.. This work is licensed under a Creative Commons Attribution 4.0
.. International License.
.. http://creativecommons.org/licenses/by/4.0
-.. Copyright 2018-2020 Amdocs, Bell Canada, Orange, Samsung
+.. Copyright 2018-2021 Amdocs, Bell Canada, Orange, Samsung, Nokia
.. _master_index:
oom_quickstart_guide_helm3.rst
oom_user_guide.rst
oom_user_guide_helm3.rst
+ oom_setup_paas.rst
oom_developer_guide.rst
oom_cloud_setup_guide.rst
release-notes.rst
--- /dev/null
+.. This work is licensed under a Creative Commons Attribution 4.0
+.. International License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright 2021 Nokia
+
+.. Links
+.. _Cert-Manager Installation documentation: https://cert-manager.io/docs/installation/kubernetes/
+.. _Cert-Manager kubectl plugin documentation: https://cert-manager.io/docs/usage/kubectl-plugin/
+
+.. _oom_setup_paas:
+
+ONAP PaaS set-up (optional)
+###########################
+
+Starting from Honolulu release, Cert-Manager and Prometheus Stack are a part
+of k8s PaaS for ONAP operations and can be optionally installed to provide
+additional functionality for ONAP engineers.
+
+The versions of PaaS compoents that are supported by OOM are as follows:
+
+.. table:: ONAP PaaS components
+
+ ============== ============= =================
+ Release Cert-Manager Prometheus Stack
+ ============== ============= =================
+ honolulu 1.2.0 13.x
+ ============== ============= =================
+
+This guide provides instructions on how to install the following PaaS
+components for ONAP:
+
+- Cert-Manager
+- Prometheus Stack
+
+Cert-Manager
+============
+
+Cert-Manager is a native Kubernetes certificate management controller.
+It can help with issuing certificates from a variety of sources, such as
+Let’s Encrypt, HashiCorp Vault, Venafi, a simple signing key pair, self
+signed or external issuers. It ensures certificates are valid and up to
+date, and attempt to renew certificates at a configured time before expiry.
+
+Installation steps
+------------------
+
+The recommended version of Cert-Manager for Kubernetes 1.19 is v1.2.0.
+Cert-Manager is deployed using regular YAML manifests which include all
+the needed resources (the CustomResourceDefinitions, cert-manager,
+namespace, and the webhook component).
+
+Full installation instructions, including details on how to configure extra
+functionality in Cert-Manager can be found in the
+`Cert-Manager Installation documentation`_.
+
+There is also a kubectl plugin (kubectl cert-manager) that can help you
+to manage cert-manager resources inside your cluster. For installation
+steps, please refer to `Cert-Manager kubectl plugin documentation`_.
+
+Installation can be as simple as::
+
+ > kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.2.0/cert-manager.yaml
+
+Prometheus Stack
+================
+
+Prometheus is an open-source systems monitoring and alerting toolkit with
+an active ecosystem.
+
+Kube Prometheus Stack is a collection of Kubernetes manifests, Grafana
+dashboards, and Prometheus rules combined with documentation and scripts to
+provide easy to operate end-to-end Kubernetes cluster monitoring with
+Prometheus using the Prometheus Operator. As it includes both Prometheus
+Operator and Grafana dashboards, there is no need to set up them separately.
+
+Installation steps
+------------------
+
+The recommended version of kube-prometheus-stack chart for
+Kubernetes 1.19 is 13.x (which is currently the latest major chart version),
+for example 13.3.1.
+
+In order to install Prometheus Stack, you must follow these steps:
+
+- Create the namespace for Prometheus Stack::
+
+ > kubectl create namespace prometheus
+
+- Add the prometheus-community Helm repository::
+
+ > helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+
+- Update your local Helm chart repository cache::
+
+ > helm repo update
+
+- To install the kube-prometheus-stack Helm chart in latest version::
+
+ > helm install prometheus prometheus-community/kube-prometheus-stack --namespace=prometheus
+
+ To install the kube-prometheus-stack Helm chart in specific version, for example 13.3.1::
+
+ > helm install prometheus prometheus-community/kube-prometheus-stack --namespace=prometheus --version=13.3.1
"password": "${AAF_PASS}",
"aaf_conductor_user": "oof@oof.onap.org"
}
+ },
+ {
+ "name": "sdc",
+ "values": {
+ "username": "${SDC_USER}",
+ "password": "${SDC_PASS}"
+ }
}
]
}
export OSDF_PCI_OPT_PASS=${OSDF_PCI_OPT_PASS_PLAIN};
export OSDF_OPT_ENGINE_PASS=${OSDF_OPT_ENGINE_PASS_PLAIN};
export SO_PASS=${SO_PASS_PLAIN};
+ export SDC_PASS=${SDC_PASS_PLAIN};
cd /config-input;
for PFILE in `find . -not -type d | grep -v -F ..`; do
envsubst <${PFILE} >/config/${PFILE};
- name: SO_PASS_PLAIN
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-creds" "key" "password") | indent 10 }}
+ - name: SDC_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-creds" "key" "login") | indent 10 }}
+ - name: SDC_PASS_PLAIN
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-creds" "key" "password") | indent 10 }}
+
volumeMounts:
- mountPath: /config-input
name: {{ include "common.name" . }}-preload-input
login: '{{ .Values.oofCreds.soUsername }}'
password: '{{ .Values.oofCreds.soPassword }}'
passwordPolicy: required
-
+ - uid: sdc-creds
+ type: basicAuth
+ login: '{{ .Values.oofCreds.sdcUsername }}'
+ password: '{{ .Values.oofCreds.sdcPassword }}'
+ passwordPolicy: required
oofCreds:
aaiUsername: oof@oof.onap.org
aaiPassword: demo123456!
soUsername: apihBpmn
soPassword: password1$
+ sdcUsername: aai
+ sdcPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+
# Configure resource requests and limits
resources:
small:
#################################################################
# application image
-image: onap/babel:1.7.1
+image: onap/babel:1.8.0
flavor: small
flavorOverride: small
# application image
-image: onap/model-loader:1.7.0
+image: onap/model-loader:1.8.0
pullPolicy: Always
restartPolicy: Always
flavor: small
serviceName: aai-search-data
# application image
-image: onap/sparky-be:2.0.2
+image: onap/sparky-be:2.0.3
pullPolicy: Always
restartPolicy: Always
flavor: small
{"vhost":"{{ .Values.config.rabbitmqVhost }}","name":"ha-all","pattern":".*","definition":{"ha-mode":"all","ha-sync-mode":"automatic"}}
]
}
+---
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-nginx-conf
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app.kubernetes.io/name: {{ include "common.name" . }}
+ helm.sh/chart: {{ include "common.chart" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
+data:
+ nginx.conf: |
+ worker_processes 1;
+ pid /tmp/nginx.pid;
+ events {
+ worker_connections 1024;
+ }
+ http {
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+ server_tokens off;
+ log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+ '$status $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for"';
+ access_log /dev/stdout main;
+ map $http_upgrade $connection_upgrade {
+ default upgrade;
+ '' close;
+ }
+ sendfile on;
+ #tcp_nopush on;
+ #gzip on;
+ upstream uwsgi {
+ server 127.0.0.1:8050;
+ }
+ upstream daphne {
+ server 127.0.0.1:8051;
+ }
+ server {
+ listen 8052 default_server;
+ # If you have a domain name, this is where to add it
+ server_name _;
+ keepalive_timeout 65;
+ # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
+ add_header Strict-Transport-Security max-age=15768000;
+ add_header Content-Security-Policy "default-src 'self'; connect-src 'self' ws: wss:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.pendo.io; img-src 'self' *.pendo.io data:; report-uri /csp-violation/";
+ add_header X-Content-Security-Policy "default-src 'self'; connect-src 'self' ws: wss:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.pendo.io; img-src 'self' *.pendo.io data:; report-uri /csp-violation/";
+ # Protect against click-jacking https://www.owasp.org/index.php/Testing_for_Clickjacking_(OTG-CLIENT-009)
+ add_header X-Frame-Options "DENY";
+ location /nginx_status {
+ stub_status on;
+ access_log off;
+ allow 127.0.0.1;
+ deny all;
+ }
+ location /static/ {
+ alias /var/lib/awx/public/static/;
+ }
+ location /favicon.ico { alias /var/lib/awx/public/static/favicon.ico; }
+ location /websocket {
+ # Pass request to the upstream alias
+ proxy_pass http://daphne;
+ # Require http version 1.1 to allow for upgrade requests
+ proxy_http_version 1.1;
+ # We want proxy_buffering off for proxying to websockets.
+ proxy_buffering off;
+ # http://en.wikipedia.org/wiki/X-Forwarded-For
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ # enable this if you use HTTPS:
+ proxy_set_header X-Forwarded-Proto https;
+ # pass the Host: header from the client for the sake of redirects
+ proxy_set_header Host $http_host;
+ # We've set the Host header, so we don't need Nginx to muddle
+ # about with redirects
+ proxy_redirect off;
+ # Depending on the request value, set the Upgrade and
+ # connection headers
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection $connection_upgrade;
+ }
+ location / {
+ # Add trailing / if missing
+ rewrite ^(.*)$http_host(.*[^/])$ $1$http_host$2/ permanent;
+ uwsgi_read_timeout 120s;
+ uwsgi_pass uwsgi;
+ include /etc/nginx/uwsgi_params;
+ proxy_set_header X-Forwarded-Port 443;
+ }
+ }
+ }
name: awx-secret-key
readOnly: true
subPath: SECRET_KEY
+ - mountPath: /etc/nginx/nginx.conf
+ name: awx-nginx-conf
+ subPath: "nginx.conf"
+
- command: ["/bin/sh","-c"]
args: ["/usr/bin/launch_awx_task.sh"]
env:
name: awx-secret-key
readOnly: true
subPath: SECRET_KEY
+ - mountPath: /etc/nginx/nginx.conf
+ name: awx-nginx-conf
+ subPath: "nginx.conf"
- env:
- name: MY_POD_IP
valueFrom:
path: rabbitmq_definitions.json
name: {{ include "common.fullname" . }}-rabbitmq
name: rabbitmq-config
+ - configMap:
+ defaultMode: 420
+ items:
+ - key: nginx.conf
+ path: nginx.conf
+ name: {{ include "common.fullname" . }}-nginx-conf
+ name: awx-nginx-conf
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
type: NodePort
portName: web
internalPort: 8052
- externalPort: 80
+ externalPort: 8052
nodePort: 78
rabbitmq:
type: ClusterIP
--- /dev/null
+*.lock
+charts/
+dist/
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2020 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+appVersion: "Honolulu"
+description: DCAE Microservices
+name: dcaegen2-services
+version: 7.0.0
--- /dev/null
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES :=
+HELM_BIN := helm
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
+ @$(HELM_BIN) repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
--- /dev/null
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES :=
+HELM_BIN := helm
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
+ @$(HELM_BIN) repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2020 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+appVersion: "Honolulu"
+description: DCAE Microservices Common templates
+name: dcaegen2-services-common
+version: 7.0.0
--- /dev/null
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: '@local'
--- /dev/null
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+dcaegen2-services-common.configMap:
+This template produces Kubernetes configMap(s) needed by a
+DCAE microservice.
+
+The template expects the full chart context as input. A chart for a
+DCAE microservice references this template using:
+{{ include "dcaegen2-services-common.configMap" . }}
+The template directly references data in .Values, and indirectly (through its
+use of templates from the ONAP "common" collection) references data in
+.Release.
+
+The template always produces a configMap containing the microservice's
+initial configuration data. This configMap is used by an initContainer
+that loads the configuration into Consul. (See the documentation for
+dcaegen2-services-common.microserviceDeployment for more details.)
+
+If the microservice is using a logging sidecar (again, see the documentation
+for dcaegen2-services-common.microserviceDeployment for more details), the
+template generates an additiona configMap that supplies configuration
+information for the logging sidecar.
+*/}}
+
+{{- define "dcaegen2-services-common.configMap" -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-application-config-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels: {{ include "common.labels" . | nindent 6 }}
+data:
+ application_config.yaml: |
+{{ .Values.applicationConfig | toYaml | indent 4 }}
+
+{{- if .Values.logDirectory }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-filebeat-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels: {{ include "common.labels" . | nindent 6 }}
+data:
+ filebeat.yml: |-
+{{ include "dcaegen2-services-common.filebeatConfiguration" . | indent 4 }}
+{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+{{/*
+dcaegen2-services-common.microserviceDeployment:
+This template produces a Kubernetes Deployment for a DCAE microservice.
+
+All DCAE microservices currently use very similar Deployments. Having a
+common template eliminates a lot of repetition in the individual charts
+for each microservice.
+
+The template expects the full chart context as input. A chart for a
+DCAE microservice references this template using:
+{{ include "dcaegen2-services-common.microserviceDeployment" . }}
+The template directly references data in .Values, and indirectly (through its
+use of templates from the ONAP "common" collection) references data in
+.Release.
+
+The exact content of the Deployment generated from this template
+depends on the content of .Values.
+
+The Deployment always includes a single Pod, with a container that uses
+the DCAE microservice image.
+
+The Deployment Pod may also include a logging sidecar container.
+The sidecar is included if .Values.logDirectory is set. The
+logging sidecar and the DCAE microservice container share a
+volume where the microservice logs are written.
+
+The Deployment includes an initContainer that pushes the
+microservice's initial configuration (from .Values.applicationConfig)
+into Consul. All DCAE microservices retrieve their initial
+configurations by making an API call to a DCAE platform component called
+the config-binding-service. The config-binding-service currently
+retrieves configuration information from Consul.
+
+The Deployment also includes an initContainer that checks for the
+readiness of other components that the microservice relies on.
+This container is generated by the "common.readinessCheck.waitfor"
+template.
+
+If the microservice acts as a TLS client or server, the Deployment will
+include an initContainer that retrieves certificate information from
+the AAF certificate manager. The information is mounted at the
+mount point specified in .Values.certDirectory. If the microservice is
+a TLS server (indicated by setting .Values.tlsServer to true), the
+certificate information will include a server cert and key, in various
+formats. It will also include the AAF CA cert. If the microservice is
+a TLS client only (indicated by setting .Values.tlsServer to false), the
+certificate information includes only the AAF CA cert.
+*/}}
+
+{{- define "dcaegen2-services-common.microserviceDeployment" -}}
+{{- $logDir := default "" .Values.logDirectory -}}
+{{- $certDir := default "" .Values.certDirectory . -}}
+{{- $tlsServer := default "" .Values.tlsServer -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+spec:
+ replicas: 1
+ selector: {{- include "common.selectors" . | nindent 4 }}
+ template:
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+ spec:
+ initContainers:
+ - command:
+ - sh
+ args:
+ - -c
+ - |
+ {{- range $var := .Values.customEnvVars }}
+ export {{ $var.name }}="{{ $var.value }}";
+ {{- end }}
+ cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done
+ env:
+ {{- range $cred := .Values.credentials }}
+ - name: {{ $cred.name }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" $ "uid" $cred.uid "key" $cred.key) | indent 10 }}
+ {{- end }}
+ volumeMounts:
+ - mountPath: /config-input
+ name: app-config-input
+ - mountPath: /config
+ name: app-config
+ image: {{ include "repositoryGenerator.image.envsubst" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-update-config
+
+ {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
+ - name: init-consul
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.consulLoaderImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ args:
+ - --key-yaml
+ - "{{ include "common.name" . }}|/app-config/application_config.yaml"
+ resources: {{ include "common.resources" . | nindent 2 }}
+ volumeMounts:
+ - mountPath: /app-config
+ name: app-config
+ {{- if $certDir }}
+ - name: init-tls
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.tlsImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: TLS_SERVER
+ value: {{ $tlsServer | quote }}
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ resources: {{ include "common.resources" . | nindent 2 }}
+ volumeMounts:
+ - mountPath: /opt/app/osaaf
+ name: tls-info
+ {{- end }}
+ containers:
+ - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}
+ env:
+ {{- if $certDir }}
+ - name: DCAE_CA_CERTPATH
+ value: {{ $certDir}}/cacert.pem
+ {{- end }}
+ - name: CONSUL_HOST
+ value: consul-server.onap
+ - name: CONFIG_BINDING_SERVICE
+ value: config-binding-service
+ - name: CBS_CONFIG_URL
+ value: https://config-binding-service:10443/service_component_all/{{ include "common.name" . }}
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ {{- if .Values.applicationEnv }}
+ {{- range $envName, $envValue := .Values.applicationEnv }}
+ - name: {{ $envName }}
+ value: {{ $envValue | quote }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.service }}
+ ports: {{ include "common.containerPorts" . | nindent 10 }}
+ {{- end }}
+ {{- if .Values.readiness }}
+ readinessProbe:
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds | default 5 }}
+ periodSeconds: {{ .Values.readiness.periodSeconds | default 15 }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds | default 1 }}
+ {{- $probeType := .Values.readiness.type | default "httpGet" -}}
+ {{- if eq $probeType "httpGet" }}
+ httpGet:
+ scheme: {{ .Values.readiness.scheme }}
+ path: {{ .Values.readiness.path }}
+ port: {{ .Values.readiness.port }}
+ {{- end }}
+ {{- if eq $probeType "exec" }}
+ exec:
+ command:
+ {{- range $cmd := .Values.readiness.command }}
+ - {{ $cmd }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+ resources: {{ include "common.resources" . | nindent 2 }}
+ {{- if or $logDir $certDir }}
+ volumeMounts:
+ {{- if $logDir }}
+ - mountPath: {{ $logDir}}
+ name: component-log
+ {{- end }}
+ {{- if $certDir }}
+ - mountPath: {{ $certDir }}
+ name: tls-info
+ {{- end }}
+ {{- end }}
+ {{- if $logDir }}
+ - image: {{ include "repositoryGenerator.image.logging" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: filebeat
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ resources: {{ include "common.resources" . | nindent 2 }}
+ volumeMounts:
+ - mountPath: /var/log/onap/{{ include "common.name" . }}
+ name: component-log
+ - mountPath: /usr/share/filebeat/data
+ name: filebeat-data
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ name: filebeat-conf
+ subPath: filebeat.yml
+ {{- end }}
+ hostname: {{ include "common.name" . }}
+ volumes:
+ - configMap:
+ defaultMode: 420
+ name: {{ include "common.fullname" . }}-application-config-configmap
+ name: app-config-input
+ - emptyDir:
+ medium: Memory
+ name: app-config
+ {{- if $logDir }}
+ - emptyDir: {}
+ name: component-log
+ - emptyDir: {}
+ name: filebeat-data
+ - configMap:
+ defaultMode: 420
+ name: {{ include "common.fullname" . }}-filebeat-configmap
+ name: filebeat-conf
+ {{- end }}
+ {{- if $certDir }}
+ - emptyDir: {}
+ name: tls-info
+ {{- end }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+{{ end -}}
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+{{/*
+dcaegen2-services-common.filebeatConfiguration:
+This template generates configuration data for filebeat (log file aggregation).
+
+The template is used to create a configMap mounted by a filebeat sidecar pod
+running alongside a DCAE microservice pod.
+
+See dcaegen2-services-common.configMap for more information.
+*/}}
+{{- define "dcaegen2-services-common.filebeatConfiguration" -}}
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["{{.Values.filebeatConfig.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.filebeatConfig.logstashPort}}"]
+ #If enable will do load balancing among availabe Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
+
+logging:
+ level: debug
+
+ # enable file rotation with default configuration
+ to_files: true
+
+ # do not log to syslog
+ to_syslog: false
+
+ files:
+ path: /usr/share/filebeat/logs
+ name: mybeat.log
+ keepfiles: 7
+{{- end -}}
\ No newline at end of file
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+{{/*
+dcaegen2-services-common.consulDeleteJob:
+This template generates a Kubernetes Job that runs when a
+DCAE microservice is deleted. The Job deletes the Consul
+entry that contains the microservice's configuration.
+
+The template expects the full chart context as input. A chart for a
+DCAE microservice references this template using:
+{{ include "dcaegen2-services-common.consulDeleteJob" . }}
+The template directly references data in .Values, and indirectly (through its
+use of templates from the ONAP "common" collection) references data in
+.Release.
+
+The microservice configuration data is loaded into Consul by an
+initContainer that is part of the Kubernetes Deployment for the microservice.
+See the documentation for dcaegen2-services-common.microserviceDeployment
+for more information.
+*/}}
+{{- define "dcaegen2-services-common.consulDeleteJob" -}}
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-delete-config
+ namespace: {{ include "common.namespace" . }}
+ labels: {{ include "common.labels" . | nindent 4 }}
+ annotations:
+ "helm.sh/hook": pre-delete
+ "helm.sh/hook-delete-policy": hook-succeeded,hook-failed
+spec:
+ template:
+ metadata:
+ name: {{ include "common.fullname" . }}-delete-config
+ labels: {{ include "common.labels" . | nindent 8 }}
+ spec:
+ restartPolicy: Never
+ containers:
+ - name: dcae-config-delete
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.consulLoaderImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ args:
+ - --delete-key
+ - {{ include "common.name" . }}
+{{ end -}}
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+# dcaegen2-services-common templates get any values from the scope
+# they are passed. There are no locally-defined values.
\ No newline at end of file
--- /dev/null
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES :=
+HELM_BIN := helm
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
+ @$(HELM_BIN) repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+appVersion: "Honolulu"
+description: DCAE HV VES collector
+name: dcae-hv-ves-collector
+version: 7.0.0
--- /dev/null
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
+ - name: readinessCheck
+ version: ~7.x-0
+ repository: '@local'
+ - name: dcaegen2-services-common
+ version: ~7.x-0
+ repository: 'file://../../common/dcaegen2-services-common'
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "dcaegen2-services-common.configMap" . }}
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file
--- /dev/null
+{{/*
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.secretFast" . }}
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "common.service" . }}
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ nodePortPrefixExt: 304
+
+#################################################################
+# Filebeat configuration defaults.
+#################################################################
+filebeatConfig:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+
+#################################################################
+# initContainer images.
+#################################################################
+tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
+consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+image: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.6.0
+pullPolicy: Always
+
+# log directory where logging sidecar should look for log files
+# if absent, no sidecar will be deployed
+logDirectory: /var/log/ONAP/dcae-hv-ves-collector
+
+# directory where TLS certs should be stored
+# if absent, no certs will be retrieved and stored
+certDirectory: /etc/ves-hv/ssl
+
+# TLS role -- set to true if microservice acts as server
+# If true, an init container will retrieve a server cert
+# and key from AAF and mount them in certDirectory.
+tlsServer: true
+
+secrets:
+ - uid: &aafCredsUID aafcreds
+ type: basicAuth
+ login: '{{ .Values.aafCreds.user }}'
+ password: '{{ .Values.aafCreds.password }}'
+ passwordPolicy: required
+
+# dependencies
+readinessCheck:
+ wait_for:
+ - dcae-config-binding-service
+ - aaf-cm
+
+# probe configuration
+readiness:
+ type: exec
+ initialDelaySeconds: 5
+ periodSeconds: 15
+ timeoutSeconds: 2
+ command:
+ - /opt/ves-hv-collector/healthcheck.sh
+
+# service configuration
+service:
+ type: NodePort
+ name: dcae-hv-ves-collector
+ ports:
+ - name: http
+ port: 6061
+ port_protocol: http
+ nodePort: 22
+
+aafCreds:
+ user: admin
+ password: admin_secret
+
+credentials:
+- name: AAF_USER
+ uid: *aafCredsUID
+ key: login
+- name: AAF_PASSWORD
+ uid: *aafCredsUID
+ key: password
+
+# initial application configuration
+applicationConfig:
+ logLevel: INFO
+ server.idleTimeoutSec: 300
+ server.listenPort: 6061
+ cbs.requestIntervalSec: 5
+ security.sslDisable: false
+ security.keys.keyStoreFile: /etc/ves-hv/ssl/cert.jks
+ security.keys.keyStorePasswordFile: /etc/ves-hv/ssl/jks.pass
+ security.keys.trustStoreFile: /etc/ves-hv/ssl/trust.jks
+ security.keys.trustStorePasswordFile: /etc/ves-hv/ssl/trust.pass
+ streams_publishes:
+ perf3gpp:
+ type: kafka
+ aaf_credentials:
+ username: ${AAF_USER}
+ password: ${AAF_PASSWORD}
+ kafka_info:
+ bootstrap_servers: message-router-kafka:9092
+ topic_name: HV_VES_PERF3GPP
+
+applicationEnv:
+ JAVA_OPTS: '-Dlogback.configurationFile=/etc/ONAP/dcae-hv-ves-collector/logback.xml'
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+appVersion: "Honolulu"
+description: ONAP DCAE Microservice Health Check
+name: dcae-ms-healthcheck
+version: 7.0.0
--- /dev/null
+#============LICENSE_START========================================================
+#=================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+apiVersion: apps/v1
+kind: Deployment
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+spec:
+ replicas: 1
+ selector: {{- include "common.selectors" . | nindent 4 }}
+ template:
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports: {{ include "common.containerPorts" . | nindent 12 }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ include "common.getPort" (dict "global" . "name" "http") }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ include "common.getPort" (dict "global" . "name" "http") }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - mountPath: /opt/app/expected-components.json
+ subPath: expected-components.json
+ name: {{ include "common.fullname" .}}-expected-components
+ env:
+ - name: DCAE_NAMESPACE
+ value: {{ include "common.namespace" . }}
+ - name: ONAP_NAMESPACE
+ value: {{ include "common.namespace" . }}
+ - name: HELM_RELEASE
+ value: {{ include "common.release" . }}
+ volumes:
+ - name: {{ include "common.fullname" . }}-expected-components
+ configMap:
+ name: {{ include "common.release" . }}-dcae-expected-microservices
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "common.service" . }}
--- /dev/null
+#============LICENSE_START========================================================
+#=================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2020 Nokia
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+
+service:
+ type: ClusterIP
+ name: dcae-ms-healthcheck
+ ports:
+ - port: 8080
+ name: http
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+# application image
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.1.0
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+appVersion: "Honolulu"
+description: DCAE PRH
+name: dcae-prh
+version: 7.0.0
--- /dev/null
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
+ - name: readinessCheck
+ version: ~7.x-0
+ repository: '@local'
+ - name: dcaegen2-services-common
+ version: ~7.x-0
+ repository: 'file://../../common/dcaegen2-services-common'
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "dcaegen2-services-common.configMap" . }}
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file
--- /dev/null
+{{/*
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.secretFast" . }}
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "common.service" . }}
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ nodePortPrefixExt: 304
+
+#################################################################
+# Filebeat configuration defaults.
+#################################################################
+filebeatConfig:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+
+#################################################################
+# initContainer images.
+#################################################################
+tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
+consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+image: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.6
+pullPolicy: Always
+
+# log directory where logging sidecar should look for log files
+# if absent, no sidecar will be deployed
+logDirectory: /opt/app/prh/logs
+
+# directory where TLS certs should be stored
+# if absent, no certs will be retrieved and stored
+certDirectory: /opt/app/prh/etc/cert
+
+# TLS role -- set to true if microservice acts as server
+# If true, an init container will retrieve a server cert
+# and key from AAF and mount them in certDirectory.
+tlsServer: true
+
+secrets:
+ - uid: &aaiCredsUID aaicreds
+ type: basicAuth
+ login: '{{ .Values.aaiCreds.user }}'
+ password: '{{ .Values.aaiCreds.password }}'
+ passwordPolicy: required
+
+# dependencies
+readinessCheck:
+ wait_for:
+ - dcae-config-binding-service
+ - aaf-cm
+
+# probe configuration
+readiness:
+ initialDelaySeconds: 5
+ periodSeconds: 15
+ path: /heartbeat
+ scheme: HTTP
+ port: 8100
+
+# service configuration
+service:
+ type: ClusterIP
+ name: dcae-prh
+ ports:
+ - port: 8100
+ name: http
+
+aaiCreds:
+ user: AAI
+ password: AAI
+
+credentials:
+- name: AAI_USER
+ uid: *aaiCredsUID
+ key: login
+- name: AAI_PASSWORD
+ uid: *aaiCredsUID
+ key: password
+
+customEnvVars:
+- name: AUTH_HDR
+ value: "Basic `echo -n ${AAI_USER}:${AAI_PASSWORD} | base64`"
+
+# initial application configuration
+applicationConfig:
+ dmaap.dmaapConsumerConfiguration.dmaapContentType: "application/json"
+ dmaap.dmaapConsumerConfiguration.consumerId: "c12"
+ dmaap.dmaapConsumerConfiguration.consumerGroup: "OpenDCAE-c12"
+ dmaap.dmaapConsumerConfiguration.timeoutMs: -1
+ dmaap.dmaapProducerConfiguration.dmaapContentType: "application/json"
+ dmaap.dmaapUpdateProducerConfiguration.dmaapContentType: "application/json"
+ aai.aaiClientConfiguration.pnfUrl: https://aai.onap.svc.cluster.local:8443/aai/v12/network/pnfs/pnf
+ aai.aaiClientConfiguration.baseUrl: https://aai.onap.svc.cluster.local:8443/aai/v12
+ aai.aaiClientConfiguration.aaiHost: aai.onap.svc.cluster.local
+ aai.aaiClientConfiguration.aaiHostPortNumber: 8443
+ aai.aaiClientConfiguration.aaiProtocol: "https"
+ aai.aaiClientConfiguration.aaiUserName: ${AAI_USER}
+ aai.aaiClientConfiguration.aaiUserPassword: ${AAI_PASSWORD}
+ aai.aaiClientConfiguration.aaiIgnoreSslCertificateErrors: true
+ aai.aaiClientConfiguration.aaiBasePath: "/aai/v12"
+ aai.aaiClientConfiguration.aaiPnfPath: "/network/pnfs/pnf"
+ aai.aaiClientConfiguration.aaiServiceInstancePath: "/business/customers/customer/${customer}/service-subscriptions/service-subscription/${serviceType}/service-instances/service-instance/${serviceInstanceId}"
+ aai.aaiClientConfiguration.aaiHeaders:
+ X-FromAppId: "prh"
+ X-TransactionId: "9999"
+ Accept: "application/json"
+ Real-Time: "true"
+ Authorization: $AUTH_HDR
+ security.trustStorePath: "/opt/app/prh/etc/cert/trust.jks"
+ security.trustStorePasswordPath: "/opt/app/prh/etc/cert/trust.pass"
+ security.keyStorePath: "/opt/app/prh/etc/cert/cert.jks"
+ security.keyStorePasswordPath: "/opt/app/prh/etc/cert/jks.pass"
+ security.enableAaiCertAuth: false
+ security.enableDmaapCertAuth: false
+ streams_publishes:
+ pnf-update:
+ type: "message_router"
+ dmaap_info:
+ topic_url: http://message-router.onap.svc.cluster.local:3904/events/unauthenticated.PNF_UPDATE
+ pnf-ready:
+ type: "message_router"
+ dmaap_info:
+ topic_url: http://message-router.onap.svc.cluster.local:3904/events/unauthenticated.PNF_READY
+ streams_subscribes:
+ ves-reg-output:
+ type: "message_router"
+ dmaap_info:
+ topic_url: http://message-router.onap.svc.cluster.local:3904/events/unauthenticated.VES_PNFREG_OUTPUT
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+appVersion: "Honolulu"
+description: DCAE TCA (Gen 2)
+name: dcae-tcagen2
+version: 7.0.0
--- /dev/null
+# Copyright (c) 2020 J. F. Lucas. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
+ - name: readinessCheck
+ version: ~7.x-0
+ repository: '@local'
+ - name: dcaegen2-services-common
+ version: ~7.x-0
+ repository: 'file://../../common/dcaegen2-services-common'
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "dcaegen2-services-common.configMap" . }}
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file
--- /dev/null
+{{/*
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.secretFast" . }}
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "common.service" . }}
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ nodePortPrefixExt: 304
+
+#################################################################
+# Filebeat configuration defaults.
+#################################################################
+filebeatConfig:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+
+#################################################################
+# initContainer images.
+#################################################################
+tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
+consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+image: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.2.1
+pullPolicy: Always
+
+# log directory where logging sidecar should look for log files
+# if absent, no sidecar will be deployed
+logDirectory: /opt/logs/dcae-analytics-tca
+
+# directory where TLS certs should be stored
+# if absent, no certs will be retrieved and stored
+certDirectory: /etc/tca-gen2/ssl
+
+# TLS role -- set to true if microservice acts as server
+# If true, an init container will retrieve a server cert
+# and key from AAF and mount them in certDirectory.
+tlsServer: true
+
+secrets:
+ - uid: &aaiCredsUID aaicreds
+ type: basicAuth
+ login: '{{ .Values.aaiCreds.user }}'
+ password: '{{ .Values.aaiCreds.password }}'
+ passwordPolicy: required
+
+# dependencies
+readinessCheck:
+ wait_for:
+ - dcae-config-binding-service
+ - aaf-cm
+
+# probe configuration
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ path: /actuator/health
+ scheme: HTTP
+ port: 9091
+
+# service configuration
+service:
+ type: ClusterIP
+ name: dcae-tcagen2
+ ports:
+ - port: 9091
+ name: http
+
+aaiCreds:
+ user: DCAE
+ password: DCAE
+
+credentials:
+- name: AAI_USERNAME
+ uid: *aaiCredsUID
+ key: login
+- name: AAI_PASSWORD
+ uid: *aaiCredsUID
+ key: password
+
+# initial application configuration
+applicationConfig:
+ service_calls: []
+ streams_publishes:
+ tca_handle_out:
+ dmaap_info:
+ topic_url: http://message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT
+ type: message_router
+ streams_subscribes:
+ tca_handle_in:
+ dmaap_info:
+ topic_url: http://message-router:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT
+ type: message_router
+ spring.data.mongodb.uri: mongodb://dcae-mongohost/dcae-tcagen2
+ streams_subscribes.tca_handle_in.consumer_group: cg1
+ streams_subscribes.tca_handle_in.consumer_ids[0]: c0
+ streams_subscribes.tca_handle_in.consumer_ids[1]: c1
+ streams_subscribes.tca_handle_in.message_limit: 50000
+ streams_subscribes.tca_handle_in.polling.auto_adjusting.max: 60000
+ streams_subscribes.tca_handle_in.polling.auto_adjusting.min: 30000
+ streams_subscribes.tca_handle_in.polling.auto_adjusting.step_down: 30000
+ streams_subscribes.tca_handle_in.polling.auto_adjusting.step_up: 10000
+ streams_subscribes.tca_handle_in.polling.fixed_rate: 0
+ streams_subscribes.tca_handle_in.timeout: -1
+ tca.aai.enable_enrichment: true
+ tca.aai.generic_vnf_path: aai/v11/network/generic-vnfs/generic-vnf
+ tca.aai.node_query_path: aai/v11/search/nodes-query
+ tca.aai.password: ${AAI_PASSWORD}
+ tca.aai.url: http://aai
+ tca.aai.username: ${AAI_USERNAME}
+ tca.policy: '{"domain":"measurementsForVfScaling","metricsPerEventName":[{"eventName":"vFirewallBroadcastPackets","controlLoopSchemaType":"VM","policyScope":"DCAE","policyName":"DCAE.Config_tca-hi-lo","policyVersion":"v0.0.1","thresholds":[{"closedLoopControlName":"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedTotalPacketsDelta","thresholdValue":300,"direction":"LESS_OR_EQUAL","severity":"MAJOR","closedLoopEventStatus":"ONSET"},{"closedLoopControlName":"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedTotalPacketsDelta","thresholdValue":700,"direction":"GREATER_OR_EQUAL","severity":"CRITICAL","closedLoopEventStatus":"ONSET"}]},{"eventName":"vLoadBalancer","controlLoopSchemaType":"VM","policyScope":"DCAE","policyName":"DCAE.Config_tca-hi-lo","policyVersion":"v0.0.1","thresholds":[{"closedLoopControlName":"ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedTotalPacketsDelta","thresholdValue":300,"direction":"GREATER_OR_EQUAL","severity":"CRITICAL","closedLoopEventStatus":"ONSET"}]},{"eventName":"Measurement_vGMUX","controlLoopSchemaType":"VNF","policyScope":"DCAE","policyName":"DCAE.Config_tca-hi-lo","policyVersion":"v0.0.1","thresholds":[{"closedLoopControlName":"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value","thresholdValue":0,"direction":"EQUAL","severity":"MAJOR","closedLoopEventStatus":"ABATED"},{"closedLoopControlName":"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value","thresholdValue":0,"direction":"GREATER","severity":"CRITICAL","closedLoopEventStatus":"ONSET"}]}]}'
+ tca.processing_batch_size: 10000
+ tca.enable_abatement: true
+ tca.enable_ecomp_logging: true
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+appVersion: "Honolulu"
+description: DCAE VES Collector
+name: dcae-ves-collector
+version: 7.0.0
--- /dev/null
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
+ - name: readinessCheck
+ version: ~7.x-0
+ repository: '@local'
+ - name: dcaegen2-services-common
+ version: ~7.x-0
+ repository: 'file://../../common/dcaegen2-services-common'
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "dcaegen2-services-common.configMap" . }}
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "common.service" . }}
--- /dev/null
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ nodePortPrefixExt: 304
+
+#################################################################
+# Filebeat configuration defaults.
+#################################################################
+filebeatConfig:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+
+#################################################################
+# initContainer images.
+#################################################################
+tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
+consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.8.0
+pullPolicy: Always
+
+# log directory where logging sidecar should look for log files
+# if absent, no sidecar will be deployed
+logDirectory: /opt/app/VESCollector/logs
+
+# directory where TLS certs should be stored
+# if absent, no certs will be retrieved and stored
+certDirectory: /opt/app/dcae-certificate
+
+# TLS role -- set to true if microservice acts as server
+# If true, an init container will retrieve a server cert
+# and key from AAF and mount them in certDirectory.
+tlsServer: true
+
+# dependencies
+readinessCheck:
+ wait_for:
+ - dcae-config-binding-service
+ - aaf-cm
+
+# probe configuration
+ initialDelaySeconds: 5
+ periodSeconds: 15
+ path: /healthcheck
+ scheme: HTTP
+ port: 8080
+
+# service configuration
+service:
+ type: NodePort
+ name: dcae-ves-collector
+ ports:
+ - name: http
+ port: 8443
+ plain_port: 8080
+ port_protocol: http
+ nodePort: 17
+ useNodePortExt: true
+
+# initial application configuration
+applicationConfig:
+ collector.dmaap.streamid: fault=ves-fault|syslog=ves-syslog|heartbeat=ves-heartbeat|measurement=ves-measurement|measurementsForVfScaling=ves-measurement|mobileFlow=ves-mobileflow|other=ves-other|stateChange=ves-statechange|thresholdCrossingAlert=ves-thresholdCrossingAlert|voiceQuality=ves-voicequality|sipSignaling=ves-sipsignaling|notification=ves-notification|pnfRegistration=ves-pnfRegistration|3GPP-FaultSupervision=ves-3gpp-fault-supervision|3GPP-Heartbeat=ves-3gpp-heartbeat|3GPP-Provisioning=ves-3gpp-provisioning|3GPP-PerformanceAssurance=ves-3gpp-performance-assurance
+ collector.inputQueue.maxPending: "8096"
+ collector.keystore.file.location: /opt/app/dcae-certificate/cert.jks
+ collector.keystore.passwordfile: /opt/app/dcae-certificate/jks.pass
+ collector.truststore.file.location: /opt/app/dcae-certificate/trust.jks
+ collector.truststore.passwordfile: /opt/app/dcae-certificate/trust.pass
+ collector.schema.checkflag: "1"
+ collector.schema.file: "{\"v1\":\"./etc/CommonEventFormat_27.2.json\",\"v2\":\"./etc/CommonEventFormat_27.2.json\",\"v3\":\"./etc/CommonEventFormat_27.2.json\",\"v4\":\"./etc/CommonEventFormat_27.2.json\",\"v5\":\"./etc/CommonEventFormat_28.4.1.json\",\"v7\":\"./etc/CommonEventFormat_30.2_ONAP.json\"}"
+ collector.externalSchema.checkflag: 1
+ collector.externalSchema.schemasLocation: "./etc/externalRepo/"
+ collector.externalSchema.mappingFileLocation: "./etc/externalRepo/schema-map.json"
+ event.externalSchema.schemaRefPath: $.event.stndDefinedFields.schemaReference
+ event.externalSchema.stndDefinedDataPath: $.event.stndDefinedFields.data
+ collector.service.port: "8080"
+ collector.service.secure.port: "8443"
+ event.transform.flag: "0"
+ auth.method: "certBasicAuth"
+ header.authlist: "sample1,$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6|demouser,$2a$10$1cc.COcqV/d3iT2N7BjPG.S6ZKv2jpb9a5MV.o7lMih/GpjJRX.Ce"
+ services_calls: []
+ streams_publishes:
+ ves-fault:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.SEC_FAULT_OUTPUT"
+ type: message_router
+ ves-measurement:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT"
+ type: message_router
+ ves-notification:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT"
+ type: message_router
+ ves-pnfRegistration:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.VES_PNFREG_OUTPUT"
+ type: message_router
+ ves-heartbeat:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT"
+ type: message_router
+ ves-other:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.SEC_OTHER_OUTPUT"
+ type: message_router
+ ves-3gpp-fault-supervision:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT"
+ type: message_router
+ ves-3gpp-provisioning:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT"
+ type: message_router
+ ves-3gpp-heartbeat:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT"
+ type: message_router
+ ves-3gpp-performance-assurance:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT"
+ type: message_router
+ collector.dynamic.config.update.frequency: "5"
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
--- /dev/null
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: '@local'
+ - name: dcae-ms-healthcheck
+ version: ~7.x-0
+ repository: 'file://components/dcae-ms-healthcheck'
+ condition: dcae-ms-healthcheck.enabled
+ - name: dcae-prh
+ version: ~7.x-0
+ repository: 'file://components/dcae-prh'
+ condition: dcae-bootstrap.enabled
+ - name: dcae-tcagen2
+ version: ~7.x-0
+ repository: 'file://components/dcae-tcagen2'
+ condition: dcae-tcagen2.enabled
+ - name: dcae-ves-collector
+ version: ~7.x-0
+ repository: 'file://components/dcae-ves-collector'
+ condition: dcae-ves-collector.enabled
+ - name: dcae-hv-ves-collector
+ version: ~7.x-0
+ repository: 'file://components/dcae-hv-ves-collector'
+ condition: dcae-hv-ves-collector.enabled
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+[
+{{- $ctx := . }}
+{{- $components := tuple "dcae-hv-ves-collector" "dcae-prh" "dcae-tcagen2" "dcae-ves-collector" }}
+{{- range $i, $v := $components }}
+{{- if index $ctx.Values . "enabled" }}
+{{- if $i }},{{ end }}
+{{ $v | quote | indent 2 }}
+{{- end -}}
+{{- end }}
+]
--- /dev/null
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2020 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.release" . }}-dcae-expected-microservices
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }}
\ No newline at end of file
--- /dev/null
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Control deployment of DCAE microservices at ONAP installation time
+dcae-ms-healthcheck:
+ enabled: true
+dcae-hv-ves-collector:
+ enabled: true
+dcae-prh:
+ enabled: true
+dcae-tcagen2:
+ enabled: true
+dcae-ves-collector:
+ enabled: true
disableNfsProvisioner: true
# application image
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:3.0.2
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:3.0.3
default_k8s_location: central
# DCAE component images to be deployed via Cloudify Manager
holmes_rules: onap/holmes/rule-management:1.2.9
holmes_engine: onap/holmes/engine-management:1.2.9
tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.2.1
- ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.9
- snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0
- prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.5
+ ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.8.0
+ snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:2.0.4
+ prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.6
hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.6.0
- datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.5.0
+ datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.5.4
# Resource Limit flavor -By Default using small
flavor: small
# Application configuration defaults.
#################################################################
# application image
-image: onap/org.onap.dcaegen2.platform.policy-handler:5.1.0
+image: onap/org.onap.dcaegen2.platform.policy-handler:5.1.1
pullPolicy: Always
# probe configuration parameters
initialDelaySeconds: 10
periodSeconds: 10
# application image
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.0.0
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.1.0
# Resource Limit flavor -By Default using small
flavor: small
value: {{ .Values.config.importDMaaP }}
- name: ONAP_USEDMAAPPLUGIN
value: {{ .Values.config.useDmaapPlugin | quote }}
+ - name: BP_RESOURCES_CPU_LIMIT
+ value: {{ .Values.config.bpResourcesCpuLimit }}
+ - name: BP_RESOURCES_MEMORY_LIMIT
+ value: {{ .Values.config.bpResourcesMemoryLimit }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
#dashboardPassword: doesntmatter
mrTopicURL: http://message-router:3904/events
importCloudify: https://www.getcloudify.org/spec/cloudify/4.5.5/types.yaml
- importK8S: plugin:k8splugin?version=>=3.4.3,<4.0.0
+ importK8S: plugin:k8splugin?version=>=3.5.1,<4.0.0
importPostgres: plugin:pgaas?version=1.3.0
importClamp: plugin:clamppolicyplugin?version=1.1.0
importDMaaP: plugin:dmaap?version=1.5.0
useDmaapPlugin: false
+ bpResourcesCpuLimit: 250m
+ bpResourcesMemoryLimit: 128Mi
secrets:
- uid: "dashsecret"
# Should have a proper readiness endpoint or script
# application image
-image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.2.2
+image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.2.3
# Resource Limit flavor -By Default using small
flavor: small
version: ~7.x-0
repository: '@local'
condition: dcaegen2.enabled
+ - name: dcaegen2-services
+ version: ~7.x-0
+ repository: '@local'
+ condition: dcaegen2-services.enabled
- name: dcaemod
version: ~7.x-0
repository: '@local'
enabled: false
dcaegen2:
enabled: false
+dcaegen2-services:
+ enabled: false
dmaap:
enabled: true
esr:
enabled: false
dcaegen2:
enabled: false
+dcaegen2-services:
+ enabled: false
dmaap:
enabled: false
esr:
enabled: false
dcaegen2:
enabled: false
+dcaegen2-services:
+ enabled: false
dmaap:
enabled: false
esr:
enabled: false
dcaegen2:
enabled: false
+dcaegen2-services:
+ enabled: false
dmaap:
enabled: true
esr:
enabled: false
dcaegen2:
enabled: false
+dcaegen2-services:
+ enabled: false
dmaap:
enabled: true
esr:
enabled: true
dcaegen2:
enabled: true
+dcaegen2-services:
+ enabled: true
dmaap:
enabled: true
esr:
enabled: true
dcaegen2:
enabled: true
+dcaegen2-services:
+ enabled: true
dcaemod:
enabled: true
dmaap:
enabled: true
dcaegen2:
enabled: true
+dcaegen2-services:
+ enabled: true
dmaap:
enabled: true
log:
enabled: false
dcaegen2:
enabled: false
+dcaegen2-services:
+ enabled: false
esr:
enabled: false
log:
enabled: false
dcaegen2:
enabled: false
+dcaegen2-services:
+ enabled: false
dcaemod:
enabled: false
dmaap:
cmso.minizinc.command.timelimit=60000
cmso.minizinc.command.mzn=scripts/minizinc/generic_attributes.mzn
-mechid.user=oof@oof.onap.org
-mechid.pass=enc:vfxQdJ1mgdcI7S6SPrzNaw==
+mechid.user=${AAF_USER}
+mechid.pass=${AAF_PASSWORD}
aaf.urls=https://aaf-locate:8095
aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties
value: {{ .Values.global.truststorePassword }}
- name: AUTHENTICATION
value: {{ .Values.global.authentication }}
+ - name: AAF_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-aaf-creds" "key" "login") | indent 10}}
+ - name: AAF_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-aaf-creds" "key" "password") | indent 10}}
command:
- /bin/sh
args:
enabled: true
# application image
-image: onap/optf-cmso-optimizer:2.3.1
+image: onap/optf-cmso-optimizer:2.3.2
pullPolicy: Always
#init container image
dbinit:
- image: onap/optf-cmso-dbinit:2.3.1
+ image: onap/optf-cmso-dbinit:2.3.2
# flag to enable debugging - application support required
debugEnabled: false
login: '{{ .Values.config.db.user }}'
password: '{{ .Values.config.db.password }}'
passwordPolicy: required
+ - uid: cmso-aaf-creds
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.aaf.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.aaf.user }}'
+ password: '{{ .Values.config.aaf.password }}'
+ passwordPolicy: required
#################################################################
# Application configuration defaults.
config:
+ aaf:
+ user: user
+ password: pass
+# userCredentialsExternalSecret: some-secret
db:
port: 3306
# rootPassword: pass
## loopback settings
so.url=http://127.0.0.1:5000/onap/so/infra/orchestrationRequests/v7
-so.user=oof@oof.onap.org
-so.pass=enc:vfxQdJ1mgdcI7S6SPrzNaw==
+so.user=${AAF_USER}
+so.pass=${AAF_USER}
-mechid.user=oof@oof.onap.org
-mechid.pass=enc:vfxQdJ1mgdcI7S6SPrzNaw==
+mechid.user=${AAF_USER}
+mechid.pass=${AAF_PASSWORD}
cmso.dispatch.url=http://localhost:8089
value: {{ .Values.global.truststorePassword }}
- name: AUTHENTICATION
value: {{ .Values.global.authentication }}
+ - name: AAF_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-aaf-creds" "key" "login") | indent 10}}
+ - name: AAF_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-aaf-creds" "key" "password") | indent 10}}
command:
- /bin/sh
args:
enabled: true
# application image
-image: onap/optf-cmso-service:2.3.1
-robotimage: onap/optf-cmso-robot:2.3.1
+image: onap/optf-cmso-service:2.3.2
+robotimage: onap/optf-cmso-robot:2.3.2
pullPolicy: Always
#init container image
dbinit:
- image: onap/optf-cmso-dbinit:2.3.1
+ image: onap/optf-cmso-dbinit:2.3.2
# flag to enable debugging - application support required
debugEnabled: false
login: '{{ .Values.config.db.user }}'
password: '{{ .Values.config.db.password }}'
passwordPolicy: required
+ - uid: cmso-aaf-creds
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.aaf.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.aaf.user }}'
+ password: '{{ .Values.config.aaf.password }}'
+ passwordPolicy: required
#################################################################
# Application configuration defaults.
config:
+ aaf:
+ user: user
+ password: pass
+# userCredentialsExternalSecret: some-secret
db:
port: 3306
# rootPassword: pass
optimizer_host: oof-cmso-optimizer
optimizer_port: 7997
+
ingress:
enabled: false
enabled: true
# application image
-image: onap/optf-cmso-ticketmgt:2.3.1
+image: onap/optf-cmso-ticketmgt:2.3.2
pullPolicy: Always
enabled: true
# application image
-image: onap/optf-cmso-topology:2.3.1
+image: onap/optf-cmso-topology:2.3.2
pullPolicy: Always
login: '{{ .Values.config.db.optimizer.userName }}'
password: '{{ .Values.config.db.optimizer.userPassword }}'
passwordPolicy: generate
+ - uid: cmso-aaf-creds
+ name: &aafCreds '{{ include "common.release" . }}-cmso-aaf-creds'
+ type: basicAuth
+ login: '{{ .Values.config.aaf.user }}'
+ password: '{{ .Values.config.aaf.password }}'
mariadb-galera:
replicaCount: 1
flavor: small
config:
+ aaf:
+ user: oof@oof.onap.org
+ password: demo123456!
log:
logstashServiceName: log-ls
logstashPort: 5044
host: *dbName
container: *dbName
mysqlDatabase: cmso
+ aaf:
+ userCredentialsExternalSecret: *aafCreds
oof-cmso-optimizer:
enabled: true
host: *dbName
container: *dbName
mysqlDatabase: optimizer
+ aaf:
+ userCredentialsExternalSecret: *aafCreds
oof-cmso-topology:
enabled: true
global: # global defaults
nodePortPrefix: 302
image:
- optf_has: onap/optf-has:2.1.3
+ optf_has: onap/optf-has:2.1.5
#################################################################
# secrets metaconfig
global:
image:
- optf_has: onap/optf-has:2.1.3
+ optf_has: onap/optf-has:2.1.5
#################################################################
# Secrets metaconfig
global:
image:
- optf_has: onap/optf-has:2.1.3
+ optf_has: onap/optf-has:2.1.5
#################################################################
# secrets metaconfig
global:
image:
- optf_has: onap/optf-has:2.1.3
+ optf_has: onap/optf-has:2.1.5
#################################################################
# secrets metaconfig
global:
image:
- optf_has: onap/optf-has:2.1.3
+ optf_has: onap/optf-has:2.1.5
#################################################################
# secrets metaconfig
global:
commonConfigPrefix: onap-oof-has
image:
- optf_has: onap/optf-has:2.1.3
+ optf_has: onap/optf-has:2.1.5
persistence:
enabled: true
# Application configuration defaults.
#################################################################
# application image
-image: onap/optf-osdf:3.0.3
+image: onap/optf-osdf:3.0.4
pullPolicy: Always
# flag to enable debugging - application support required
GLOBAL_INJECTED_CLOUD_ENV = 'openstack'
GLOBAL_INJECTED_DCAE_COLLECTOR_IP = "{{ .Values.dcaeCollectorIp }}"
GLOBAL_INJECTED_DCAE_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dcae-healthcheck") }}'
+GLOBAL_INJECTED_DCAE_MS_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dcae-ms-healthcheck") }}'
GLOBAL_INJECTED_DCAE_VES_HOST = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dcae-ves-collector") }}'
GLOBAL_INJECTED_DMAAP_DR_PROV_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dmaap-dr-prov") }}'
GLOBAL_INJECTED_DMAAP_DR_NODE_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dmaap-dr-node") }}'
GLOBAL_DCAE_USERNAME = '{{ .Values.dcaeUsername }}'
GLOBAL_DCAE_PASSWORD = '{{ .Values.dcaePassword}}'
GLOBAL_DCAE_AUTHENTICATION = [GLOBAL_DCAE_USERNAME, GLOBAL_DCAE_PASSWORD]
+# dcae microservice info - everything is from the private oam network (also called onap private network)
+GLOBAL_DCAE_MS_SERVER_PROTOCOL = "http"
+GLOBAL_DCAE_MS_HEALTH_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-healthcheck" "port" 8080) }}'
+GLOBAL_DCAE_MS_USERNAME = '{{ .Values.dcaeMsUsername }}'
+GLOBAL_DCAE_MS_PASSWORD = '{{ .Values.dcaeMsPassword}}'
+GLOBAL_DCAE_AUTHENTICATION = [GLOBAL_DCAE_USERNAME, GLOBAL_DCAE_PASSWORD]
# dcae hv-ves info
GLOBAL_DCAE_HVVES_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dcae-hv-ves-collector") }}'
GLOBAL_DCAE_HVVES_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-hv-ves-collector" "port" 6061) }}'
# DCAE
dcaeUsername: "dcae@dcae.onap.org"
dcaePassword: "demo123456!"
+dcaeMsUsername: "dcae@dcae.onap.org"
+dcaeMsPassword: "demo123456!"
# DROOLS
droolsUsername: "demo@people.osaaf.org"
droolsPassword: "demo123456!"
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-backend-all-plugins:1.7.3
-backendInitImage: onap/sdc-backend-init:1.7.3
+image: onap/sdc-backend-all-plugins:1.8.4
+backendInitImage: onap/sdc-backend-init:1.8.4
pullPolicy: Always
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-cassandra:1.7.3
-cassandraInitImage: onap/sdc-cassandra-init:1.7.3
-
+image: onap/sdc-cassandra:1.8.4
+cassandraInitImage: onap/sdc-cassandra-init:1.8.4
pullPolicy: Always
config:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-frontend:1.7.3
-
+image: onap/sdc-frontend:1.8.4
pullPolicy: Always
config:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-onboard-backend:1.7.3
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.7.3
+image: onap/sdc-onboard-backend:1.8.4
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.8.4
pullPolicy: Always
# flag to enable debugging - application support required
# Create tablespace and user account
mysql -h ${MYSQL_HOST} -u root -p${MYSQL_PASSWORD} mysql <<-END
CREATE DATABASE IF NOT EXISTS ${SDNC_DB_DATABASE};
-CREATE USER '${SDNC_DB_USER}'@'localhost' IDENTIFIED BY '${SDNC_DB_PASSWORD}';
-CREATE USER '${SDNC_DB_USER}'@'%' IDENTIFIED BY '${SDNC_DB_PASSWORD}';
+CREATE USER IF NOT EXISTS '${SDNC_DB_USER}'@'localhost' IDENTIFIED BY '${SDNC_DB_PASSWORD}';
+CREATE USER IF NOT EXISTS '${SDNC_DB_USER}'@'%' IDENTIFIED BY '${SDNC_DB_PASSWORD}';
GRANT ALL PRIVILEGES ON ${SDNC_DB_DATABASE}.* TO '${SDNC_DB_USER}'@'localhost' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON ${SDNC_DB_DATABASE}.* TO '${SDNC_DB_USER}'@'%' WITH GRANT OPTION;
flush privileges;
enabled: true
# application image
-image: onap/vid:7.0.0
+image: onap/vid:8.0.2
pullPolicy: Always
# application configuration
Code Review / oom.git / commitdiff