+ pgDatabase: pmsh
+ pgUserExternalSecret: *pgUserCredsSecretName
\ No newline at end of file
version: ~8.x-0
repository: 'file://components/dcae-ms-healthcheck'
condition: dcae-ms-healthcheck.enabled
+ - name: dcae-pmsh
+ version: ~8.x-0
+ repository: 'file://components/dcae-pmsh'
+ condition: dcae-pmsh.enabled
- name: dcae-prh
version: ~8.x-0
repository: 'file://components/dcae-prh'
enabled: true
dcae-hv-ves-collector:
enabled: true
+dcae-pmsh:
+ enabled: false
dcae-prh:
enabled: true
dcae-tcagen2:
# Application configuration defaults.
#################################################################
# application image
-image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.4.2
+image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.4.3
pullPolicy: Always
# probe configuration parameters
-Djavax.net.ssl.keyStore="{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }}"
-Djavax.net.ssl.trustStore="{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }}"
{{- else }}
- args: ["/start-apache-tomcat.sh -i "" -n "" -b {{ .Values.global.env.tomcatDir }}"]
+ args: ["/start-apache-tomcat.sh -i \"\" -n \"\" -b {{ .Values.global.env.tomcatDir }}"]
{{- end }}
ports:
- containerPort: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
{{ end }}
readinessProbe:
exec:
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
+ successThreshold: {{ .Values.readiness.successThreshold }}
+ failureThreshold: {{ .Values.readiness.failureThreshold }}
+ resources: {{ include "common.resources" . | nindent 12 }}
+ startupProbe:
+ exec:
+ command:
+ - "/var/lib/jetty/ready-probe.sh"
+ initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
+ periodSeconds: {{ .Values.startup.periodSeconds }}
+ timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
+ successThreshold: {{ .Values.startup.successThreshold }}
+ failureThreshold: {{ .Values.startup.failureThreshold }}
resources: {{ include "common.resources" . | nindent 12 }}
env:
- name: ENVNAME
# probe configuration parameters
liveness:
- initialDelaySeconds: 120
+ initialDelaySeconds: 1
periodSeconds: 10
timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 3
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
port: api
enabled: true
readiness:
- initialDelaySeconds: 60
+ initialDelaySeconds: 1
periodSeconds: 10
timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 3
+
+startup:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 60
service:
type: NodePort
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
{{ end }}
readinessProbe:
tcpSocket:
port: {{ .Values.service.internalPort2 }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
+ successThreshold: {{ .Values.readiness.successThreshold }}
+ failureThreshold: {{ .Values.readiness.failureThreshold }}
+ startupProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort2 }}
+ initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
+ periodSeconds: {{ .Values.startup.periodSeconds }}
+ timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
+ successThreshold: {{ .Values.startup.successThreshold }}
+ failureThreshold: {{ .Values.startup.failureThreshold }}
resources: {{ include "common.resources" . | nindent 12 }}
env:
- name: ENVNAME
# probe configuration parameters
liveness:
- initialDelaySeconds: 10
- periodSeconds: 60
+ initialDelaySeconds: 1
+ periodSeconds: 10
timeoutSeconds: 15
+ successThreshold: 1
+ failureThreshold: 3
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
+ initialDelaySeconds: 1
+ periodSeconds: 10
+ timeoutSeconds: 15
+ successThreshold: 1
+ failureThreshold: 3
+
+startup:
initialDelaySeconds: 10
- periodSeconds: 60
+ periodSeconds: 10
timeoutSeconds: 15
+ successThreshold: 1
+ failureThreshold: 60
service:
#Example service definition with external, internal and node ports.
port: {{ .Values.liveness.port }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
+ startupProbe:
+ httpGet:
+ path: {{ .Values.startup.path }}
+ port: {{ .Values.startup.port }}
+ initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
+ periodSeconds: {{ .Values.startup.periodSeconds }}
+ successThreshold: {{ .Values.startup.successThreshold }}
+ failureThreshold: {{ .Values.startup.failureThreshold }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
port: *svc_port
liveness:
- initialDelaySeconds: 30
- periodSeconds: 30
+ initialDelaySeconds: 1
+ periodSeconds: 10
path: /actuator/health
+ successThreshold: 1
+ failureThreshold: 3
port: *port
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
+startup:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ path: /actuator/health
+ successThreshold: 1
+ failureThreshold: 12
+ port: *port
+
flavor: small
resources:
small:
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
{{ end }}
readinessProbe:
exec:
- "/var/lib/jetty/ready-probe.sh"
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
+ successThreshold: {{ .Values.readiness.successThreshold }}
+ failureThreshold: {{ .Values.readiness.failureThreshold }}
+ startupProbe:
+ exec:
+ command:
+ - "/var/lib/jetty/ready-probe.sh"
+ initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
+ periodSeconds: {{ .Values.startup.periodSeconds }}
+ timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
+ successThreshold: {{ .Values.startup.successThreshold }}
+ failureThreshold: {{ .Values.startup.failureThreshold }}
resources: {{ include "common.resources" . | nindent 12 }}
env:
- name: ENVNAME
# probe configuration parameters
liveness:
- initialDelaySeconds: 120
- periodSeconds: 60
+ initialDelaySeconds: 1
+ periodSeconds: 10
timeoutSeconds: 15
+ successThreshold: 1
+ failureThreshold: 3
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 120
- periodSeconds: 60
+ initialDelaySeconds: 1
+ periodSeconds: 10
timeoutSeconds: 15
+ successThreshold: 1
+ failureThreshold: 3
+
+startup:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 15
+ successThreshold: 1
+ failureThreshold: 60
service:
type: ClusterIP
port: {{ template "wfd-be.internalPort" . }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
{{ end }}
readinessProbe:
tcpSocket:
port: {{ template "wfd-be.internalPort" . }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ successThreshold: {{ .Values.readiness.successThreshold }}
+ failureThreshold: {{ .Values.readiness.failureThreshold }}
+ startupProbe:
+ tcpSocket:
+ port: {{ template "wfd-be.internalPort" . }}
+ initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
+ periodSeconds: {{ .Values.startup.periodSeconds }}
+ successThreshold: {{ .Values.startup.successThreshold }}
+ failureThreshold: {{ .Values.startup.failureThreshold }}
env:
- name: JAVA_OPTIONS
value: {{ .Values.config.javaOptions }}
initialDelaySeconds: 60
periodSeconds: 10
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 1
+ periodSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 1
+ periodSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
+
+startup:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ failureThreshold: 60
+
service:
type: NodePort
portName: sdc-wfd-be
port: {{ template "wfd-fe.internalPort" . }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ successThreshold: {{ .Values.liveness.successThreshold }}
+ failureThreshold: {{ .Values.liveness.failureThreshold }}
{{ end }}
readinessProbe:
tcpSocket:
port: {{ template "wfd-fe.internalPort" . }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ successThreshold: {{ .Values.readiness.successThreshold }}
+ failureThreshold: {{ .Values.readiness.failureThreshold }}
+ startupProbe:
+ tcpSocket:
+ port: {{ template "wfd-fe.internalPort" . }}
+ initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
+ periodSeconds: {{ .Values.startup.periodSeconds }}
+ successThreshold: {{ .Values.startup.successThreshold }}
+ failureThreshold: {{ .Values.startup.failureThreshold }}
env:
- name: ENVNAME
value: {{ .Values.env.name }}
# probe configuration parameters
liveness:
- initialDelaySeconds: 60
+ initialDelaySeconds: 1
periodSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
- initialDelaySeconds: 60
+ initialDelaySeconds: 1
periodSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
+
+startup:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ failureThreshold: 60
service:
type: NodePort
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdnc-dmaap-listener-image:2.1.5
+image: onap/sdnc-dmaap-listener-image:2.1.6
pullPolicy: Always
# flag to enable debugging - application support required
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdnc-ansible-server-image:2.1.5
+image: onap/sdnc-ansible-server-image:2.1.6
pullPolicy: Always
# flag to enable debugging - application support required
# Application configuration defaults.
#################################################################
# application image
-image: "onap/sdnc-web-image:2.1.5"
+image: "onap/sdnc-web-image:2.1.6"
pullPolicy: Always
config:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdnc-ueb-listener-image:2.1.5
+image: onap/sdnc-ueb-listener-image:2.1.6
pullPolicy: Always
# flag to enable debugging - application support required
# application images
pullPolicy: Always
-image: onap/sdnc-image:2.1.5
+image: onap/sdnc-image:2.1.6
# flag to enable debugging - application support required
debugEnabled: false
Code Review / oom.git / commitdiff