id: 'djtimoney'
company: 'ATT'
timezone: 'America/New_York'
+ - name: 'Andreas Geissler'
+ email: 'andreas-geissler@telekom.de'
+ id: 'andreasgeissler'
+ company: 'Deutsche Telekom'
+ timezone: 'Europe/Berlin'
tsc:
approval: 'https://lists.onap.org/pipermail/onap-tsc'
changes:
name: 'Dan Timoney'
# yamllint disable-line rule:line-length
link: 'https://wiki.onap.org/display/DW/Committer+Promotion+Request+for+%5BOOM%5D+-+Dan+Timoney'
+ - type: 'Addition'
+ name: 'Andreas Geissler'
+ # yamllint disable-line rule:line-length
+ link: 'https://wiki.onap.org/display/DW/Committer+Promotion+Request+for+%5BOOM%5D+%3A+Andreas+Geissler'
+++ /dev/null
-NAME CHART VERSION APP VERSION DESCRIPTION
-local/onap 10.0.0 Jakarta Open Network Automation Platform (ONAP)
-local/aaf 10.0.0 ONAP Application Authorization Framework
-local/aai 10.0.0 ONAP Active and Available Inventory
-local/appc 10.0.0 Application Controller
-local/cassandra 10.0.0 ONAP cassandra
-local/cds 10.0.0 ONAP Controller Design Studio (CDS)
-local/clamp 10.0.0 ONAP Clamp
-local/cli 10.0.0 ONAP Command Line Interface
-local/common 10.0.0 Common templates for inclusion in other charts
-local/consul 10.0.0 ONAP Consul Agent
-local/contrib 10.0.0 ONAP optional tools
-local/cps 10.0.0 ONAP Configuration Persistene Service (CPS)
-local/dcaegen2 10.0.0 ONAP DCAE Gen2
-local/dgbuilder 10.0.0 D.G. Builder application
-local/dmaap 10.0.0 ONAP DMaaP components
-local/log 10.0.0 ONAP Logging ElasticStack
-local/mariadb-galera 10.0.0 Chart for MariaDB Galera cluster
-local/mongo 10.0.0 MongoDB Server
-local/msb 10.0.0 ONAP MicroServices Bus
-local/multicloud 10.0.0 ONAP multicloud broker
-local/music 10.0.0 MUSIC - Multi-site State Coordination Service
-local/mysql 10.0.0 MySQL Server
-local/nbi 10.0.0 ONAP Northbound Interface
-local/network-name-gen 10.0.0 Name Generation Micro Service
-local/nfs-provisioner 10.0.0 NFS provisioner
-local/oof 10.0.0 ONAP Optimization Framework
-local/policy 10.0.0 ONAP Policy Administration Point
-local/pomba 10.0.0 ONAP Post Orchestration Model Based Audit
-local/portal 10.0.0 ONAP Web Portal
-local/postgres 10.0.0 ONAP Postgres Server
-local/robot 10.0.0 A helm Chart for kubernetes-ONAP Robot
-local/sdc 10.0.0 Service Design and Creation Umbrella Helm charts
-local/sdnc 10.0.0 SDN Controller
-local/sdnc-prom 10.0.0 ONAP SDNC Policy Driven Ownership Management
-local/sniro-emulator 10.0.0 ONAP Mock Sniro Emulator
-local/so 10.0.0 ONAP Service Orchestrator
-local/strimzi 10.0.0 ONAP Strimzi Apache Kafka
-local/uui 10.0.0 ONAP uui
-local/vfc 10.0.0 ONAP Virtual Function Controller (VF-C)
-local/vid 10.0.0 ONAP Virtual Infrastructure Deployment
-local/vnfsdk 10.0.0 ONAP VNF SDK
--- /dev/null
+NAME CHART VERSION APP VERSION DESCRIPTION
+local/onap 11.0.0 Kohn Open Network Automation Platform (ONAP)
+local/aaf 11.0.0 ONAP Application Authorization Framework
+local/aai 11.0.0 ONAP Active and Available Inventory
+local/appc 11.0.0 Application Controller
+local/cassandra 11.0.0 ONAP cassandra
+local/cds 11.0.0 ONAP Controller Design Studio (CDS)
+local/clamp 11.0.0 ONAP Clamp
+local/cli 11.0.0 ONAP Command Line Interface
+local/common 11.0.0 Common templates for inclusion in other charts
+local/consul 11.0.0 ONAP Consul Agent
+local/contrib 11.0.0 ONAP optional tools
+local/cps 11.0.0 ONAP Configuration Persistene Service (CPS)
+local/dcaegen2 11.0.0 ONAP DCAE Gen2
+local/dgbuilder 11.0.0 D.G. Builder application
+local/dmaap 11.0.0 ONAP DMaaP components
+local/log 11.0.0 ONAP Logging ElasticStack
+local/mariadb-galera 11.0.0 Chart for MariaDB Galera cluster
+local/mongo 11.0.0 MongoDB Server
+local/msb 11.0.0 ONAP MicroServices Bus
+local/multicloud 11.0.0 ONAP multicloud broker
+local/music 11.0.0 MUSIC - Multi-site State Coordination Service
+local/mysql 11.0.0 MySQL Server
+local/nbi 11.0.0 ONAP Northbound Interface
+local/network-name-gen 11.0.0 Name Generation Micro Service
+local/nfs-provisioner 11.0.0 NFS provisioner
+local/oof 11.0.0 ONAP Optimization Framework
+local/policy 11.0.0 ONAP Policy Administration Point
+local/pomba 11.0.0 ONAP Post Orchestration Model Based Audit
+local/portal 11.0.0 ONAP Web Portal
+local/postgres 11.0.0 ONAP Postgres Server
+local/robot 11.0.0 A helm Chart for kubernetes-ONAP Robot
+local/sdc 11.0.0 Service Design and Creation Umbrella Helm charts
+local/sdnc 11.0.0 SDN Controller
+local/sdnc-prom 11.0.0 ONAP SDNC Policy Driven Ownership Management
+local/sniro-emulator 11.0.0 ONAP Mock Sniro Emulator
+local/so 11.0.0 ONAP Service Orchestrator
+local/strimzi 11.0.0 ONAP Strimzi Apache Kafka
+local/uui 11.0.0 ONAP uui
+local/vfc 11.0.0 ONAP Virtual Function Controller (VF-C)
+local/vid 11.0.0 ONAP Virtual Infrastructure Deployment
+local/vnfsdk 11.0.0 ONAP VNF SDK
oom_setup_paas.rst
oom_developer_guide.rst
oom_cloud_setup_guide.rst
- release-notes.rst
+ release_notes/release-notes.rst
oom_setup_kubernetes_rancher.rst
oom_setup_ingress_controller.rst
.. _Cloud Native Deployment Wiki: https://wiki.onap.org/display/DW/Cloud+Native+Deployment
.. _ONAP Development - 110 pod limit Wiki: https://wiki.onap.org/display/DW/ONAP+Development#ONAPDevelopment-Changemax-podsfromdefault110podlimit
-.. figure:: oomLogoV2-medium.png
+.. figure:: images/oom_logo/oomLogoV2-medium.png
:align: right
.. _cloud-setup-guide-label:
guilin 1.15.11 2.16.10 1.15.11 18.09.x
honolulu 1.19.9 3.5.2 1.19.9 19.03.x 1.2.0
Istanbul 1.19.11 3.6.3 1.19.11 19.03.x 1.5.4
+ Jakarta 1.22.4 3.6.3 1.22.4 20.10.x 1.5.4
============== =========== ======= ======== ======== ============
Minimum Hardware Configuration
OOM Developer Guide
###################
-.. figure:: oomLogoV2-medium.png
+.. figure:: images/oom_logo/oomLogoV2-medium.png
:align: right
ONAP consists of a large number of components, each of which are substantial
.. database PV
.. @enduml
-.. figure:: kubernetes_objects.png
+.. figure:: images/k8s/kubernetes_objects.png
OOM uses these Kubernetes objects as described in the following sections.
------------------------
A preliminary view of the OOM-MSB integration is as follows:
-.. figure:: MSB-OOM-Diagram.png
+.. figure:: images/msb/MSB-OOM-Diagram.png
A message sequence chart of the registration process:
Here's the list of these certificates:
.. csv-table::
- :file: hardcoded_certificates.csv
+ :file: certs/hardcoded_certificates.csv
ensures that ONAP is easily deployable and maintainable throughout its life
cycle while using hardware resources efficiently.
-.. figure:: oomLogoV2-medium.png
+.. figure:: images/oom_logo/oomLogoV2-medium.png
:align: right
In summary OOM provides the following capabilities:
OOM Quick Start Guide
#####################
-.. figure:: oomLogoV2-medium.png
+.. figure:: images/oom_logo/oomLogoV2-medium.png
:align: right
Once a Kubernetes environment is available (follow the instructions in
* 8.0.0 for Honolulu
* 9.0.0 for Istanbul
* 10.0.0 for Jakarta
+* 11.0.0 for Kohn
**Step 2.** Install Helm Plugins required to deploy ONAP::
Example Keystone v2.0
-.. literalinclude:: example-integration-override.yaml
+.. literalinclude:: yaml/example-integration-override.yaml
:language: yaml
Example Keystone v3 (required for Rocky and later releases)
-.. literalinclude:: example-integration-override-v3.yaml
+.. literalinclude:: yaml/example-integration-override-v3.yaml
:language: yaml
> helm repo update
> helm search repo onap
-.. literalinclude:: helm-search.txt
+.. literalinclude:: helm/helm-search.txt
.. note::
The setup of the Helm repository is a one time activity. If you make changes
.. _Onboarding and Distributing a Vendor Software Product: https://wiki.onap.org/pages/viewpage.action?pageId=1018474
.. _README.md: https://gerrit.onap.org/r/gitweb?p=oom.git;a=blob;f=kubernetes/README.md
-.. figure:: oomLogoV2-medium.png
+.. figure:: images/oom_logo/oomLogoV2-medium.png
:align: right
.. _oom_setup_ingress_controller:
.. _Onboarding and Distributing a Vendor Software Product: https://wiki.onap.org/pages/viewpage.action?pageId=1018474
.. _README.md: https://gerrit.onap.org/r/gitweb?p=oom.git;a=blob;f=kubernetes/README.md
-.. figure:: oomLogoV2-medium.png
+.. figure:: images/oom_logo/oomLogoV2-medium.png
:align: right
.. _onap-on-kubernetes-with-rancher:
Apply customization script for Control Plane VMs
------------------------------------------------
-Click :download:`openstack-k8s-controlnode.sh <openstack-k8s-controlnode.sh>`
+Click :download:`openstack-k8s-controlnode.sh <shell/openstack-k8s-controlnode.sh>`
to download the script.
-.. literalinclude:: openstack-k8s-controlnode.sh
+.. literalinclude:: shell/openstack-k8s-controlnode.sh
:language: bash
This customization script will:
Apply customization script for Kubernetes VM(s)
-----------------------------------------------
-Click :download:`openstack-k8s-workernode.sh <openstack-k8s-workernode.sh>` to
+Click :download:`openstack-k8s-workernode.sh <shell/openstack-k8s-workernode.sh>` to
download the script.
-.. literalinclude:: openstack-k8s-workernode.sh
+.. literalinclude:: shell/openstack-k8s-workernode.sh
:language: bash
This customization script will:
describes a Kubernetes cluster that will be mapped onto the OpenStack VMs
created earlier in this guide.
-Click :download:`cluster.yml <cluster.yml>` to download the
+Click :download:`cluster.yml <yaml/cluster.yml>` to download the
configuration file.
-.. literalinclude:: cluster.yml
+.. literalinclude:: yaml/cluster.yml
:language: yaml
Prepare cluster.yml
Apply customization script for NFS Server VM
--------------------------------------------
-Click :download:`openstack-nfs-server.sh <openstack-nfs-server.sh>` to download
+Click :download:`openstack-nfs-server.sh <shell/openstack-nfs-server.sh>` to download
the script.
-.. literalinclude:: openstack-nfs-server.sh
+.. literalinclude:: shell/openstack-nfs-server.sh
:language: bash
This customization script will:
To properly set up an NFS share on Master and Slave nodes, the user can run the
scripts below.
-Click :download:`master_nfs_node.sh <master_nfs_node.sh>` to download the
+Click :download:`master_nfs_node.sh <shell/master_nfs_node.sh>` to download the
script.
-.. literalinclude:: master_nfs_node.sh
+.. literalinclude:: shell/master_nfs_node.sh
:language: bash
-Click :download:`slave_nfs_node.sh <slave_nfs_node.sh>` to download the script.
+Click :download:`slave_nfs_node.sh <shell/slave_nfs_node.sh>` to download the script.
-.. literalinclude:: slave_nfs_node.sh
+.. literalinclude:: shell/slave_nfs_node.sh
:language: bash
The master_nfs_node.sh script runs in the NFS Master node and needs the list of
complete description of these commands please refer to the `Helm
Documentation`_.
-.. figure:: oomLogoV2-medium.png
+.. figure:: images/oom_logo/oomLogoV2-medium.png
:align: right
The following sections describe the life-cycle operations:
impact
- Delete_ - cleanup individual containers or entire deployments
-.. figure:: oomLogoV2-Deploy.png
+.. figure:: images/oom_logo/oomLogoV2-Deploy.png
:align: right
Deploy
To prepare your system for an installation of ONAP, you'll need to::
- > git clone -b jakarta --recurse-submodules -j2 http://gerrit.onap.org/r/oom
+ > git clone -b kohn --recurse-submodules -j2 http://gerrit.onap.org/r/oom
> cd oom/kubernetes
> helm search repo local
NAME VERSION DESCRIPTION
- local/appc 10.0.0 Application Controller
- local/clamp 10.0.0 ONAP Clamp
- local/common 10.0.0 Common templates for inclusion in other charts
- local/onap 10.0.0 Open Network Automation Platform (ONAP)
- local/robot 10.0.0 A helm Chart for kubernetes-ONAP Robot
- local/so 10.0.0 ONAP Service Orchestrator
+ local/appc 11.0.0 Application Controller
+ local/clamp 11.0.0 ONAP Clamp
+ local/common 11.0.0 Common templates for inclusion in other charts
+ local/onap 11.0.0 Open Network Automation Platform (ONAP)
+ local/robot 11.0.0 A helm Chart for kubernetes-ONAP Robot
+ local/so 11.0.0 ONAP Service Orchestrator
In any case, setup of the Helm repository is a one time activity.
To install a specific version of a single ONAP component (`so` in this example)
with the given release name enter::
- > helm deploy so onap/so --version 10.0.0 --set global.masterPassword=password --set global.flavor=unlimited --namespace onap
+ > helm deploy so onap/so --version 11.0.0 --set global.masterPassword=password --set global.flavor=unlimited --namespace onap
.. note::
The dependent components should be installed for component being installed
where the pod identifier refers to the auto-generated pod identifier.
-.. figure:: oomLogoV2-Configure.png
+.. figure:: images/oom_logo/oomLogoV2-Configure.png
:align: right
Configure
> helm deploy local/onap -n onap -f onap/resources/environments/onap-production.yaml --set global.masterPassword=password
-.. include:: environments_onap_demo.yaml
+.. include:: yaml/environments_onap_demo.yaml
:code: yaml
When deploying all of ONAP, the dependencies section of the Chart.yaml file
dependencies:
<...>
- name: so
- version: ~10.0.0
+ version: ~11.0.0
repository: '@local'
condition: so.enabled
<...>
portal-app LoadBalancer 10.43.142.201 10.0.0.4 8989:30215/TCP,8006:30213/TCP,8010:30214/TCP 1d app=portal-app,release=dev
-In this example, use the 10.0.0.4 private address as a key find the
+In this example, use the 11.0.0.4 private address as a key find the
corresponding public address which in this example is 10.12.6.155. If you're
using OpenStack you'll do the lookup with the horizon GUI or the OpenStack CLI
for your tenant (openstack server list). That IP is then used in your
you can grab this public IP directly (as compared to trying to find the
floating IP first) and map this IP in /etc/hosts.
-.. figure:: oomLogoV2-Monitor.png
+.. figure:: images/oom_logo/oomLogoV2-Monitor.png
:align: right
Monitor
view the current health status of all of the ONAP components for which agents
have been created - a sample from the ONAP Integration labs follows:
-.. figure:: consulHealth.png
+.. figure:: images/consul/consulHealth.png
:align: center
To see the real-time health of a deployment go to: ``http://<kubernetes IP>:30270/ui/``
If Consul GUI is not accessible, you can refer this
`kubectl port-forward <https://kubernetes.io/docs/tasks/access-application-cluster/port-forward-access-application-cluster/>`_ method to access an application
-.. figure:: oomLogoV2-Heal.png
+.. figure:: images/oom_logo/oomLogoV2-Heal.png
:align: right
Heal
> kubectl get pods --all-namespaces -o=wide
-.. figure:: oomLogoV2-Scale.png
+.. figure:: images/oom_logo/oomLogoV2-Scale.png
:align: right
Scale
> helm list
NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE
- dev 1 Wed Oct 14 13:49:52 2020 DEPLOYED onap-10.0.0 Jakarta onap
- dev-cassandra 5 Thu Oct 15 14:45:34 2020 DEPLOYED cassandra-10.0.0 onap
- dev-contrib 1 Wed Oct 14 13:52:53 2020 DEPLOYED contrib-10.0.0 onap
- dev-mariadb-galera 1 Wed Oct 14 13:55:56 2020 DEPLOYED mariadb-galera-10.0.0 onap
+ dev 1 Wed Oct 14 13:49:52 2020 DEPLOYED onap-11.0.0 Kohn onap
+ dev-cassandra 5 Thu Oct 15 14:45:34 2020 DEPLOYED cassandra-11.0.0 onap
+ dev-contrib 1 Wed Oct 14 13:52:53 2020 DEPLOYED contrib-11.0.0 onap
+ dev-mariadb-galera 1 Wed Oct 14 13:55:56 2020 DEPLOYED mariadb-galera-11.0.0 onap
Here the Name column shows the RELEASE NAME, In our case we want to try the
scale operation on cassandra, thus the RELEASE NAME would be dev-cassandra.
> helm search cassandra
NAME CHART VERSION APP VERSION DESCRIPTION
- local/cassandra 10.0.0 ONAP cassandra
- local/portal-cassandra 10.0.0 Portal cassandra
- local/aaf-cass 10.0.0 ONAP AAF cassandra
- local/sdc-cs 10.0.0 ONAP Service Design and Creation Cassandra
+ local/cassandra 11.0.0 ONAP cassandra
+ local/portal-cassandra 11.0.0 Portal cassandra
+ local/aaf-cass 11.0.0 ONAP AAF cassandra
+ local/sdc-cs 11.0.0 ONAP Service Design and Creation Cassandra
Here the Name column shows the chart name. As we want to try the scale
operation for cassandra, thus the corresponding chart name is local/cassandra
of how these capabilities can be used is described in the Running Consul on
Kubernetes tutorial.
-.. figure:: oomLogoV2-Upgrade.png
+.. figure:: images/oom_logo/oomLogoV2-Upgrade.png
:align: right
Upgrade
> helm list
NAME REVISION UPDATED STATUS CHART NAMESPACE
- so 1 Mon Feb 5 10:05:22 2020 DEPLOYED so-10.0.0 onap
+ so 1 Mon Feb 5 10:05:22 2020 DEPLOYED so-11.0.0 onap
When upgrading a cluster a parameter controls the minimum size of the cluster
during the upgrade while another parameter controls the maximum number of nodes
For example, to upgrade a container by changing configuration, specifically an
environment value::
- > helm upgrade so onap/so --version 8.0.1 --set enableDebug=true
+ > helm upgrade so onap/so --version 11.0.1 --set enableDebug=true
Issuing this command will result in the appropriate container being stopped by
Kubernetes and replaced with a new container with the new environment value.
To upgrade a component to a new version with a new configuration file enter::
- > helm upgrade so onap/so --version 8.0.1 -f environments/demo.yaml
+ > helm upgrade so onap/so --version 11.0.1 -f environments/demo.yaml
To fetch release history enter::
> helm history so
REVISION UPDATED STATUS CHART DESCRIPTION
- 1 Mon Feb 5 10:05:22 2020 SUPERSEDED so-9.0.0 Install complete
- 2 Mon Feb 5 10:10:55 2020 DEPLOYED so-10.0.0 Upgrade complete
+ 1 Mon Jul 5 10:05:22 2022 SUPERSEDED so-11.0.0 Install complete
+ 2 Mon Jul 5 10:10:55 2022 DEPLOYED so-11.0.1 Upgrade complete
Unfortunately, not all upgrades are successful. In recognition of this the
lineup of pods within an ONAP deployment is tagged such that an administrator
> helm history so
REVISION UPDATED STATUS CHART DESCRIPTION
- 1 Mon Feb 5 10:05:22 2020 SUPERSEDED so-9.0.0 Install complete
- 2 Mon Feb 5 10:10:55 2020 SUPERSEDED so-10.0.0 Upgrade complete
- 3 Mon Feb 5 10:14:32 2020 DEPLOYED so-9.0.0 Rollback to 1
+ 1 Mon Jul 5 10:05:22 2022 SUPERSEDED so-11.0.0 Install complete
+ 2 Mon Jul 5 10:10:55 2022 SUPERSEDED so-11.0.1 Upgrade complete
+ 3 Mon Jul 5 10:14:32 2022 DEPLOYED so-11.0.0 Rollback to 1
.. note::
The previous so pod will be terminated and a new so pod with an updated so
container will be created.
-.. figure:: oomLogoV2-Delete.png
+.. figure:: images/oom_logo/oomLogoV2-Delete.png
:align: right
Delete
OOM provides `Helm charts <https://git.onap.org/oom/>`_ that needs to be
"compiled" into Helm package. see step 6 in
-:doc:`quickstart guide <oom_quickstart_guide>`.
+:doc:`quickstart guide <../oom_quickstart_guide>`.
Documentation Deliverables
~~~~~~~~~~~~~~~~~~~~~~~~~~
-- :doc:`Project Description <oom_project_description>`
-- :doc:`Cloud Setup Guide <oom_cloud_setup_guide>`
-- :doc:`Quick Start Guide <oom_quickstart_guide>`
-- :doc:`Setup Ingress Controller <oom_setup_ingress_controller>`
-- :doc:`Developer Guide <oom_developer_guide>`
-- :doc:`Hardcoded Certificates <oom_hardcoded_certificates>`
+- :doc:`Project Description <../oom_project_description>`
+- :doc:`Cloud Setup Guide <../oom_cloud_setup_guide>`
+- :doc:`Quick Start Guide <../oom_quickstart_guide>`
+- :doc:`Setup Ingress Controller <../oom_setup_ingress_controller>`
+- :doc:`Developer Guide <../oom_developer_guide>`
+- :doc:`Hardcoded Certificates <../oom_hardcoded_certificates>`
Known Limitations, Issues and Workarounds
=========================================
- Hard coded password used for all OOM deployments
[`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
-- :doc:`Hard coded certificates <oom_hardcoded_certificates>` in Helm packages
+- :doc:`Hard coded certificates <../oom_hardcoded_certificates>` in Helm packages
Workarounds
-----------
OOM provides `Helm charts <https://git.onap.org/oom/>`_ that needs to be
"compiled" into Helm package. see step 6 in
-:doc:`quickstart guide <oom_quickstart_guide>`.
+:doc:`quickstart guide <../oom_quickstart_guide>`.
Documentation Deliverables
~~~~~~~~~~~~~~~~~~~~~~~~~~
-- :doc:`Project Description <oom_project_description>`
-- :doc:`Cloud Setup Guide <oom_cloud_setup_guide>`
-- :doc:`Quick Start Guide <oom_quickstart_guide>`
-- :doc:`Setup Ingress Controller <oom_setup_ingress_controller>`
-- :doc:`Developer Guide <oom_developer_guide>`
-- :doc:`Hardcoded Certificates <oom_hardcoded_certificates>`
+- :doc:`Project Description <../oom_project_description>`
+- :doc:`Cloud Setup Guide <../oom_cloud_setup_guide>`
+- :doc:`Quick Start Guide <../oom_quickstart_guide>`
+- :doc:`Setup Ingress Controller <../oom_setup_ingress_controller>`
+- :doc:`Developer Guide <../oom_developer_guide>`
+- :doc:`Hardcoded Certificates <../oom_hardcoded_certificates>`
Known Limitations, Issues and Workarounds
=========================================
- Hard coded password used for all OOM deployments
[`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
-- :doc:`Hard coded certificates <oom_hardcoded_certificates>` in Helm packages
+- :doc:`Hard coded certificates <../oom_hardcoded_certificates>` in Helm packages
Workarounds
-----------
OOM provides `Helm charts <https://git.onap.org/oom/>`_ that needs to be
"compiled" into Helm package. see step 6 in
-:doc:`quickstart guide <oom_quickstart_guide>`.
+:doc:`quickstart guide <../oom_quickstart_guide>`.
Documentation Deliverables
~~~~~~~~~~~~~~~~~~~~~~~~~~
-- :doc:`Project Description <oom_project_description>`
-- :doc:`Cloud Setup Guide <oom_cloud_setup_guide>`
-- :doc:`Quick Start Guide <oom_quickstart_guide>`
-- :doc:`Setup Ingress Controller <oom_setup_ingress_controller>`
-- :doc:`Developer Guide <oom_developer_guide>`
-- :doc:`Hardcoded Certificates <oom_hardcoded_certificates>`
+- :doc:`Project Description <../oom_project_description>`
+- :doc:`Cloud Setup Guide <../oom_cloud_setup_guide>`
+- :doc:`Quick Start Guide <../oom_quickstart_guide>`
+- :doc:`Setup Ingress Controller <../oom_setup_ingress_controller>`
+- :doc:`Developer Guide <../oom_developer_guide>`
+- :doc:`Hardcoded Certificates <../oom_hardcoded_certificates>`
Known Limitations, Issues and Workarounds
=========================================
- Hard coded password used for all OOM deployments
[`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
-- :doc:`Hard coded certificates <oom_hardcoded_certificates>` in Helm packages
+- :doc:`Hard coded certificates <../oom_hardcoded_certificates>` in Helm packages
Workarounds
-----------
International License.
.. http://creativecommons.org/licenses/by/4.0
.. (c) ONAP Project and its contributors
-.. _release_notes:
+.. _release_notes_istanbul:
+
+:orphan:
*************************************
ONAP Operations Manager Release Notes
OOM provides `Helm charts <https://git.onap.org/oom/>`_ that needs to be
"compiled" into Helm package. see step 6 in
-:doc:`quickstart guide <oom_quickstart_guide>`.
+:doc:`quickstart guide <../oom_quickstart_guide>`.
Documentation Deliverables
~~~~~~~~~~~~~~~~~~~~~~~~~~
-- :doc:`Project Description <oom_project_description>`
-- :doc:`Cloud Setup Guide <oom_cloud_setup_guide>`
-- :doc:`Quick Start Guide <oom_quickstart_guide>`
-- :doc:`Setup Ingress Controller <oom_setup_ingress_controller>`
-- :doc:`Developer Guide <oom_developer_guide>`
-- :doc:`Hardcoded Certificates <oom_hardcoded_certificates>`
+- :doc:`Project Description <../oom_project_description>`
+- :doc:`Cloud Setup Guide <../oom_cloud_setup_guide>`
+- :doc:`Quick Start Guide <../oom_quickstart_guide>`
+- :doc:`Setup Ingress Controller <../oom_setup_ingress_controller>`
+- :doc:`Developer Guide <../oom_developer_guide>`
+- :doc:`Hardcoded Certificates <../oom_hardcoded_certificates>`
Known Limitations, Issues and Workarounds
=========================================
--- /dev/null
+.. This work is licensed under a Creative Commons Attribution 4.0
+ International License.
+.. http://creativecommons.org/licenses/by/4.0
+.. (c) ONAP Project and its contributors
+.. _release_notes:
+
+*************************************
+ONAP Operations Manager Release Notes
+*************************************
+
+Previous Release Notes
+======================
+
+- :ref:`Istanbul <release_notes_istanbul>`
+- :ref:`Honolulu <release_notes_honolulu>`
+- :ref:`Guilin <release_notes_guilin>`
+- :ref:`Frankfurt <release_notes_frankfurt>`
+- :ref:`El Alto <release_notes_elalto>`
+- :ref:`Dublin <release_notes_dublin>`
+- :ref:`Casablanca <release_notes_casablanca>`
+- :ref:`Beijing <release_notes_beijing>`
+- :ref:`Amsterdam <release_notes_amsterdam>`
+
+Abstract
+========
+
+This document provides the release notes for the Jakarta release.
+
+Summary
+=======
+
+
+
+Release Data
+============
+
++--------------------------------------+--------------------------------------+
+| **Project** | OOM |
+| | |
++--------------------------------------+--------------------------------------+
+| **Docker images** | N/A |
+| | |
++--------------------------------------+--------------------------------------+
+| **Release designation** | Jakarta |
+| | |
++--------------------------------------+--------------------------------------+
+| **Release date** | |
+| | |
++--------------------------------------+--------------------------------------+
+
+New features
+------------
+
+
+**Bug fixes**
+
+A list of issues resolved in this release can be found here:
+https://jira.onap.org/projects/OOM/versions/11498
+
+
+**Known Issues**
+
+
+Deliverables
+------------
+
+Software Deliverables
+~~~~~~~~~~~~~~~~~~~~~
+
+OOM provides `Helm charts <https://git.onap.org/oom/>`_ that needs to be
+"compiled" into Helm package. see step 6 in
+:doc:`quickstart guide <../oom_quickstart_guide>`.
+
+Documentation Deliverables
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+- :doc:`Project Description <../oom_project_description>`
+- :doc:`Cloud Setup Guide <../oom_cloud_setup_guide>`
+- :doc:`Quick Start Guide <../oom_quickstart_guide>`
+- :doc:`Setup Ingress Controller <../oom_setup_ingress_controller>`
+- :doc:`Developer Guide <../oom_developer_guide>`
+- :doc:`Hardcoded Certificates <../oom_hardcoded_certificates>`
+
+Known Limitations, Issues and Workarounds
+=========================================
+
+Known Vulnerabilities
+---------------------
+
+
+Workarounds
+-----------
+
+- `OOM-2754 <https://jira.onap.org/browse/OOM-2754>`_
+ Because of *updateEndpoint* property added to *cmpv2issuer* CRD
+ it is impossible to upgrade platform component from Istanbul to Jakarta
+ release without manual steps. Actions that should be performed:
+
+ #. Update the CRD definition::
+
+ > kubectl -n onap apply -f oom/kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml
+ #. Upgrade the component::
+
+ > helm -n onap upgrade dev-platform oom/kubernetes/platform
+ #. Make sure that *cmpv2issuer* contains correct value for
+ *spec.updateEndpoint*. The value should be: *v1/certificate-update*.
+ If it's not, edit the resource::
+
+ > kubectl -n onap edit cmpv2issuer cmpv2-issuer-onap
+
+
+Security Notes
+--------------
+
+**Fixed Security Issues**
+
+References
+==========
+
+For more information on the ONAP Istanbul release, please see:
+
+#. `ONAP Home Page`_
+#. `ONAP Documentation`_
+#. `ONAP Release Downloads`_
+#. `ONAP Wiki Page`_
+
+
+.. _`ONAP Home Page`: https://www.onap.org
+.. _`ONAP Wiki Page`: https://wiki.onap.org
+.. _`ONAP Documentation`: https://docs.onap.org
+.. _`ONAP Release Downloads`: https://git.onap.org
+++ /dev/null
-AAF
-AAI
-ACL
-adaptor
-Adaptor
-adaptors
-Adaptors
-Alcatel
-Ansible
-API
-APIs
-APPC
-ASCII
-Avro
-BPMN
-Camunda
-Cask
-Cassandra
-CCSDK
-CD
-CDAP
-Ceilometer
-CentOS
-CI
-CLI
-Cloudify
-Codec
-committer
-committers
-CommonMark
-Contrail
-CPU
-CRM
-CSCF
-CSIT
-cyber
-DBaaS
-DCAE
-DevOps
-DHCP
-Django
-DMaaP
-DNS
-DNSaaS
-DPDK
-Ebook
-elasticsearch
-Elasticsearch
-Enablement
-enum
-Enum
-env
-Env
-ENV
-ethernet
-Facebook
-failover
-fallback
-Fcaps
-Financials
-geocoder
-Gerrit
-Git
-Github
-graphSON
-guestOS
-gui
-Hadoop
-hardcoded
-hashtag
-healthcheck
-healthCheck
-Healthcheck
-HealthCheck
-healthchecks
-heatbridge
-heatclient
-HeatStack
-hostname
-hostName
-Hostname
-hostnames
-hostOS
-htm
-html
-http
-Http
-httpclient
-httpcomponents
-httpdomain
-httpHeader
-httpPort
-httpreturncode
-https
-httpStatusCode
-Huawei
-hyperlink
-Hyperlink
-hypervisor
-Hypervisor
-hypervisors
-Hypervisors
-IaaS
-indices
-Indices
-inline
-internet
-interoperable
-interoperate
-Interoperate
-interoperation
-interwork
-Interworking
-IoT
-ip
-Ip
-IP
-ipAddress
-iPAddress
-IPAddress
-ipam
-Ipam
-ipVersion
-Jacoco
-java
-javalib
-javascript
-Javascript
-jboss
-JBoss
-Jenkins
-Jira
-jpath
-json
-Json
-jsonObject
-jsonObjectInstance
-jsonObjects
-jsonschema
-jtosca
-junit
-Junit
-JUnit
-Junits
-JUnits
-Karaf
-keypair
-Keypair
-keypairs
-keyserver
-keyservers
-keyspace
-Keyspace
-keyspaceName
-keyspaces
-keystore
-keytool
-keyValue
-Kibana
-Kibibytes
-kubectl
-Kubernetes
-LF
-lifecycle
-Lifecycle
-lifecycles
-locator
-logback
-Logback
-logfiles
-Logfiles
-logoffs
-Logoffs
-logon
-Logstash
-macAddress
-MacAddress
-macOS
-Malware
-MariaDB
-metadata
-Metadata
-microservice
-Microservice
-microservices
-Microservices
-middleware
-msb
-MSB
-multicast
-multicloud
-Multicloud
-MultiCloud
-multipart
-Mysql
-NaaS
-nameserver
-nameservers
-namespace
-Namespace
-namespaced
-namespaces
-Namespaces
-Netconf
-nfv
-NFV
-nfvi
-nfvo
-nfvparser
-Nokia
-NSD
-OAM
-Ocata
-ODL
-Onap
-ONAP
-onboard
-Onboard
-onboarded
-Onboarded
-onboarding
-Onboarding
-online
-OOF
-oom
-OOM
-OpenDaylight
-OpenFlow
-openo
-OpenO
-Opensource
-Openstack
-OpenStack
-OSS
-ovs
-ovsdb
-Pandoc
-partitionKey
-Partitionkey
-passphrase
-PCRF
-pdf
-PGaaS
-Phishing
-PKI
-placemark
-Placemark
-placemarks
-plantUML
-playbook
-Playbook
-playbooks
-Playbooks
-plugin
-Plugin
-plugins
-Plugins
-PNF
-PoC
-Postgre
-Postgres
-Postgresql
-preload
-Preload
-proactively
-programmatically
-proxyhost
-pserver
-pServer
-pservers
-QoS
-quickstart
-Quickstart
-Rackspace
-readme
-readthedocs
-Readthedocs
-Redhat
-Redis
-refactored
-Refactored
-registrator
-Registrator
-releng
-repo
-Repo
-repos
-Restconf
-reStructuredText
-reusability
-Reusability
-RMM
-roadmap
-roadmaps
-RPT
-rst
-RST
-RVMI
-schemas
-screensaver
-sdc
-Sdc
-SDC
-sdk
-SDK
-SDN
-sdnc
-Sdnc
-SDNC
-Selenium
-servlet
-Servlet
-Skynet
-SLI
-SMP
-SNMP
-SPI
-SQL
-stateful
-subclassed
-subclassing
-subdomain
-subflows
-suboperation
-suboperations
-Suboperations
-subtending
-syslog
-sysLog
-Syslog
-syslogs
-Syslogs
-tablename
-taxonomical
-TBD
-Telco
-telecom
-Telecom
-templated
-templating
-timeframe
-timeslots
-timestamp
-Timestamp
-transcoding
-UDP
-UI
-uncheck
-undeploy
-Undeploy
-undeployed
-undeploying
-Undeployment
-uninstall
-uninstallation
-uninstalled
-unitless
-Unregistration
-updatable
-uploadable
-url
-Url
-urls
-usecase
-Usecase
-userid
-username
-Username
-usernames
-validator
-Validator
-vcpu
-vcpus
-vdns
-versioned
-Versioned
-versioning
-Versioning
-vertices
-Vertices
-vf
-vF
-vfc
-vFC
-VFC
-vfcadaptor
-vfirewall
-vFirewall
-vfmodule
-vfModule
-VfModule
-vfModules
-vfstatus
-vfStatus
-virtualization
-Virtualization
-virtualize
-virtualized
-Virtualized
-virtualizes
-virtualizing
-vlan
-Vld
-vm
-Vm
-VM
-vms
-VMs
-VMware
-vnf
-vNF
-Vnf
-VNF
-vnfapi
-vnfc
-VNFFG
-vnfm
-Vnfm
-VNFM
-VNFMs
-vnfs
-vNFs
-vnfsdk
-VPN
-vrouter
-vserver
-vServer
-Vserver
-vservers
-Vservers
-vswitch
-VVP
-Vyatta
-webapp
-webapps
-Webpage
-webserver
-WebServer
-Websocket
-Websockets
-whitebox
-whiteboxes
-whitepaper
-wiki
-Wiki
-Wikis
-Wildfly
-Windriver
-Wireline
-workflow
-Workflow
-workflows
-www
-xml
-Xmx
-Yaml
-yamls
-zabbix
-Zachman
-Zookeeper
-ZTE
chartstorage/
+**/charts/*.tgz
+helm/plugins/deploy/cache/
appVersion: "1.0.0"
description: A Helm chart for A1 Policy Management Service
name: a1policymanagement
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
echo "*** change ownership of certificates to targeted user"
chown -R 1000 .
-image: onap/ccsdk-oran-a1policymanagementservice:1.3.0
+image: onap/ccsdk-oran-a1policymanagementservice:1.3.2
userID: 1000 #Should match with image-defined user ID
groupID: 999 #Should match with image-defined group ID
pullPolicy: IfNotPresent
apiVersion: v2
description: ONAP Application Authorization Framework
name: aaf
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: aaf-cass
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aaf-cass'
condition: aaf-authz.enabled
- name: aaf-cm
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aaf-cm'
condition: aaf-authz.enabled
- name: aaf-fs
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aaf-fs'
condition: aaf-authz.enabled
- name: aaf-gui
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aaf-gui'
condition: aaf-authz.enabled
- name: aaf-hello
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aaf-hello'
condition: aaf-hello.enabled
- name: aaf-locate
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aaf-locate'
condition: aaf-authz.enabled
- name: aaf-oauth
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aaf-oauth'
condition: aaf-authz.enabled
- name: aaf-service
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aaf-service'
condition: aaf-authz.enabled
- name: aaf-sms
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aaf-sms'
condition: aaf-sms.enabled
- name: aaf-sshsm
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aaf-sshsm'
condition: aaf-sshsm.enabled
EXCLUDES :=
HELM_BIN := helm
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+PROCESSED_FIRST := aaf-templates
+TO_FILTER := $(PROCESSED_FIRST) $(EXCLUDES)
+
+HELM_CHARTS := $(PROCESSED_FIRST) $(filter-out $(TO_FILTER), $(sort $(patsubst %/.,%,$(wildcard */.))))
.PHONY: $(EXCLUDES) $(HELM_CHARTS)
apiVersion: v2
description: ONAP AAF cassandra
name: aaf-cass
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP AAF Certificate Manager
name: aaf-cm
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: aaf-templates
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../aaf-templates'
apiVersion: v2
description: ONAP AAF File Server
name: aaf-fs
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: aaf-templates
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../aaf-templates'
apiVersion: v2
description: ONAP AAF GUI
name: aaf-gui
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: aaf-templates
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../aaf-templates'
apiVersion: v2
description: ONAP AAF Hello
name: aaf-hello
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: aaf-templates
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../aaf-templates'
apiVersion: v2
description: ONAP AAF Locate
name: aaf-locate
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: aaf-templates
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../aaf-templates'
apiVersion: v2
description: ONAP AAF OAuth
name: aaf-oauth
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: aaf-templates
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../aaf-templates'
apiVersion: v2
description: ONAP AAF Service
name: aaf-service
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: aaf-templates
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../aaf-templates'
\ No newline at end of file
apiVersion: v2
description: ONAP Secret Management Service
name: aaf-sms
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: aaf-sms-quorumclient
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aaf-sms-quorumclient'
- name: aaf-sms-vault
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aaf-sms-vault'
apiVersion: v2
description: ONAP Secret Management Service Quorum Client
name: aaf-sms-quorumclient
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
description: Chart to launch Vault as SMS backend
name: aaf-sms-vault
appVersion: 0.9.5
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: localtime
hostPath:
cpu: 25m
memory: 100Mi
unlimited: {}
+
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}-preload'
+
apiVersion: v2
description: ONAP Hardware Security Components
name: aaf-sshsm
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: aaf-sshsm-abrmd
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aaf-sshsm-abrmd'
condition: aaf-sshsm-abrmd.enabled
- name: aaf-sshsm-distcenter
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aaf-sshsm-distcenter'
condition: aaf-sshsm-distcenter.enabled
- name: aaf-sshsm-testca
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aaf-sshsm-testca'
condition: aaf-sshsm-testca.testca.enabled
apiVersion: v2
description: ONAP Trusted Platform Module Resource Manager
name: aaf-sshsm-abrmd
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP Trusted Platform Module Distribution Center
name: aaf-sshsm-distcenter
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP Trusted Platform Module Test CA Service
name: aaf-sshsm-testca
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP Application Authorization Framework Templates
name: aaf-templates
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
replicas: {{ .Values.replicaCount }}
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+ {{- if (include "common.onServiceMesh" .) }}
+ annotations:
+ sidecar.istio.io/inject: "false"
+ {{- end }}
spec: {{ include "aaf.initContainers" . | nindent 6 }}
containers:
- name: {{ include "common.name" . }}
apiVersion: v2
description: ONAP Active and Available Inventory
name: aai
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: cassandra
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
condition: global.cassandra.localCluster
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: aai-babel
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aai-babel'
condition: aai-babel.enabled
- name: aai-graphadmin
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aai-graphadmin'
condition: aai-graphadmin.enabled
- name: aai-modelloader
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aai-modelloader'
condition: aai-modelloader.enabled
- name: aai-resources
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aai-resources'
condition: aai-resources.enabled
- name: aai-schema-service
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aai-schema-service'
condition: aai-schema-service.enabled
- name: aai-sparky-be
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aai-sparky-be'
condition: aai-sparky-be.enabled
- name: aai-traversal
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/aai-traversal'
condition: aai-traversal.enabled
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: Babel microservice
name: aai-babel
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP AAI GraphAdmin
name: aai-graphadmin
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
args:
- -c
- |
- bash docker-entrypoint.sh dataSnapshot.sh
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
+ bash docker-entrypoint.sh dataSnapshot.sh;
{{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }}
env:
- name: LOCAL_USER_ID
args:
- -c
- |
- bash docker-entrypoint.sh createDBSchema.sh
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
+ bash docker-entrypoint.sh createDBSchema.sh;
{{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }}
env:
- name: LOCAL_USER_ID
args:
- -c
- |
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
bash docker-entrypoint.sh run_Migrations.sh -e UpdateAaiUriIndexMigration --commit --skipPreMigrationSnapShot --runDisabled RebuildAllEdges ;
{{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }}
env:
args:
- -c
- |
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
bash docker-entrypoint.sh dataSnapshot.sh
{{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }}
env:
apiVersion: v2
description: ONAP AAI modelloader
name: aai-modelloader
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
{{ else }}
ml.distribution.ASDC_ADDRESS=sdc-be.{{.Release.Namespace}}:8080
ml.distribution.ASDC_USE_HTTPS=false
+ml.distribution.KEYSTORE_PASSWORD=
+ml.distribution.KEYSTORE_FILE=
+ml.distribution.PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp
{{ end }}
ml.distribution.CONSUMER_GROUP=aai-ml-group
ml.distribution.CONSUMER_ID=aai-ml
apiVersion: v2
description: ONAP AAI resources
name: aai-resources
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP AAI Schema Service
name: aai-schema-service
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP AAI sparky-be
name: aai-sparky-be
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
app: {{ include "common.name" . }}
template:
metadata:
+ annotations:
+ sidecar.istio.io/rewriteAppHTTPProbers: "false"
labels:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
apiVersion: v2
description: ONAP AAI traversal
name: aai-traversal
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
type: {{ .Values.service.type }}
selector:
app: {{ include "common.name" . }}
- clusterIP: {{ .Values.service.aaiServiceClusterIp }}
externalPort: 8443
internalPort: 8443
nodePort: 33
- # POLICY hotfix - Note this must be temporary
- # See https://jira.onap.org/browse/POLICY-510
- aaiServiceClusterIp:
externalPlainPort: 80
internalPlainPort: 8080
nodeport: 33
apiVersion: v2
description: Application Controller
name: appc
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: mariadb-galera
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dgbuilder
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: appc-ansible-server
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/appc-ansible-server'
condition: appc-ansible-server.enabled
- name: appc-cdt
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/appc-cdt'
condition: appc-cdt.enabled
apiVersion: v2
description: ONAP APPC Ansible Server
name: appc-ansible-server
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP APPC Self Service Controller Design Tool
name: appc-cdt
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP Controller Design Studio (CDS)
name: cds
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: mariadb-galera
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: cds-blueprints-processor
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/cds-blueprints-processor'
condition: cds-blueprints-processor.enabled
- name: cds-command-executor
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/cds-command-executor'
condition: cds-command-executor.enabled
- name: cds-py-executor
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/cds-py-executor'
condition: cds-py-executor.enabled
- name: cds-sdc-listener
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/cds-sdc-listener'
condition: cds-sdc-listener.enabled
- name: cds-ui
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/cds-ui'
condition: cds-ui.enabled
apiVersion: v2
description: ONAP CDS Blueprints Processor
name: cds-blueprints-processor
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
{{/*
#
-# Copyright (c) 2017-2019 AT&T, IBM, Bell Canada, Nordix Foundation.
+# Copyright (c) 2017-2022 AT&T, IBM, Bell Canada, Nordix Foundation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
### START -Controller Blueprints Properties
# Load Resource Source Mappings
*/}}
-resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,vault-data=source-rest,script=source-capability
+resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,vault-data=source-rest,script=source-capability,cps-data=source-rest
# Blueprint Processor File Execution and Handling Properties
blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy
# AAI Data REST Client settings
blueprintsprocessor.restclient.aai-data.type=basic-auth
-blueprintsprocessor.restclient.aai-data.url=https://aai:8443
+{{ if ( include "common.needTLS" .) }}
+blueprintsprocessor.restclient.aai-data.url=https://{{ .Values.global.aaiData.ServiceName }}:8443
+{{- else -}}
+blueprintsprocessor.restclient.aai-data.url=http://{{ .Values.global.aaiData.ServiceName }}:{{ .Values.global.aaiData.ExternalPlainPort }}
+{{- end }}
blueprintsprocessor.restclient.aai-data.username=aai@aai.onap.org
blueprintsprocessor.restclient.aai-data.password=demo123456!
blueprintsprocessor.restclient.aai-data.additionalHeaders.X-TransactionId=cds-transaction-id
blueprintsprocessor.restclient.aai-data.additionalHeaders.X-FromAppId=cds-app-id
blueprintsprocessor.restclient.aai-data.additionalHeaders.Accept=application/json
+# CPS Data
+blueprintsprocessor.restclient.cps-data.type=basic-auth
+blueprintsprocessor.restclient.cps-data.url=http://cps-core:8080
+blueprintsprocessor.restclient.cps-data.username=${CPS_USER}
+blueprintsprocessor.restclient.cps-data.password=${CPS_PASS_PLAIN}
+blueprintsprocessor.restclient.cps-data.additionalHeaders.Accept=application/json
+blueprintsprocessor.restclient.cps-data.additionalHeaders.Content-Type=application/json
+
# Self Service Request Kafka Message Consumer
-blueprintsprocessor.messageconsumer.self-service-api.kafkaEnable=false
-blueprintsprocessor.messageconsumer.self-service-api.type=kafka-basic-auth
-blueprintsprocessor.messageconsumer.self-service-api.bootstrapServers=message-router-kafka:9092
-blueprintsprocessor.messageconsumer.self-service-api.groupId=cds-consumer-group
-blueprintsprocessor.messageconsumer.self-service-api.topic=cds-consumer
-blueprintsprocessor.messageconsumer.self-service-api.clientId=cds-client
-blueprintsprocessor.messageconsumer.self-service-api.pollMillSec=1000
+blueprintsprocessor.messageconsumer.self-service-api.kafkaEnable={{ .Values.kafkaRequestConsumer.enabled }}
+blueprintsprocessor.messageconsumer.self-service-api.type={{ .Values.kafkaRequestConsumer.type }}
+{{ if eq .Values.useStrimziKafka true }}
+blueprintsprocessor.messageconsumer.self-service-api.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092
+{{- else -}}
+blueprintsprocessor.messageconsumer.self-service-api.bootstrapServers={{ .Values.kafkaRequestConsumer.bootstrapServers }}
+{{- end }}
+blueprintsprocessor.messageconsumer.self-service-api.groupId={{ .Values.kafkaRequestConsumer.groupId }}
+blueprintsprocessor.messageconsumer.self-service-api.topic={{ .Values.kafkaRequestConsumer.topic }}
+blueprintsprocessor.messageconsumer.self-service-api.clientId={{ .Values.kafkaRequestConsumer.clientId }}
+blueprintsprocessor.messageconsumer.self-service-api.pollMillSec={{ .Values.kafkaRequestConsumer.pollMillSec }}
+{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }}
+# SCRAM
+blueprintsprocessor.messageconsumer.self-service-api.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }}
+blueprintsprocessor.messageconsumer.self-service-api.scramPassword=${JAAS_PASS}
+{{ end }}
# Self Service Response Kafka Message Producer
-blueprintsprocessor.messageproducer.self-service-api.bootstrapServers=message-router-kafka:9092
-
-# Kafka Audit Service Configurations
-blueprintsprocessor.messageproducer.self-service-api.audit.kafkaEnable=false
+blueprintsprocessor.messageproducer.self-service-api.type={{ .Values.kafkaRequestProducer.type }}
+{{ if eq .Values.useStrimziKafka true }}
+blueprintsprocessor.messageproducer.self-service-api.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092
+{{- else -}}
+blueprintsprocessor.messageproducer.self-service-api.bootstrapServers={{ .Values.kafkaRequestProducer.bootstrapServers }}
+{{- end }}
+blueprintsprocessor.messageproducer.self-service-api.clientId={{ .Values.kafkaRequestProducer.clientId }}
+blueprintsprocessor.messageproducer.self-service-api.topic={{ .Values.kafkaRequestProducer.topic }}
+{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }}
+# SCRAM
+blueprintsprocessor.messageproducer.self-service-api.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }}
+blueprintsprocessor.messageproducer.self-service-api.scramPassword=${JAAS_PASS}
+{{ end }}
+
+# AUDIT KAFKA FEATURE CONFIGURATION
+# Audit feature dumps CDS request to a topic as well as a truncated response message to another topic.
+## Audit request
+blueprintsprocessor.messageproducer.self-service-api.audit.kafkaEnable={{ .Values.kafkaAuditRequest.enabled }}
+blueprintsprocessor.messageproducer.self-service-api.audit.request.type={{ .Values.kafkaAuditRequest.type }}
+{{ if eq .Values.useStrimziKafka true }}
+blueprintsprocessor.messageproducer.self-service-api.audit.request.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092
+{{- else -}}
+blueprintsprocessor.messageproducer.self-service-api.audit.request.bootstrapServers={{ .Values.kafkaAuditRequest.bootstrapServers }}
+{{- end }}
+blueprintsprocessor.messageproducer.self-service-api.audit.request.clientId={{ .Values.kafkaAuditRequest.clientId }}
+blueprintsprocessor.messageproducer.self-service-api.audit.request.topic={{ .Values.kafkaAuditRequest.topic }}
+{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }}
+# SCRAM
+blueprintsprocessor.messageproducer.self-service-api.audit.request.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }}
+blueprintsprocessor.messageproducer.self-service-api.audit.request.scramPassword=${JAAS_PASS}
+{{ end }}
+
+## Audit response
+blueprintsprocessor.messageproducer.self-service-api.audit.response.type={{ .Values.kafkaAuditResponse.type }}
+{{ if eq .Values.useStrimziKafka true }}
+blueprintsprocessor.messageproducer.self-service-api.audit.response.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092
+{{- else -}}
+blueprintsprocessor.messageproducer.self-service-api.audit.response.bootstrapServers={{ .Values.kafkaAuditRequest.bootstrapServers }}
+{{- end }}
+blueprintsprocessor.messageproducer.self-service-api.audit.response.clientId={{ .Values.kafkaAuditResponse.clientId }}
+blueprintsprocessor.messageproducer.self-service-api.audit.response.topic={{ .Values.kafkaAuditResponse.topic }}
+{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }}
+# SCRAM
+blueprintsprocessor.messageproducer.self-service-api.audit.response.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }}
+blueprintsprocessor.messageproducer.self-service-api.audit.response.scramPassword=${JAAS_PASS}
+{{ end }}
# Executor Options
blueprintsprocessor.resourceResolution.enabled=true
## Enable py-executor
blueprintsprocessor.streamingRemoteExecution.enabled=true
-# Used in Health Check
-blueprintsprocessor.messageproducer.self-service-api.type=kafka-basic-auth
-blueprintsprocessor.messageproducer.self-service-api.clientId=cds-client
-blueprintsprocessor.messageproducer.self-service-api.topic=cds-producer
+## Used in Health Check
+#blueprintsprocessor.messageproducer.self-service-api.type=kafka-basic-auth
+#blueprintsprocessor.messageproducer.self-service-api.clientId=cds-client
+#blueprintsprocessor.messageproducer.self-service-api.topic=cds-producer
#Encrypted username and password for health check service
endpoints.user.password=eHbVUbJAj4AG2522cSbrOQ==
#BaseUrls for health check blueprint processor services
-blueprintprocessor.healthcheck.baseUrl=http://localhost:8080/
+blueprintprocessor.healthcheck.baseUrl=http://cds-blueprints-processor-http:8080/
blueprintprocessor.healthcheck.mapping-service-name-with-service-link=[Execution service,/api/v1/execution-service/health-check],[Resources service,/api/v1/resources/health-check],[Template service,/api/v1/template/health-check]
#BaseUrls for health check Cds Listener services
--- /dev/null
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{ if eq .Values.useStrimziKafka true }}
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: {{ .Values.kafkaRequestConsumer.topic }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ partitions: 10
+ replicas: 2
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: {{ .Values.kafkaRequestProducer.topic }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ partitions: 10
+ replicas: 2
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: {{ .Values.kafkaAuditRequest.topic }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ partitions: 10
+ replicas: 2
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: {{ .Values.kafkaAuditResponse.topic }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ partitions: 10
+ replicas: 2
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
+{{ end }}
\ No newline at end of file
--- /dev/null
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{ if eq .Values.useStrimziKafka true }}
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaUser
+metadata:
+ name: {{ include "common.release" . }}-{{ .Values.cdsKafkaUser }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ authentication:
+ type: scram-sha-512
+ authorization:
+ type: simple
+ acls:
+ - resource:
+ type: group
+ name: {{ .Values.kafkaRequestConsumer.groupId }}
+ operation: All
+ - resource:
+ type: topic
+ name: {{ .Values.kafkaRequestConsumer.topic }}
+ operation: All
+ - resource:
+ type: topic
+ name: {{ .Values.kafkaRequestProducer.topic }}
+ operation: All
+ - resource:
+ type: topic
+ name: {{ .Values.kafkaAuditRequest.topic }}
+ operation: All
+ - resource:
+ type: topic
+ name: {{ .Values.kafkaAuditResponse.topic }}
+ operation: All
+{{ end }}
\ No newline at end of file
{{/*
# Copyright (c) 2019 IBM, Bell Canada
# Copyright (c) 2020 Samsung Electronics
+# Modification Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
args:
- --container-name
- cds-db
- {{- if .Values.dmaapEnabled }}
- - --container-name
- - message-router
- {{ end }}
env:
- name: NAMESPACE
valueFrom:
fieldPath: metadata.name
- name: CLUSTER_CONFIG_FILE
value: {{ .Values.config.appConfigDir }}/hazelcast.yaml
+ - name: CPS_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "login") | indent 12 }}
+ - name: CPS_PASS_PLAIN
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "password") | indent 12 }}
+ {{ if .Values.useStrimziKafka }}
+ - name: JAAS_PASS
+ value: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-kafka-secret" "key" "password") | indent 12 }}
+ {{ end }}
ports:
- containerPort: {{ .Values.service.http.internalPort }}
- containerPort: {{ .Values.service.grpc.internalPort }}
{{- if eq .Values.service.http.type "NodePort"}}
nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.http.nodePort }}
{{- end}}
- name: {{ .Values.service.http.portName | default "http" }}
+ name: {{ .Values.service.http.portName | default "http" }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
selector:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
# Copyright (c) 2019 IBM, Bell Canada
# Copyright (c) 2020 Samsung Electronics
+# Modification Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
persistence:
mountPath: /dockerdata-nfs
- #This configuration specifies Service and port for SDNC OAM interface
+ # This configuration specifies Service and port for SDNC OAM interface
sdncOamService: sdnc-oam
sdncOamPort: 8282
+ # This concerns CDS/AAI communication through HTTP when TLS is not being needed
+ # Port value should match the one in aai/values.yml : service.externalPlainPort
+ aaiData:
+ ExternalPlainPort: 80 # when TLS is not needed
+ ServiceName: aai # domain
+ # http://aai:80 or https://aai:443
+
#AAF is enabled by default
#aafEnabled: true
externalSecret: '{{ tpl (default "" .Values.config.sdncDB.dbRootPassExternalSecret) . }}'
password: '{{ .Values.config.sdncDB.dbRootPass }}'
passwordPolicy: required
+ - uid: cds-kafka-secret
+ externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+ type: genericKV
+ envs:
+ - name: password
+ value: '{{ .Values.config.someConfig }}'
+ policy: generate
+ - uid: cps-creds
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.cps.cpsUserExternalSecret) . }}'
+ login: '{{ .Values.config.cps.cpsUsername }}'
+ password: '{{ .Values.config.cps.cpsPassword }}'
+ passwordPolicy: required
#################################################################
# AAF part
dbService: mariadb-galera
dbPort: 3306
dbName: sdnctl
- #dbRootPass: Custom root password
+ # dbRootPass: Custom root password
dbRootPassExternalSecret: '{{ include "common.mariadb.secret.rootPassSecretName" ( dict "dot" . "chartName" .Values.config.sdncDB.dbService ) }}'
cdsDB:
dbServer: cds-db
# dbCredsExternalSecret: <some secret name>
# dbRootPassword: password
# dbRootPassExternalSecret
+ someConfig: blah
+ cps:
+ cpsUsername: ''
+ cpsPassword: ''
+ cpsUserExternalSecret: '{{ include "common.release" . }}-cps-core-app-user-creds'
# default number of instances
replicaCount: 1
affinity: {}
-# flag for kafka-listener dependency. Set to true if you are using message-router otherwise set to false if you are using
-# custom kafka cluster.
-dmaapEnabled: true
+# If useStrimziKafka is true, the following also applies:
+# strimzi will create an associated kafka user and the topics defined for Request and Audit elements below.
+# The connection type must be kafka-scram-plain-text-auth
+# The bootstrapServers will target the strimzi kafka cluster by default
+useStrimziKafka: false
+cdsKafkaUser: cds-kafka-user
+kafkaRequestConsumer:
+ enabled: false
+ type: kafka-scram-plain-text-auth
+ bootstrapServers: host:port
+ groupId: cds-consumer
+ topic: cds.blueprint-processor.self-service-api.request
+ clientId: request-receiver-client-id
+ pollMillSec: 1000
+kafkaRequestProducer:
+ type: kafka-scram-plain-text-auth
+ bootstrapServers: host:port
+ clientId: request-producer-client-id
+ topic: cds.blueprint-processor.self-service-api.response
+ enableIdempotence: false
+kafkaAuditRequest:
+ enabled: false
+ type: kafka-scram-plain-text-auth
+ bootstrapServers: host:port
+ clientId: audit-request-producer-client-id
+ topic: cds.blueprint-processor.self-service-api.audit.request
+ enableIdempotence: false
+kafkaAuditResponse:
+ type: kafka-scram-plain-text-auth
+ bootstrapServers: host:port
+ clientId: audit-response-producer-client-id
+ topic: cds.blueprint-processor.self-service-api.audit.response
+ enableIdempotence: false
# probe configuration parameters
startup:
periodSeconds: 10
liveness:
- initialDelaySeconds: 0
+ initialDelaySeconds: 1
periodSeconds: 20
- timeoutSeconds: 20
+ timeoutSeconds: 30
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
- enabled: true
+ enabled: false
readiness:
initialDelaySeconds: 120
service:
http:
type: ClusterIP
- portName: blueprints-processor-http
+ portName: http
internalPort: 8080
externalPort: 8080
grpc:
type: ClusterIP
- portName: blueprints-processor-grpc
+ portName: grpc
internalPort: 9111
externalPort: 9111
cluster:
type: ClusterIP
- portName: blueprints-processor-cluster
+ portName: tcp-cluster
internalPort: 5701
externalPort: 5701
- baseaddr: "blueprintsprocessorhttp"
name: "cds-blueprints-processor-http"
port: 8080
- config:
- ssl: "none"
+ config:
+ ssl: "none"
logback:
rootLogLevel: INFO
apiVersion: v2
description: ONAP CDS Command Executor
name: cds-command-executor
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
service:
type: ClusterIP
grpc:
- portName: command-executor-grpc
+ portName: grpc
internalPort: 50051
externalPort: 50051
metrics:
- portName: command-executor-metrics
+ portName: tcp-metrics
internalPort: 10005
externalPort: 10005
metrics:
serviceMonitor:
enabled: false
- port: command-executor-metrics
+ port: tcp-metrics
path: /actuator/prometheus
basicAuth:
enabled: false
apiVersion: v2
description: ONAP CDS Py Executor
name: cds-py-executor
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
type: ClusterIP
ports:
- port: 50052
- name: executor-grpc
+ name: grpc-executor
- port: 50053
- name: manager-grpc
+ name: grpc-manager
secrets:
- uid: api-credentials
apiVersion: v2
description: ONAP CDS SDC listener microservice
name: cds-sdc-listener
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
listenerservice:
config:
- asdcAddress: sdc-be.{{include "common.namespace" .}}:8443 #SDC-BE
+ asdcAddress: sdc-be.{{include "common.namespace" .}}:{{ (eq "true" (include "common.needTLS" .)) | ternary 8443 8080 }} #SDC-BE
messageBusAddress: message-router.{{include "common.namespace" .}} #Message-Router
user: cds #SDC-username
password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U #SDC-password
keyStorePath:
activateServerTLSAuth : false
isUseHttpsWithDmaap: false
- isUseHttpsWithSDC: true
+ isUseHttpsWithSDC: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
archivePath: /opt/app/onap/sdc-listener/
grpcAddress: cds-blueprints-processor-grpc
grpcPort: 9111
httpsProxyPort: 0
httpProxyPort: 0
-
-
cdslistener:
healthcheck:
baseUrl: http://localhost:9000/
mapping-service-name-with-service-link: "[SDC Listener service,/api/v1/sdclistener/healthcheck]"
-
management:
endpoint:
health:
value: {{ .Values.config.appConfigDir }}
ports:
- containerPort: {{ .Values.service.http.internalPort }}
+ name: {{ .Values.service.http.portName }}
{{ if .Values.liveness.enabled }}
livenessProbe:
httpGet:
path: /api/v1/sdclistener/healthcheck
- port: {{ .Values.service.http.internalPort }}
+ port: {{ .Values.service.http.portName }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{end}}
readinessProbe:
httpGet:
path: /api/v1/sdclistener/healthcheck
- port: {{ .Values.service.http.internalPort }}
+ port: {{ .Values.service.http.portName }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
{{- if eq .Values.service.type "NodePort"}}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
{{- end}}
- name: {{ .Values.service.http.portName | default "http" }}
+ name: {{ .Values.service.http.portName | default "http" }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
selector:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
service:
type: ClusterIP
http:
- portName: cds-sdc-listener-http
+ portName: http
internalPort: 8080
externalPort: 8080
apiVersion: v2
description: ONAP CDS UI
name: cds-ui
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- baseaddr: "cdsui"
name: "cds-ui"
port: 3000
- config:
- ssl: "redirect"
+ config:
+ ssl: "redirect"
# Resource Limit flavor -By Default using small
flavor: small
# Copyright © 2020 Samsung Electronics
# Copyright © 2019 Orange, Bell Canada
# Copyright © 2017 Amdocs, Bell Canada
+# Modification Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
nodePortPrefixExt: 304
persistence:
mountPath: /dockerdata-nfs
+ cdsKafkaUser: cds-kafka-user
#################################################################
# Secrets metaconfig
dbPort: 3306
dbName: *mysqlDbName
dbCredsExternalSecret: *dbUserSecretName
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.kafkaUser }}'
cds-command-executor:
enabled: true
apiVersion: v2
description: ONAP Command Line Interface
name: cli
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
type: NodePort
name: cli
externalPort: 443
- externalPort1: 9090
+ externalPort1: 9443
internalPort: "443"
- internalPort1: 9090
+ internalPort1: 9443
nodePort: "60"
nodePort1: "71"
port: 443
- baseaddr: "cli2.api"
name: cli
- port: 9090
+ port: 9443
config:
ssl: "redirect"
apiVersion: v2
description: ONAP cassandra
name: cassandra
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../repositoryGenerator'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../serviceAccount'
- name: tcp-agent
port: 61621
-podAnnotations: {}
+podAnnotations:
+ # sidecar.istio.io/inject: "false"
+ traffic.sidecar.istio.io/excludeInboundPorts: "7000,7001"
+ traffic.sidecar.istio.io/includeInboundPorts: '*'
+ traffic.sidecar.istio.io/excludeOutboundPorts: "7000,7001"
podManagementPolicy: OrderedReady
updateStrategy:
type: RollingUpdate
apiVersion: v2
description: Wrapper chart to allow truststore to be shared among cert-initializer instances
name: cert-wrapper
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../certInitializer'
apiVersion: v2
description: Template used to obtain certificates in onap
name: certInitializer
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../readinessCheck'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../repositoryGenerator'
apiVersion: v2
name: certManagerCertificate
description: A Helm chart for Cert-Manager Certificate CRD template
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
- name: cmpv2Config
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../cmpv2Config'
apiVersion: v2
description: Template used to store cmpv2 configuration in onap
name: cmpv2Config
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
apiVersion: v2
description: Common templates for inclusion in other charts
name: common
-version: 10.0.0
+version: 11.0.0
{{/*
################################################################################
# Copyright (C) 2021 Nordix Foundation. #
+# Copyright (c) 2022 J. F. Lucas. All rights reserved. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); #
# you may not use this file except in compliance with the License. #
{{/*
This template generates a Kubernetes init containers common template to enable applications to provision
- DMaaP topics (on Message Router) and feeds (on Data Router), with associated authorization (on AAF).
+ DMaaP feeds (on Data Router), with associated authorization.
DMaap Bus Controller endpoints are used to provision:
- - Authorized topic on MR, and to create and grant permission for publishers and subscribers.
+
- Feed on DR, with associated user authentication.
common.dmaap.provisioning.initContainer:
This template make use of Dmaap Bus Controller docker image to create resources on Dmaap Data Router
- microservice, with the help of dbc-client.sh script it makes use of Bus Controller API to create Feed, Topics.
+ microservice, with the help of dbc-client.sh script it makes use of Bus Controller API to create Feeds.
If the resource creation is successful via script response is logged back at particular location with
appropriate naming convention.
privilegedSubscriber: True
deliveryURL: https://dcae-pm-mapper:8443/delivery
- # MessageRouter Topic, Publisher Configuration
- mrTopicsConfig:
- - topicName: PERFORMANCE_MEASUREMENTS
- topicDescription: Description about Topic
- owner: dcaecm
- tnxEnabled: false
- clients:
- - dcaeLocationName: san-francisco
- clientRole: org.onap.dcae.pmPublisher
- action:
- - pub
- - view
-
- # ConfigMap Configuration for DR Feed, Dr_Publisher, Dr_Subscriber, MR Topics
+ # ConfigMap Configuration for DR Feed, Dr_Publisher, Dr_Subscriber
volumes:
- name: feeds-config
path: /opt/app/config/feeds
path: /opt/app/config/dr_pubs
- name: drsub-config
path: /opt/app/config/dr_subs
- - name: topics-config
- path: /opt/app/config/topics
In deployments/jobs/stateful include:
initContainers:
{{- define "common.dmaap.provisioning.initContainer" -}}
{{- $dot := default . .dot -}}
{{- $drFeedConfig := default $dot.Values.drFeedConfig .drFeedConfig -}}
-{{- $mrTopicsConfig := default $dot.Values.mrTopicsConfig .mrTopicsConfig -}}
-{{- if or $drFeedConfig $mrTopicsConfig -}}
+{{- if $drFeedConfig -}}
- name: {{ include "common.name" $dot }}-init-dmaap-provisioning
image: {{ include "repositoryGenerator.image.dbcClient" $dot }}
imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
+++ /dev/null
-{{/*
-# Copyright © 2021 Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{/*
- Generate comma separated list of kafka or zookeper nodes to reuse in message router charts.
- How to use:
-
- zookeeper servers list: {{ include "common.kafkaNodes" (dict "dot" . "replicaCount" (index .Values "message-router-zookeeper" "replicaCount") "componentName" .Values.zookeeper.name "port" .Values.zookeeper.port ) }}
- kafka servers list: {{ include "common.kafkaNodes" (dict "dot" . "replicaCount" (index .Values "message-router-kafka" "replicaCount") "componentName" .Values.kafka.name "port" .Values.kafka.port ) }}
-
-*/}}
-{{- define "common.kafkaNodes" -}}
-{{- $dot := .dot -}}
-{{- $replicaCount := .replicaCount -}}
-{{- $componentName := .componentName -}}
-{{- $port := .port -}}
-{{- $kafkaNodes := list -}}
-{{- range $i, $e := until (int $replicaCount) -}}
-{{- $kafkaNodes = print (include "common.release" $dot) "-" $componentName "-" $i "." $componentName "." (include "common.namespace" $dot) ".svc.cluster.local:" $port | append $kafkaNodes -}}
-{{- end -}}
-{{- $kafkaNodes | join "," -}}
-{{- end -}}
{{- else if $dot.Values.metrics.serviceMonitor.targetPort }}
targetPort: {{ $dot.Values.metrics.serviceMonitor.targetPort }}
{{- else }}
- port: metrics
+ port: tcp-metrics
{{- end }}
{{- if $dot.Values.metrics.serviceMonitor.isHttps }}
scheme: https
apiVersion: v2
description: D.G. Builder application
name: dgbuilder
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../repositoryGenerator'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../serviceAccount'
# Application configuration defaults.
#################################################################
# application image
-image: onap/ccsdk-dgbuilder-image:1.3.1
+image: onap/ccsdk-dgbuilder-image:1.3.4
pullPolicy: Always
# flag to enable debugging - application support required
service:
type: NodePort
name: dgbuilder
- portName: dgbuilder
+ portName: http
externalPort: 3000
internalPort: 3100
nodePort: 28
apiVersion: v2
description: ONAP elasticsearch
name: elasticsearch
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
- name: master
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/master'
- name: data
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/data'
condition: elasticsearch.data.enabled,data.enabled
- name: curator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/curator'
condition: elasticsearch.curator.enabled,curator.enabled
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../certInitializer'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../repositoryGenerator'
apiVersion: v2
description: ONAP elasticsearch curator
name: curator
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../../../common'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../../../repositoryGenerator'
\ No newline at end of file
apiVersion: v2
description: ONAP elasticsearch data
name: data
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../../../common'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../../../repositoryGenerator'
value: "yes"
- name: ELASTICSEARCH_NODE_TYPE
value: "data"
+ - name: network.bind_host
+ value: 127.0.0.1
+ - name: network.publish_host
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
ports: {{- include "common.containerPorts" . |indent 12 }}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
service:
## list of ports for "common.containerPorts"
ports:
- - name: http-transport
+ - name: tcp-transport
port: 9300
image: bitnami/elasticsearch:7.9.3
apiVersion: v2
description: ONAP elasticsearch master
name: master
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../../../common'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../../../repositoryGenerator'
value: {{ .Values.dedicatednode | quote }}
- name: ELASTICSEARCH_NODE_TYPE
value: "master"
+ - name: network.bind_host
+ value: 127.0.0.1
+ - name: network.publish_host
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
ports: {{- include "common.containerPorts" . |indent 12 }}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
## list of ports for "common.containerPorts"
## Elasticsearch transport port
ports:
- - name: http-transport
+ - name: tcp-transport
port: 9300
## master-eligible service type
##
value: "coordinating"
- name: ELASTICSEARCH_PORT_NUMBER
value: "9000"
+ - name: network.bind_host
+ value: 127.0.0.1
+ - name: network.publish_host
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
{{/*ports: {{- include "common.containerPorts" . | indent 12 -}} */}}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
service:
name: nginx
ports:
- - name: elasticsearch
+ - name: http-es
port: 8080
## Custom server block to be added to NGINX configuration
## PHP-FPM example server block:
##
type: ClusterIP
headlessPorts:
- - name: http-transport
+ - name: tcp-transport
port: 9300
headless:
suffix: discovery
## Elasticsearch tREST API port
##
ports:
- - name: elasticsearch
+ - name: http-es
port: 9200
apiVersion: v2
description: Chart for etcd init job
name: etcd-init
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../repositoryGenerator'
\ No newline at end of file
- /bin/sh
- -ec
- |
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
# Create users
export ETCDCTL_ENDPOINTS=http://${ETCD_HOST}:${ETCD_PORT}
export ETCDCTL_API=3
name: localtime
readOnly: true
resources: {{ include "common.resources" . | nindent 12 }}
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
{{- if .Values.nodeSelector }}
nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }}
{{- end -}}
cpu: 20m
memory: 20Mi
unlimited: {}
+
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}'
apiVersion: v2
name: etcd
home: https://github.com/coreos/etcd
-version: 10.0.0
+version: 11.0.0
appVersion: 2.2.5
description: Distributed reliable key-value store for the most critical data of a
distributed system.
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../repositoryGenerator'
apiVersion: v2
description: Template used to create same STDOUT log configuration
name: logConfiguration
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
apiVersion: v2
description: Chart for MariaDB Galera cluster
name: mariadb-galera
-version: 10.0.0
+version: 11.0.0
keywords:
- mariadb
- mysql
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../readinessCheck'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../repositoryGenerator'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../serviceAccount'
\ No newline at end of file
spec:
type: {{ .Values.metrics.service.type }}
ports:
- - name: metrics
+ - name: tcp-metrics
port: {{ .Values.metrics.service.port }}
- targetPort: metrics
+ targetPort: tcp-metrics
selector: {{- include "common.matchLabels" . | nindent 4 }}
{{- end }}
{{ include "common.service" . }}
---
{{ include "common.headlessService" . }}
+{{- if (include "common.onServiceMesh" .) }}
+{{- if eq (default "istio" .Values.global.serviceMesh.engine) "istio" }}
+---
+apiVersion: security.istio.io/v1beta1
+kind: PeerAuthentication
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app.kubernetes.io/name: {{ include "common.servicename" . }}
+ portLevelMtls:
+ {{ .Values.service.internalPort }}:
+ mode: DISABLE
+{{- end}}
+{{- end}}
- |
DATA_SOURCE_NAME="$MARIADB_ROOT_USER:$MARIADB_ROOT_PASSWORD@(localhost:3306)/" /bin/mysqld_exporter $MARIADB_METRICS_EXTRA_FLAGS
ports:
- - name: metrics
+ - name: tcp-metrics
containerPort: 9104
livenessProbe:
httpGet:
path: /metrics
- port: metrics
+ port: tcp-metrics
initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
readinessProbe:
httpGet:
path: /metrics
- port: metrics
+ port: tcp-metrics
initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }}
clusterDomain: cluster.local
metrics: {}
-image: bitnami/mariadb-galera:10.6.5-debian-10-r28
+image: bitnami/mariadb-galera:10.5.8
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
headless: {}
internalPort: &dbPort 3306
ports:
- - name: mysql
+ - name: tcp-mysql
port: *dbPort
headlessPorts:
- - name: galera
+ - name: tcp-galera
port: 4567
- - name: ist
+ - name: tcp-ist
port: 4568
- - name: sst
+ - name: tcp-sst
port: 4444
## Additional pod annotations for MariaDB Galera pods
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+## -> here required to enable mariadb-galera in istio
##
-podAnnotations: {}
+podAnnotations:
+ # sidecar.istio.io/inject: "false"
+ traffic.sidecar.istio.io/excludeInboundPorts: "4444,4567,4568"
+ traffic.sidecar.istio.io/includeInboundPorts: '*'
+ traffic.sidecar.istio.io/excludeOutboundPorts: "4444,4567,4568"
## Pod affinity preset
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
enabled: true
initialDelaySeconds: 1
periodSeconds: 10
- timeoutSeconds: 1
+ timeoutSeconds: 180
successThreshold: 1
failureThreshold: 3
readinessProbe:
enabled: true
initialDelaySeconds: 1
periodSeconds: 10
- timeoutSeconds: 1
+ timeoutSeconds: 180
successThreshold: 1
failureThreshold: 3
startupProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
- timeoutSeconds: 1
+ timeoutSeconds: 180
successThreshold: 1
# will wait up for initialDelaySeconds + failureThreshold*periodSeconds before
# stating startup wasn't good (910s per default)
release: prometheus
## Rules as a map.
- rules: {}
+ rules: []
# - alert: MariaDB-Down
# annotations:
# message: 'MariaDB instance {{ $labels.instance }} is down'
apiVersion: v2
description: Chart for MariaDB Galera init job
name: mariadb-init
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../repositoryGenerator'
\ No newline at end of file
- /bin/sh
- -c
- |
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
/db_init/db_init.sh {{ if or .Values.dbScriptConfigMap .Values.dbScript }} &&
/db_config/db_cmd.sh{{ end }}
env:
{{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
cpu: 20m
memory: 20Mi
unlimited: {}
+
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}'
apiVersion: v2
description: MongoDB Server
name: mongo
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../repositoryGenerator'
\ No newline at end of file
apiVersion: v2
description: MUSIC - Multi-site State Coordination Service
name: music
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: music-cassandra
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/music-cassandra'
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../repositoryGenerator'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../certInitializer'
\ No newline at end of file
apiVersion: v2
description: ONAP - Cassandra Database
name: music-cassandra
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../../../common'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../../../repositoryGenerator'
\ No newline at end of file
apiVersion: v2\r
description: Name Generation Micro Service\r
name: network-name-gen\r
-version: 10.0.0\r
+version: 11.0.0\r
\r
dependencies:\r
- name: common\r
- version: ~10.x-0\r
+ version: ~11.x-0\r
repository: 'file://../common'\r
- name: repositoryGenerator\r
- version: ~10.x-0\r
+ version: ~11.x-0\r
repository: 'file://../repositoryGenerator'\r
- name: mariadb-galera\r
- version: ~10.x-0\r
+ version: ~11.x-0\r
repository: 'file://../mariadb-galera'\r
condition: global.mariadbGalera.localCluster\r
- name: mariadb-init\r
- version: ~10.x-0\r
+ version: ~11.x-0\r
repository: 'file://../mariadb-init'\r
condition: not global.mariadbGalera.localCluster
\ No newline at end of file
- name: POL_BASIC_AUTH_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pol-basic-auth-secret" "key" "password") | indent 10}}
- name: POL_URL
- value: "{{ .Values.config.polUrl }}"
+ {{- if (include "common.needTLS" .) }}
+ value: "{{ .Values.config.polUrl.https }}"
+ {{- else }}
+ value: "{{ .Values.config.polUrl.http }}"
+ {{- end }}
- name: POL_ENV
value: "{{ .Values.config.polEnv }}"
- name: POL_REQ_ID
- name: AAI_CERT_PATH
value: "{{ .Values.config.aaiCertPath }}"
- name: AAI_URI
- value: "{{ .Values.config.aaiUri }}"
+ {{- if (include "common.needTLS" .) }}
+ value: "{{ .Values.config.aaiUri.https }}"
+ {{- else }}
+ value: "{{ .Values.config.aaiUri.http }}"
+ {{- end }}
- name: AAI_AUTH
value: "{{ .Values.config.aaiAuth }}"
- name: DISABLE_HOST_VERIFICATION
polClientAuth: cHl0aG9uOnRlc3Q=
polBasicAuthUser: healthcheck
polBasicAuthPassword: zb!XztG34
- polUrl: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision
+ polUrl:
+ https: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision
+ http: http://policy-xacml-pdp:8080/policy/pdpx/v1/decision
polEnv: TEST
polReqId: xx
disableHostVerification: true
aaiCertPass: changeit
aaiCertPath: /opt/etc/config/aai_keystore
aaiAuth: QUFJOkFBSQ==
- aaiUri: https://aai:8443/aai/v14/
+ aaiUri:
+ https: https://aai:8443/aai/v14/
+ http: http://aai:8080/aai/v14/
# default number of instances
replicaCount: 1
service:
type: ClusterIP
name: neng-serv
- portName: neng-serv-port
+ portName: http
internalPort: 8080
externalPort: 8080
apiVersion: v2
description: Chart for Postgres init job
name: postgres-init
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../repositoryGenerator'
\ No newline at end of file
}
export PG_PASSWORD=`prepare_password $PG_PASSWORD_INPUT`;
export PG_ROOT_PASSWORD=`prepare_password $PG_ROOT_PASSWORD_INPUT`;
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done;
psql "postgresql://postgres:$PG_ROOT_PASSWORD@$PG_HOST" < /config/setup.sql
env:
name: pgconf
resources:
{{ include "common.resources" . | indent 12 }}
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
cpu: 1
memory: 2Gi
unlimited: {}
+
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}-update-config'
\ No newline at end of file
apiVersion: v2
description: ONAP Postgres Server
name: postgres
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../repositoryGenerator'
\ No newline at end of file
apiVersion: v2
description: Template used to wait for other deployment/sts/jobs in onap
name: readinessCheck
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../repositoryGenerator'
\ No newline at end of file
apiVersion: v2
description: Wrapper chart to allow docker secret to be shared all instances
name: repository-wrapper
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../repositoryGenerator'
\ No newline at end of file
apiVersion: v2
description: Template used to generate the right repository link
name: repositoryGenerator
-version: 10.0.0
+version: 11.0.0
jreImage: onap/integration-java11:10.0.0
kubectlImage: bitnami/kubectl:1.22.4
loggingImage: beats/filebeat:5.5.0
- mariadbImage: bitnami/mariadb:10.6.5-debian-10-r28
+ mariadbImage: bitnami/mariadb:10.5.8
nginxImage: bitnami/nginx:1.21.4
postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1
readinessImage: onap/oom/readiness:3.0.1
apiVersion: v2
description: Wrapper chart to allow default roles to be shared among onap instances
name: roles-wrapper
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
\ No newline at end of file
apiVersion: v2
description: Template used to create the right Service Accounts / Role / RoleBinding
name: serviceAccount
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../common'
\ No newline at end of file
appVersion: "1.0"
description: ONAP timescaledb
name: timescaledb
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../repositoryGenerator'
\ No newline at end of file
apiVersion: v2
description: ONAP Consul Agent
name: consul
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: consul-server
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/consul-server'
condition: consul-server.enabled
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
apiVersion: v2
description: ONAP Consul Server
name: consul-server
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-clampdb[^[:space:]]*")
if [ -n "$NAME" ]; then
- if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
+ if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
echo Success. CLAMP DBHost is running. 2>&1
exit 0
else
NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-policydb[^[:space:]]*")
if [ -n "$NAME" ]; then
- if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
+ if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
echo Success. mariadb process is running. 2>&1
exit 0
else
NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-so-db[^[:space:]]*")
if [ -n "$NAME" ]; then
- if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
+ if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
echo Success. mariadb process is running. 2>&1
exit 0
else
NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-vid-mariadb[^[:space:]]*")
if [ -n "$NAME" ]; then
- if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
+ if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
echo Success. mariadb process is running. 2>&1
exit 0
else
apiVersion: v2
description: ONAP optional tools
name: contrib
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: awx
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/awx'
condition: awx.enabled
- name: ejbca
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/ejbca'
condition: global.cmpv2Enabled
- name: netbox
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/netbox'
condition: netbox.enabled
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
name: awx
sources:
- https://github.com/ansible/awx
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: awx-postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/awx-postgres'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
apiVersion: v2
description: Ansible AWX database
name: awx-postgres
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
service:
type: ClusterIP
name: awx-postgresql
- portName: awx-postgresql
+ portName: tcp-postgresql
internalPort: 5432
externalPort: 5432
apiVersion: v1
fieldPath: metadata.namespace
containers:
- - command: ["/bin/sh","-c"]
- args: ["/etc/tower/job-entrypoint.sh"]
+ - name: {{ include "common.name" . }}-mgnt
+ command:
+ - /bin/sh
+ - -cx
+ - |
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
+ /etc/tower/job-entrypoint.sh
image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.task }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-mgnt
resources:
requests:
cpu: 1500m
name: awx-secret-key
readOnly: true
subPath: SECRET_KEY
-
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
volumes:
- configMap:
defaultMode: 0777
ports:
- port: {{ .Values.service.web.externalPort }}
targetPort: {{ .Values.service.web.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.web.nodePort }}
name: {{ .Values.service.web.portName }}
selector:
app: {{ include "common.fullname" . }}
service:
rmqmgmt:
type: ClusterIP
- portName: rmqmgmt
+ portName: http-rmqmgmt
internalPort: 15672
externalPort: 15672
web:
- type: NodePort
- portName: web
+ type: ClusterIP
+ portName: http-web
internalPort: 8052
externalPort: 8052
- nodePort: 78
rabbitmq:
type: ClusterIP
http:
- portName: http
+ portName: http-rmq
internalPort: 15672
externalPort: 15672
amqp:
- portName: amqp
+ portName: tcp-amqp
internalPort: 5672
externalPort: 5672
nameOverride: awx
roles:
- read
+
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}-mgnt'
apiVersion: v2
description: ONAP EJBCA test server
name: ejbca
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: mariadb-galera
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: global.mariadbGalera.localCluster
- name: mariadb-init
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: not global.mariadbGalera.localCluster
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: cmpv2Config
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
selector: {{- include "common.selectors" . | nindent 4 }}
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+ {{- if (include "common.onServiceMesh" . ) }}
+ annotations:
+ {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }}
+ linkerd.io/inject: disabled
+ {{- end }}
+ {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }}
+ sidecar.istio.io/rewriteAppHTTPProbers: "false"
+ proxy.istio.io/config: '{ "holdApplicationUntilProxyStarts": true }'
+ {{- end }}
+ {{- end }}
spec:
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
lifecycle:
postStart:
exec:
- command: ["/bin/sh", "-c", "/opt/primekey/scripts/ejbca-config.sh"]
+ command:
+ - sh
+ - -c
+ - |
+ sleep 60; /opt/primekey/scripts/ejbca-config.sh
volumeMounts:
- name: "{{ include "common.fullname" . }}-volume"
mountPath: /opt/primekey/scripts/
# probe configuration parameters
liveness:
path: /ejbca/publicweb/healthcheck/ejbcahealth
- port: api
- initialDelaySeconds: 30
+ port: 8443
+ initialDelaySeconds: 180
periodSeconds: 30
readiness:
path: /ejbca/publicweb/healthcheck/ejbcahealth
- port: api
- initialDelaySeconds: 30
+ port: 8443
+ initialDelaySeconds: 180
periodSeconds: 30
service:
port_protocol: http
# Resource Limit flavor -By Default using small
-flavor: small
+flavor: unlimited
# Segregation for Different environment (Small and Large)
resources:
small:
apiVersion: v2
description: Netbox IPAM
name: netbox
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: netbox-app
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/netbox-app'
- name: netbox-nginx
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/netbox-nginx'
- name: netbox-postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/netbox-postgres'
\ No newline at end of file
apiVersion: v2
description: Netbox - Application (WSGI + Gunicorn)
name: netbox-app
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: Netbox - Nginx web server
name: netbox-nginx
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: Netbox Posgres database
name: netbox-postgres
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP Configuration Persistance Service (CPS)
name: cps
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: roles-wrapper
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: standaloneDeployment
- name: cps-core
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: cps-core.enabled
- name: cps-temporal
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: cps-temporal.enabled
- name: ncmp-dmi-plugin
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: ncmp-dmi-plugin.enabled
apiVersion: v2
description: ONAP Configuration Persistance Service (CPS) - Core
name: cps-core
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: global.postgres.localCluster
- name: postgres-init
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: postgres.postgresInit
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
{{/*
# Copyright (C) 2021 Pantheon.tech
# Modifications Copyright (C) 2020 Bell Canada.
-# Modifications Copyright (C) 2021 Nordix Foundation.
+# Modifications Copyright (C) 2021-2022 Nordix Foundation.
# Modifications Copyright (C) 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
password: ${DB_PASSWORD}
driverClassName: org.postgresql.Driver
initialization-mode: always
-
liquibase:
change-log: classpath:changelog/changelog-master.yaml
labels: {{ .Values.config.liquibaseLabels }}
+ kafka:
+ producer:
+ client-id: cps-core
+
security:
- # comma-separated uri patterns which do not require authorization
- permit-uri: /manage/**,/swagger-ui/**,/swagger-resources/**,/api-docs
- auth:
- username: ${CPS_USERNAME}
- password: ${CPS_PASSWORD}
+ # comma-separated uri patterns which do not require authorization
+ permit-uri: /manage/**,/swagger-ui/**,/swagger-resources/**,/api-docs
+ auth:
+ username: ${CPS_USERNAME}
+ password: ${CPS_PASSWORD}
+
logging:
level:
org:
username: ${DMI_USERNAME}
password: ${DMI_PASSWORD}
-{{- if .Values.config.eventPublisher }}
+{{- if .Values.config.useStrimziKafka }}
+spring.kafka.bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+spring.kafka.security.protocol: SASL_PLAINTEXT
+spring.kafka.properties.sasl.mechanism: SCRAM-SHA-512
+spring.kafka.properties.sasl.jaas.config: ${JAASLOGIN}
+{{ else }}
{{ toYaml .Values.config.eventPublisher | nindent 2 }}
{{- end }}
{{- if .Values.config.additional }}
{{ toYaml .Values.config.additional | nindent 2 }}
{{- end }}
+
# Last empty line is required otherwise the last property will be missing from application.yml file in the pod.
{{/*
# Copyright (C) 2021 Pantheon.tech, Orange
# Modifications Copyright (C) 2021 Bell Canada.
-# Modifications Copyright (C) 2021 Nordix Foundation.
+# Modifications Copyright (C) 2021-2022 Nordix Foundation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmi-plugin-user-creds" "key" "login") | indent 12 }}
- name: DMI_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmi-plugin-user-creds" "key" "password") | indent 12 }}
-
+ {{- if .Values.config.useStrimziKafka }}
+ - name: JAASLOGIN
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-kafka-user" "key" "sasl.jaas.config") | indent 12 }}
+ {{- end }}
volumeMounts:
- mountPath: /config-input
name: init-data-input
path: {{ .Values.readiness.path }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ startupProbe:
+ httpGet:
+ path: {{ .Values.startup.path }}
+ port: {{ .Values.startup.port }}
+ failureThreshold: {{ .Values.startup.failureThreshold }}
+ periodSeconds: {{ .Values.startup.periodSeconds }}
env:
- name: SPRING_PROFILES_ACTIVE
value: {{ .Values.config.spring.profile }}
# Copyright (C) 2021 Pantheon.tech, Orange, Bell Canada.
# Modifications Copyright (C) 2022 Bell Canada
+# Modifications Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
login: '{{ .Values.config.dmiPluginUserName }}'
password: '{{ .Values.config.dmiPluginUserPassword }}'
passwordPolicy: generate
+ - uid: cps-kafka-user
+ externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+ type: genericKV
+ envs:
+ - name: sasl.jaas.config
+ value: '{{ .Values.config.someConfig }}'
+ policy: generate
#################################################################
# Global configuration defaults.
container:
name: postgres
-image: onap/cps-and-ncmp:3.0.0
+image: onap/cps-and-ncmp:3.0.1
containerPort: &svc_port 8080
managementPort: &mgt_port 8081
path: /manage/health
port: *mgt_port
+startup:
+ failureThreshold: 5
+ periodSeconds: 60
+ path: /manage/health
+ port: *mgt_port
+
ingress:
enabled: true
service:
#appUserPassword:
dmiPluginUserName: dmiuser
# Any new property can be added in the env by setting in overrides in the format mentioned below
-# All the added properties must be in "key: value" format insead of yaml.
+# All the added properties must be in "key: value" format instead of yaml.
# additional:
# spring.config.max-size: 200
# spring.config.min-size: 10
- eventPublisher:
- spring.kafka.bootstrap-servers: message-router-kafka:9092
- spring.kafka.security.protocol: SASL_PLAINTEXT
- spring.kafka.properties.sasl.mechanism: PLAIN
- spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username=admin password=admin_secret;
- spring.kafka.producer.client-id: cps-core
+# kafka config
+ useStrimziKafka: true
+ kafkaBootstrap: strimzi-kafka-bootstrap
+# If targeting a custom kafka cluster, ie useStrimziKakfa: false
+# uncomment below config and target your kafka bootstrap servers,
+# along with any other security config.
+
+# eventPublisher:
+# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092
+# spring.kafka.security.protocol: SASL_PLAINTEXT
+# spring.kafka.properties.sasl.mechanism: PLAIN
+# spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username=admin password=admin_secret;
additional:
notification.data-updated.enabled: true
apiVersion: v2
description: ONAP Configuration Persistance Service (CPS) - Temporal
name: cps-temporal
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: timescaledb
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
{{/*
# ============LICENSE_START=======================================================
# Copyright (c) 2021 Bell Canada.
+# Modifications Copyright © 2022 Nordix Foundation
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
-security:
- auth:
- username: ${APP_USERNAME}
- password: ${APP_PASSWORD}
+ kafka:
+ consumer:
+ group-id: {{ .Values.config.kafka.consumer.groupId }}
+
+app:
+ listener:
+ data-updated:
+ topic: {{ .Values.config.app.listener.dataUpdatedTopic }}
-# Event consumption properties (kafka)
-{{- if .Values.config.eventConsumption }}
-{{ toYaml .Values.config.eventConsumption | nindent 2 }}
+{{- if .Values.config.useStrimziKafka }}
+spring.kafka.bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+spring.kafka.security.protocol: SASL_PLAINTEXT
+spring.kafka.properties.sasl.mechanism: SCRAM-SHA-512
+spring.kafka.properties.sasl.jaas.config: ${JAASLOGIN}
+{{ else }}
+{{ toYaml .Values.config.eventPublisher | nindent 2 }}
{{- end }}
-# Additional properties
{{- if .Values.config.additional }}
{{ toYaml .Values.config.additional | nindent 2 }}
{{- end }}
+security:
+ auth:
+ username: ${APP_USERNAME}
+ password: ${APP_PASSWORD}
+
# Last empty line is required otherwise the last property will be missing from application.yml file in the pod.
{{/*
# ============LICENSE_START=======================================================
# Copyright (c) 2021 Bell Canada.
+# Modifications Copyright © 2022 Nordix Foundation
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "login") | indent 12 }}
- name: APP_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "password") | indent 12 }}
+ {{- if .Values.config.useStrimziKafka }}
+ - name: JAASLOGIN
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-kafka-user" "key" "sasl.jaas.config") | indent 12 }}
+ {{- end }}
volumeMounts:
- mountPath: /config-input
name: init-data-input
# ============LICENSE_START=======================================================
# Copyright (c) 2021 Bell Canada.
+# Modifications Copyright © 2022 Nordix Foundation
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
login: '{{ .Values.config.appUserName }}'
password: '{{ .Values.config.appUserPassword }}'
passwordPolicy: generate
+ - uid: cps-kafka-user
+ externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+ type: genericKV
+ envs:
+ - name: sasl.jaas.config
+ value: '{{ .Values.config.someConfig }}'
+ policy: generate
image: onap/cps-temporal:1.1.0
containerPort: &svc_port 8080
profile: helm
#appUserPassword:
- # Event consumption (kafka) properties
- # All Kafka properties must be in "key: value" format instead of yaml.
- eventConsumption:
- spring.kafka.bootstrap-servers: message-router-kafka:9092
- spring.kafka.security.protocol: PLAINTEXT
- spring.kafka.consumer.group-id: cps-temporal-group
- app.listener.data-updated.topic: cps.data-updated-events
+# Event consumption (kafka) properties
+ useStrimziKafka: true
+ kafkaBootstrap: strimzi-kafka-bootstrap
+ kafka:
+ consumer:
+ groupId: cps-temporal-group
+ app:
+ listener:
+ dataUpdatedTopic: cps.data-updated-events
+# If targeting a custom kafka cluster, ie useStrimziKakfa: false
+# uncomment below config and target your kafka bootstrap servers,
+# along with any other security config.
+
+# eventConsumption:
+# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092
+# spring.kafka.security.protocol: PLAINTEXT
+# spring.kafka.consumer.group-id: cps-temporal-group
# Any new property can be added in the env by setting in overrides in the format mentioned below
# All the added properties must be in "key: value" format instead of yaml.
apiVersion: v2
description: ONAP Configuration Persistance Service (CPS) - NCMP-DMI-Plugin
name: ncmp-dmi-plugin
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
{{/*
-# Copyright © 2018 AT&T
+# Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-
-apiVersion: policy/v1beta1
-kind: PodDisruptionBudget
+{{- if .Values.config.useStrimziKafka }}
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
metadata:
- name: {{ include "common.fullname" . }}-pdb
+ name: {{ .Values.config.dataUpdatedTopic.name }}
labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- maxUnavailable: {{ include "zk.maxUnavailable" . }}
+ partitions: {{ .Values.config.dataUpdatedTopic.partitions }}
+ config:
+ retention.ms: {{ .Values.config.dataUpdatedTopic.retentionMs }}
+ segment.bytes: {{ .Values.config.dataUpdatedTopic.segmentBytes }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{- if .Values.config.useStrimziKafka }}
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaUser
+metadata:
+ name: {{ include "common.release" . }}-{{ .Values.global.cpsKafkaUser }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ authentication:
+ type: scram-sha-512
+ authorization:
+ type: simple
+ acls:
+ - resource:
+ type: group
+ name: {{ .Values.config.dataUpdatedTopic.consumer.groupId }}
+ operation: Read
+ - resource:
+ type: topic
+ name: {{ .Values.config.dataUpdatedTopic.name }}
+ operation: Read
+ - resource:
+ type: topic
+ name: {{ .Values.config.dataUpdatedTopic.name }}
+ operation: Write
+{{- end }}
\ No newline at end of file
# Copyright (C) 2021 Bell Canada
+# Modifications Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
virtualhost:
baseurl: "simpledemo.onap.org"
+ kafkaBootstrap: strimzi-kafka-bootstrap
+ cpsKafkaUser: cps-kafka-user
+
config:
coreUserName: cpsuser
dmiPluginUserName: dmiuser
+ useStrimziKafka: true
+ dataUpdatedTopic:
+ name: cps.data-updated-events
+ partitions: 10
+ retentionMs: 7200000
+ segmentBytes: 1073741824
+ consumer:
+ groupId: cps-temporal-group
# Enable all CPS components by default
cps-core:
config:
appUserExternalSecret: *core-creds-secret
dmiPluginUserExternalSecret: *dmi-plugin-creds-secret
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.cpsKafkaUser }}'
cps-temporal:
enabled: true
+ config:
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.cpsKafkaUser }}'
ncmp-dmi-plugin:
enabled: true
# ============LICENSE_END=========================================================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE Microservices
name: dcaegen2-services
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- - name: dcae-bbs-eventprocessor-ms
- version: ~10.x-0
- repository: '@local'
- condition: dcae-bbs-eventprocessor-ms.enabled
- name: dcae-datafile-collector
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-datafile-collector.enabled
- name: dcae-datalake-admin-ui
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-datalake-admin-ui.enabled
- name: dcae-datalake-des
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-datalake-des.enabled
- name: dcae-datalake-feeder
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-datalake-feeder.enabled
- name: dcae-heartbeat
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-heartbeat.enabled
- name: dcae-hv-ves-collector
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-hv-ves-collector.enabled
- name: dcae-kpi-ms
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-kpi-ms.enabled
- name: dcae-ms-healthcheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-ms-healthcheck.enabled
- name: dcae-pm-mapper
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-pm-mapper.enabled
- name: dcae-pmsh
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-pmsh.enabled
- name: dcae-prh
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-prh.enabled
- name: dcae-restconf-collector
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-restconf-collector.enabled
- name: dcae-slice-analysis-ms
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-slice-analysis-ms.enabled
- name: dcae-snmptrap-collector
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-snmptrap-collector.enabled
- name: dcae-son-handler
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-son-handler.enabled
- name: dcae-tcagen2
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-tcagen2.enabled
- name: dcae-ves-collector
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-ves-collector.enabled
- name: dcae-ves-mapper
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcae-ves-mapper.enabled
- name: dcae-ves-openapi-manager
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcae-ves-openapi-manager'
condition: dcae-ves-openapi-manager.enabled
# ============LICENSE_END=========================================================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE Microservices Common templates
name: dcaegen2-services-common
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
{{/*
# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2019 AT&T
-# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved.
# Copyright (c) 2021 Nordix Foundation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
.Release.
The template always produces a configMap containing the microservice's
-initial configuration data. This configMap is used by an initContainer
-that loads the configuration into Consul. (See the documentation for
+initial configuration data. (See the documentation for
dcaegen2-services-common.microserviceDeployment for more details.)
-If the microservice is using a logging sidecar (again, see the documentation
-for dcaegen2-services-common.microserviceDeployment for more details), the
-template generates an additiona configMap that supplies configuration
-information for the logging sidecar.
+If the microservice is using one or more Data Router (DR) feeds, the
+template produces a configMap containing the information needed to
+provision the feed(s). An init container performs the provisioning.
+
+If the microservice acts as a DR publisher for one or more feeds, the
+template produces a configMap containing the information needed to
+provision the publisher(s). An init container performs the provisioning.
+
+If the microservice acts as a DR subscriber for one or more feeds, the
+template produces a configMap containing the information needed to
+provision the subscribeer(s). An init container performs the provisioning.
+
*/}}
{{- define "dcaegen2-services-common.configMap" -}}
{{ $drsub | toJson | indent 2 }}
{{- end }}
{{- end }}
-
-{{- if .Values.mrTopicsConfig }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-topics-config
- namespace: {{ include "common.namespace" . }}
- labels: {{ include "common.labels" . | nindent 6 }}
-data:
- {{- range $i, $topics := .Values.mrTopicsConfig }}
- topicsConfig-{{$i}}.json: |-
- {{ $topics | toJson | indent 2 }}
- {{- end }}
-{{- end }}
{{- end }}
The template expects a single argument, pointing to the caller's global context.
Microservice-specific environment variables can be specified in two ways:
- 1. As literal string values.
+ 1. As literal string values. (The values can also be Helm template fragments.)
2. As values that are sourced from a secret, identified by the secret's
uid and the key within the secret that provides the value.
{{- range $envName, $envValue := .Values.applicationEnv }}
{{- if kindIs "string" $envValue }}
- name: {{ $envName }}
- value: {{ $envValue | quote }}
+ value: {{ tpl $envValue $global | quote }}
{{- else }}
{{ if or (not $envValue.secretUid) (not $envValue.key) }}
{{ fail (printf "Env %s definition is not a string and does not contain secretUid or key fields" $envName) }}
logging sidecar and the DCAE microservice container share a
volume where the microservice logs are written.
-The Deployment includes an initContainer that checks for the
-readiness of other components that the microservice relies on.
-This container is generated by the "common.readinessCheck.waitfor"
-template.
-
-If the microservice acts as a TLS client or server, the Deployment will
-include an initContainer that retrieves certificate information from
-the AAF certificate manager. The information is mounted at the
-mount point specified in .Values.certDirectory. If the microservice is
-a TLS server (indicated by setting .Values.tlsServer to true), the
-certificate information will include a server cert and key, in various
-formats. It will also include the AAF CA cert. If the microservice is
-a TLS client only (indicated by setting .Values.tlsServer to false), the
-certificate information includes only the AAF CA cert.
-
Deployed POD may also include a Policy-sync sidecar container.
The sidecar is included if .Values.policies is set. The
Policy-sync sidecar polls PolicyEngine (PDP) periodically based
policyRelease: "onap"
policyID: |
'["onap.vfirewall.tca","onap.vdns.tca"]'
+
+The Deployment includes an initContainer that checks for the
+readiness of other components that the microservice relies on.
+This container is generated by the "common.readinessCheck.waitfor"
+template. See the documentation for this template
+(oom/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl).
+
+If the microservice uses a DMaaP Data Router (DR) feed, the Deployment
+includes an initContainer that makes provisioning requests to the DMaaP
+bus controller (dmaap-bc) to create the feed and to set up a publisher
+and/or subscriber to the feed. The Deployment also includes a second
+initContainer that merges the information returned by the provisioning
+process into the microservice's configuration. See the documentation for
+the common DMaaP provisioning template
+(oom/kubernetes/common/common/templates/_dmaapProvisioning.tpl).
+
+If the microservice acts as a TLS client or server, the Deployment will
+include an initContainer that retrieves certificate information from
+the AAF certificate manager. The information is mounted at the
+mount point specified in .Values.certDirectory. If the microservice is
+a TLS server (indicated by setting .Values.tlsServer to true), the
+certificate information will include a server cert and key, in various
+formats. It will also include the AAF CA cert. If the microservice is
+a TLS client only (indicated by setting .Values.tlsServer to false), the
+certificate information includes only the AAF CA cert.
+
+If the microservice uses certificates from an external CMPv2 provider,
+the Deployment will include an initContainer that performs certificate
+post-processing.
*/}}
{{- define "dcaegen2-services-common.microserviceDeployment" -}}
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers:
- {{- if not $drFeedConfig }}
- - command:
- - sh
- args:
- - -c
- - |
- {{- range $var := .Values.customEnvVars }}
- export {{ $var.name }}="{{ $var.value }}";
- {{- end }}
- cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done
- env:
- {{- range $cred := .Values.credentials }}
- - name: {{ $cred.name }}
- {{- include "common.secret.envFromSecretFast" (dict "global" $ "uid" $cred.uid "key" $cred.key) | indent 10 }}
- {{- end }}
- volumeMounts:
- - mountPath: /config-input
- name: app-config-input
- - mountPath: /config
- name: app-config
- image: {{ include "repositoryGenerator.image.envsubst" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-update-config
- {{- end }}
{{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
{{- include "common.dmaap.provisioning.initContainer" . | nindent 6 }}
{{- if $certDir }}
resources: {{ include "common.resources" . | nindent 2 }}
volumeMounts:
- mountPath: /app-config
- name: app-config
+ name: {{ ternary "app-config-input" "app-config" (not $drFeedConfig) }}
- mountPath: /app-config-input
name: app-config-input
{{- if $logDir }}
+++ /dev/null
-# ================================ LICENSE_START =============================
-# ============================================================================
-# Copyright (c) 2021 AT&T Intellectual Property
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-# ============================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ================================= LICENSE_END ==============================
-
-apiVersion: v2
-appVersion: "Jakarta"
-description: DCAE BBS-EventProcessor Microservice
-name: dcae-bbs-eventprocessor-ms
-version: 10.0.0
-
-dependencies:
- - name: common
- version: ~10.x-0
- repository: '@local'
- - name: readinessCheck
- version: ~10.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~10.x-0
- repository: '@local'
- - name: dcaegen2-services-common
- version: ~10.x-0
- repository: '@local'
- - name: serviceAccount
- version: ~10.x-0
- repository: '@local'
+++ /dev/null
-{{/*
-################################################################################
-# Copyright (c) 2021 AT&T Intellectual Property #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
-*/}}
-
-{{ include "dcaegen2-services-common.configMap" . }}
\ No newline at end of file
+++ /dev/null
-{{/*
-################################################################################
-# Copyright (c) 2021 AT&T Intellectual Property #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
-*/}}
-
-{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file
+++ /dev/null
-{{/*
-################################################################################
-# Copyright (c) 2021 AT&T Intellectual Property #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
-*/}}
-
-{{ include "common.secretFast" . }}
\ No newline at end of file
+++ /dev/null
-{{/*
-################################################################################
-# Copyright (c) 2021 AT&T Intellectual Property #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
-*/}}
-
-{{ include "common.service" . }}
\ No newline at end of file
+++ /dev/null
-# ================================ LICENSE_START =============================
-# ============================================================================
-# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved.
-# ============================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ================================= LICENSE_END ==============================
-
-#################################################################
-# Global Configuration Defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- nodePortPrefixExt: 304
- centralizedLoggingEnabled: true
-
-#################################################################
-# Filebeat Configuration Defaults.
-#################################################################
-filebeatConfig:
- logstashServiceName: log-ls
- logstashPort: 5044
-
-#################################################################
-# Secrets Configuration.
-#################################################################
-secrets:
- - uid: &aafCredsUID aafcreds
- type: basicAuth
- login: '{{ .Values.aafCreds.identity }}'
- password: '{{ .Values.aafCreds.password }}'
- passwordPolicy: required
- - uid: &aaiCredsUID aaicreds
- type: basicAuth
- login: '{{ .Values.aaiCreds.username }}'
- password: '{{ .Values.aaiCreds.password }}'
- passwordPolicy: required
-
-
-#################################################################
-# InitContainer Images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1
-
-#################################################################
-# Application Configuration Defaults.
-#################################################################
-# Application Image
-image: onap/org.onap.dcaegen2.services.components.bbs-event-processor:2.1.1
-pullPolicy: Always
-
-# Log directory where logging sidecar should look for log files
-# if path is set to null sidecar won't be deployed in spite of
-# global.centralizedLoggingEnabled setting.
-log:
- path: /opt/app/bbs-event-processor/logs
-logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
-
-# Directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /opt/app/bbs-event-processor/etc/cert/
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: true
-
-# Dependencies
-readinessCheck:
- wait_for:
- - dcae-config-binding-service
- - aaf-cm
-
-# Probe Configuration
-readiness:
- initialDelaySeconds: 120
- periodSeconds: 180
- timeoutSeconds: 5
- path: /heartbeat
- scheme: HTTP
- port: 8100
-
-
-# Service Configuration
-service:
- type: ClusterIP
- name: dcae-bbs-eventprocessor
- ports:
- - name: https
- port: 8100
- port_protocol: http
-
-# AAF Credentials
-aafCreds:
- identity: dcae@dcae.onap.org
- password: demo123456!
-
-# AAI Credentials
-aaiCreds:
- username: AAI
- password: AAI
-
-credentials:
-- name: AAF_USERNAME
- uid: *aafCredsUID
- key: login
-- name: AAF_PASSWORD
- uid: *aafCredsUID
- key: password
-- name: AAI_USERNAME
- uid: *aaiCredsUID
- key: login
-- name: AAI_PASSWORD
- uid: *aaiCredsUID
- key: password
-
-
-# Initial Application Configuration
-applicationConfig:
- streams_subscribes:
- pnf_reregistration:
- type: message_router
- aaf_username: ${AAF_USERNAME}
- aaf_password: ${AAF_PASSWORD}
- dmaap_info:
- topic_url: https:message-router:3905/events/unauthenticated.PNF_UPDATE
- cpe_authentication:
- type: message_router
- aaf_username: ${AAF_USERNAME}
- aaf_password: ${AAF_PASSWORD}
- dmaap_info:
- topic_url: https:message-router:3905/events/unauthenticated.CPE_AUTHENTICATION
- streams_publishes:
- close_loop:
- type: message_router
- aaf_username: ${AAF_USERNAME}
- aaf_password: ${AAF_PASSWORD}
- dmaap_info:
- topic_url: https:message-router:3905/events/unauthenticated.DCAE_CL_OUTPUT
- dmaap.protocol: https
- dmaap.contentType: application/json
- dmaap.consumer.consumerId: c12
- dmaap.consumer.consumerGroup: OpenDcae-c12
- dmaap.messageLimit: -1
- dmaap.timeoutMs: -1
- aai.host: aai.onap
- aai.port: 8443
- aai.protocol: https
- aai.username: ${AAI_USERNAME}
- aai.password: ${AAF_PASSWORD}
- aai.aaiIgnoreSslCertificateErrors: true
- application.pipelinesPollingIntervalSec: 25
- application.pipelinesTimeoutSec: 15
- application.cbsPollingIntervalSec: 120
- application.policyVersion: 1.0.0.5
- application.clTargetType: VM
- application.clEventStatus: ONSET
- application.clVersion: 1.0.2
- application.clTarget: vserver.vserver-name
- application.clOriginator: DCAE-BBS-ep
- application.reregistration.policyScope: policyScopeReReg
- application.reregistration.clControlName: clControlNameReReg
- application.cpe.authentication.policyScope: policyScopeCpeAuth
- application.cpe.authentication.clControlName: clControlNameCpeAuth
- application.reregistration.configKey: pnf_reregistration
- application.cpeAuth.configKey: cpe_authentication
- application.closeLoop.configKey: close_loop
- application.loggingLevel: INFO
- application.ssl.keyStorePath: "/opt/app/bbs-event-processor/etc/cert/cert.jks"
- application.ssl.keyStorePasswordPath: "/opt/app/bbs-event-processor/etc/cert/jks.pass"
- application.ssl.trustStorePath: "/opt/app/bbs-event-processor/etc/cert/trust.jks"
- application.ssl.trustStorePasswordPath: "/opt/app/bbs-event-processor/etc/cert/trust.pass"
- application.ssl.enableAaiCertAuth: true
- application.ssl.enableDmaapCertAuth: true
-
-# Resource Limit Flavor -By Default Using Small
-flavor: small
-
-# Segregation for Different Environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 1
- memory: 1Gi
- requests:
- cpu: 1
- memory: 1Gi
- large:
- limits:
- cpu: 2
- memory: 2Gi
- requests:
- cpu: 2
- memory: 2Gi
- unlimited: {}
-
-#Pods Service Account
-serviceAccount:
- nameOverride: dcae-bbs-eventprocessor-ms
- roles:
- - read
# ================================= LICENSE_END ==============================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE DataFile Collector Helm charts
name: dcae-datafile-collector
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certManagerCertificate
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.7.1
+image: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.8.0
pullPolicy: Always
# Log directory where logging sidecar should look for log files
dmaap.certificateConfig.keyPasswordPath: /opt/app/datafile/etc/cert/p12.pass
dmaap.certificateConfig.trustedCa: /opt/app/datafile/etc/cert/trust.jks
dmaap.certificateConfig.trustedCaPasswordPath: /opt/app/datafile/etc/cert/trust.pass
+ dmaap.certificateConfig.enableCertAuth: true
dmaap.dmaapConsumerConfiguration.consumerGroup: OpenDcae-c12
dmaap.dmaapConsumerConfiguration.consumerId: C12
dmaap.dmaapConsumerConfiguration.timeoutMs: -1
# ============LICENSE_END=========================================================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE datalake-admin-ui helm chart
name: dcae-datalake-admin-ui
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# ================================= LICENSE_END ==============================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE Datalake DES MS charts
name: dcae-datalake-des
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# ================================= LICENSE_END ==============================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE Datalake feeder MS charts
name: dcae-datalake-feeder
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# ================================= LICENSE_END ==============================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE Heartbeat Microservice
name: dcae-heartbeat
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# ============LICENSE_END=========================================================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE HV VES collector
name: dcae-hv-ves-collector
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certManagerCertificate
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
--- /dev/null
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaUser
+metadata:
+ name: {{ include "common.release" . }}-{{ .Values.hvVesKafkaUser }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ authentication:
+ type: scram-sha-512
+ authorization:
+ type: simple
+ acls:
+ - resource:
+ type: topic
+ name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-fault-supervision" "kafka_info" "topic_name" }}
+ operation: Write
+ - resource:
+ type: topic
+ name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-provisioning" "kafka_info" "topic_name" }}
+ operation: Write
+ - resource:
+ type: topic
+ name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-heartbeat" "kafka_info" "topic_name" }}
+ operation: Write
+ - resource:
+ type: topic
+ name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-performance-assurance" "kafka_info" "topic_name" }}
+ operation: Write
+ - resource:
+ type: topic
+ name: {{ .Values.applicationConfig.streams_publishes.perf3gpp.kafka_info.topic_name }}
+ operation: Write
--- /dev/null
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: ves-3gpp-fault-supervision
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-fault-supervision" "kafka_info" "topic_name" }}
+ partitions: 10
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: ves-3gpp-provisioning
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-provisioning" "kafka_info" "topic_name" }}
+ partitions: 10
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: ves-3gpp-heartbeat
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-heartbeat" "kafka_info" "topic_name" }}
+ partitions: 10
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: ves-3gpp-performance-assurance
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-performance-assurance" "kafka_info" "topic_name" }}
+ partitions: 10
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: perf3gpp
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ topicName: {{ .Values.applicationConfig.streams_publishes.perf3gpp.kafka_info.topic_name }}
+ partitions: 10
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
# ================================================================================
# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved.
# Copyright (c) 2021-2022 Nokia. All rights reserved.
+# Copyright © 2022 Nordix Foundation
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
tlsServer: true
secrets:
- - uid: &aafCredsUID aafcreds
- type: basicAuth
- login: '{{ .Values.aafCreds.user }}'
- password: '{{ .Values.aafCreds.password }}'
- passwordPolicy: required
+ - uid: hv-ves-kafka-secret
+ externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+ type: genericKV
+ envs:
+ - name: sasl.jaas.config
+ value: '{{ .Values.config.someConfig }}'
+ policy: generate
+config:
+ someConfig: blah
# CMPv2 certificate
# It is used only when:
port_protocol: http
nodePort: 22
-aafCreds:
- user: admin
- password: admin_secret
-
-credentials:
-- name: AAF_USER
- uid: *aafCredsUID
- key: login
-- name: AAF_PASSWORD
- uid: *aafCredsUID
- key: password
+#strimzi kafka config
+hvVesKafkaUser: dcae-hv-ves-kafka-user
# initial application configuration
applicationConfig:
streams_publishes:
ves-3gpp-fault-supervision:
type: kafka
- aaf_credentials:
- username: ${AAF_USER}
- password: ${AAF_PASSWORD}
kafka_info:
- bootstrap_servers: message-router-kafka:9092
+ bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS}
topic_name: SEC_3GPP_FAULTSUPERVISION_OUTPUT
ves-3gpp-provisioning:
type: kafka
- aaf_credentials:
- username: ${AAF_USER}
- password: ${AAF_PASSWORD}
kafka_info:
- bootstrap_servers: message-router-kafka:9092
+ bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS}
topic_name: SEC_3GPP_PROVISIONING_OUTPUT
ves-3gpp-heartbeat:
type: kafka
- aaf_credentials:
- username: ${AAF_USER}
- password: ${AAF_PASSWORD}
kafka_info:
- bootstrap_servers: message-router-kafka:9092
+ bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS}
topic_name: SEC_3GPP_HEARTBEAT_OUTPUT
ves-3gpp-performance-assurance:
type: kafka
- aaf_credentials:
- username: ${AAF_USER}
- password: ${AAF_PASSWORD}
kafka_info:
- bootstrap_servers: message-router-kafka:9092
+ bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS}
topic_name: SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT
perf3gpp:
type: kafka
- aaf_credentials:
- username: ${AAF_USER}
- password: ${AAF_PASSWORD}
kafka_info:
- bootstrap_servers: message-router-kafka:9092
+ bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS}
topic_name: HV_VES_PERF3GPP
applicationEnv:
JAVA_OPTS: '-Dlogback.configurationFile=/etc/ONAP/dcae-hv-ves-collector/logback.xml'
CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml'
+ KAFKA_BOOTSTRAP_SERVERS: '{{ include "common.release" . }}-strimzi-kafka-bootstrap:9092'
+ USE_SCRAM: 'true'
+ JAAS_CONFIG:
+ secretUid: hv-ves-kafka-secret
+ key: sasl.jaas.config
# Resource Limit flavor -By Default using small
flavor: small
# ============LICENSE_END=========================================================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE KPI MS chart
name: dcae-kpi-ms
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
tlsServer: true
enable_tls: true
-dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1
-policies:
- policyID: |
- '["com.Config_KPIMS_CONFIG_POLICY"]'
+# Optional Policy configuration properties
+# if present, policy-sync side car will be deployed
+#dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1
+#policies:
+# policyID: |
+# '["com.Config_KPIMS_CONFIG_POLICY"]'
# Dependencies
readinessCheck:
cid: kpi-cid
streams_subscribes:
performance_management_topic:
- aafUsername: ${AAF_IDENTITY}
- aafPassword: ${AAF_PASSWORD}
type: message-router
dmaap_info:
topic_url: http://message-router:3904/events/unauthenticated.PERFORMANCE_MEASUREMENTS
streams_publishes:
kpi_topic:
- aafUsername: ${AAF_IDENTITY}
- aafPassword: ${AAF_PASSWORD}
type: message-router
dmaap_info:
topic_url: http://message-router:3904/events/unauthenticated.DCAE_KPI_OUTPUT
# ============LICENSE_END=========================================================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: ONAP DCAE Microservice Health Check
name: dcae-ms-healthcheck
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# ================================= LICENSE_END ==============================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE PM-Mapper Helm charts
name: dcae-pm-mapper
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../../common/dcaegen2-services-common'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
privilegedSubscriber: true
deliveryURL: http://dcae-pm-mapper:8081/delivery
-# MessageRouter Topic, Publisher Configuration
-mrTopicsConfig:
- - topicName: PERFORMANCE_MEASUREMENTS
- topicDescription: PM Mapper publishes perf3gpp VES PM Events to authenticated MR topic
- owner: dcaecm
- tnxEnabled: false
- clients:
- - dcaeLocationName: san-francisco
- clientRole: org.onap.dcae.pmPublisher
- action:
- - pub
- - view
-
# ConfigMap Configuration for Dr Feed, Subscriber, MR Topics
volumes:
- name: feeds-config
path: /opt/app/config/feeds
- name: drsub-config
path: /opt/app/config/dr_subs
- - name: topics-config
- path: /opt/app/config/topics
# Resource Limit Flavor -By Default Using Small
flavor: small
# ================================= LICENSE_END ==============================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE PMSH Service
name: dcae-pmsh
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.services.pmsh:2.0.0
+image: onap/org.onap.dcaegen2.services.pmsh:2.2.2
pullPolicy: Always
# Log directory where logging sidecar should look for log files
# ============LICENSE_END=========================================================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE PRH
name: dcae-prh
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
uid: *aaiCredsUID
key: password
-customEnvVars:
-- name: AUTH_HDR
- value: "Basic `echo -n ${AAI_USER}:${AAI_PASSWORD} | base64`"
-
# initial application configuration
applicationConfig:
dmaap.dmaapConsumerConfiguration.dmaapContentType: "application/json"
X-TransactionId: "9999"
Accept: "application/json"
Real-Time: "true"
- Authorization: $AUTH_HDR
+ Authorization: ${AUTH_HDR}
security.trustStorePath: "/opt/app/prh/etc/cert/trust.jks"
security.trustStorePasswordPath: "/opt/app/prh/etc/cert/trust.pass"
security.keyStorePath: "/opt/app/prh/etc/cert/cert.jks"
applicationEnv:
CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml'
+ AUTH_HDR: '{{ printf "Basic %s" (print .Values.aaiCreds.user ":" .Values.aaiCreds.password | b64enc) }}'
# Resource Limit flavor -By Default using small
flavor: small
# ================================= LICENSE_END ==============================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE RESTConf Collector
name: dcae-restconf-collector
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
topic_url: http://message-router:3904/events/unauthenticated.DCAE_RCC_OUTPUT
type: message_router
#rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"${CONTROLLER_IP}:{CONTROLLER_PORT}","controller_restapiUser":"${CONTROLLER_USERNAME}","controller_restapiPassword":"${CONTROLLER_PASSWORD}","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]'
- rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"172.30.0.55:26335","controller_restapiUser":"${CONTROLLER_USERNAME}","controller_restapiPassword":"${CONTROLLER_PASSWORD}","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]'
+ # Workaround while DCAEGEN2-3234 is being resolved--hardcording the ${CONTROLLER_USERNAME} and ${CONTROLLER_PASSWORD} until the restconf-collector uses the latest CBS client SDK that can handle multiple substitutions in a string.
+ # The line immediately below this one should be used once DCAEGEN-3234 is resolved.
+ #rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"172.30.0.55:26335","controller_restapiUser":"${CONTROLLER_USERNAME}","controller_restapiPassword":"${CONTROLLER_PASSWORD}","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]'
+ rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"172.30.0.55:26335","controller_restapiUser":"access","controller_restapiPassword":"Huawei@123","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]'
#applicationEnv:
# CONTROLLER_IP: "172.30.0.55"
# ============LICENSE_END=========================================================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE SliceAnalysis MS charts
name: dcae-slice-analysis-ms
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# ============================================================================
# Copyright (C) 2021-2022 Wipro Limited.
# Copyright (c) 2022 J. F. Lucas. All rights reserved.
+# Copyright (C) 2022 Huawei Canada Limited.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.0.7
+image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.1.3
# Log directory where logging sidecar should look for log files
# if path is set to null sidecar won't be deployed in spite of
sliceanalysisms.rannfnssiDetailsTemplateId: get-rannfnssiid-details
sliceanalysisms.desUrl: http://dl-des:1681/datalake/v1/exposure/pm_data
sliceanalysisms.pmDataDurationInWeeks: 4
+ sliceanalysisms.vesNotifPollingInterval: 15
+ sliceanalysisms.vesNotifChangeIdentifier: PM_BW_UPDATE
+ sliceanalysisms.vesNotifChangeType: BandwidthChanged
+ sliceanalysisms.aaiNotif.targetAction: UPDATE
+ sliceanalysisms.aaiNotif.targetSource: UUI
+ sliceanalysisms.aaiNotif.targetEntity: service-instance
+ sliceanalysisms.ccvpnEvalInterval: 15
+ sliceanalysisms.ccvpnEvalThreshold: 0.8
+ sliceanalysisms.ccvpnEvalPrecision: 100.0
+ sliceanalysisms.ccvpnEvalPeriodicCheckOn: true
+ sliceanalysisms.ccvpnEvalOnDemandCheckOn: true
streams_publishes:
CL_topic:
type: message-router
- aaf_username: ${AAF_IDENTITY}
- aaf_password: ${AAF_PASSWORD}
dmaap_info:
topic_url: http://message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT
streams_subscribes:
performance_management_topic:
type: message-router
- aaf_username: ${AAF_IDENTITY}
- aaf_password: ${AAF_PASSWORD}
dmaap_info:
topic_url: http://message-router:3904/events/unauthenticated.PERFORMANCE_MEASUREMENTS
intelligent_slicing_topic:
type: message-router
- aaf_username: ${AAF_IDENTITY}
- aaf_password: ${AAF_PASSWORD}
dmaap_info:
topic_url: http://message-router:3904/events/unauthenticated.ML_RESPONSE_TOPIC
dcae_cl_response_topic:
type: message-router
- aaf_username: ${AAF_IDENTITY}
- aaf_password: ${AAF_PASSWORD}
dmaap_info:
topic_url: http://message-router:3904/events/DCAE_CL_RSP
+ ves_ccvpn_notification_topic:
+ type: message-router
+ dmaap_info:
+ topic_url: http://message-router:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT
+ aai_subscriber:
+ type: message-router
+ servers : ["message-router:3904"]
+ consumer_group: dcae_ccvpn_cl
+ consumer_instance: dcae_ccvpn_cl_aaievent
+ fetch_timeout: 15000
+ fetch_limit: 100
+ dmaap_info:
+ topic_url: http://message-router:3904/events/AAI-EVENT
applicationEnv:
STANDALONE: 'false'
# ================================= LICENSE_END ==============================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE SNMPTrap Collector
name: dcae-snmptrap-collector
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# ============= LICENSE_END ==================================================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE Son-handler helm chart
name: dcae-son-handler
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.services.son-handler:2.1.6
+image: onap/org.onap.dcaegen2.services.son-handler:2.1.7
pullPolicy: Always
# Log directory where logging sidecar should look for log files
# and key from AAF and mount them in certDirectory.
tlsServer: false
-# Policy configuraiton properties
+# Optional Policy configuration properties
# if present, policy-sync side car will be deployed
-dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1
-policies:
- policyID: |
- '["com.Config_PCIMS_CONFIG_POLICY"]'
+#dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1
+#policies:
+# policyID: |
+# '["com.Config_PCIMS_CONFIG_POLICY"]'
# Dependencies
readinessCheck:
streams_publishes:
CL_topic:
type: message-router
- aaf_username: ${AAF_IDENTITY}
- aaf_password: ${AAF_PASSWORD}
dmaap_info:
topic_url: http://message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT
streams_subscribes:
performance_management_topic:
type: message-router
- aaf_username: ${AAF_IDENTITY}
- aaf_password: ${AAF_PASSWORD}
dmaap_info:
topic_url: http://message-router:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT
fault_management_topic:
type: message-router
- aaf_username: ${AAF_IDENTITY}
- aaf_password: ${AAF_PASSWORD}
dmaap_info:
topic_url: http://message-router:3904/events/unauthenticated.SEC_FAULT_OUTPUT
nbr_list_change_topic:
type: message-router
- aaf_username: ${AAF_IDENTITY}
- aaf_password: ${AAF_PASSWORD}
dmaap_info:
topic_url: http://message-router:3904/events/PCI-NOTIF-TOPIC-NGHBR-LIST-CHANGE-INFO
dcae_cl_response_topic:
type: message-router
- aaf_username: ${AAF_IDENTITY}
- aaf_password: ${AAF_PASSWORD}
dmaap_info:
topic_url: http://message-router:3904/events/DCAE_CL_RSP
service_calls:
# ============LICENSE_END=========================================================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE TCA (Gen 2)
name: dcae-tcagen2
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: mongo
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
# ============LICENSE_END=========================================================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE VES Collector
name: dcae-ves-collector
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certManagerCertificate
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# ================================= LICENSE_END ==============================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: DCAE VES-Mapper Microservice
name: dcae-ves-mapper
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP DCAE VES OpenApi Manager
name: dcae-ves-openapi-manager
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
global:
centralizedLoggingEnabled: true
+ hvVesKafkaUser: dcae-hv-ves-kafka-user
#################################################################
# Filebeat Configuration Defaults.
# Control deployment of DCAE microservices at ONAP installation time
dcae-ves-openapi-manager:
enabled: true
-dcae-bbs-eventprocessor-ms:
- enabled: false
- logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-datafile-collector:
enabled: false
logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
dcae-hv-ves-collector:
enabled: true
logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
+ config:
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.hvVesKafkaUser }}'
dcae-kpi-ms:
enabled: false
logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
apiVersion: v2
description: ONAP DCAE Gen2
name: dcaegen2
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcae-bootstrap
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcae-bootstrap'
condition: dcae-bootstrap.enabled
- name: dcae-cloudify-manager
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcae-cloudify-manager'
condition: dcae-cloudify-manager.enabled
- name: dcae-config-binding-service
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcae-config-binding-service'
condition: dcae-config-binding-service.enabled
- name: dcae-healthcheck
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcae-healthcheck'
condition: dcae-healthcheck.enabled
- name: dcae-servicechange-handler
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcae-servicechange-handler'
condition: dcae-servicechange-handler.enabled
- name: dcae-inventory-api
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcae-inventory-api'
condition: dcae-inventory-api.enabled
- name: dcae-deployment-handler
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcae-deployment-handler'
condition: dcae-deployment-handler.enabled
- name: dcae-policy-handler
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcae-policy-handler'
condition: dcae-policy-handler.enabled
- name: dcae-dashboard
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcae-dashboard'
condition: dcae-dashboard.enabled
apiVersion: v2
description: ONAP DCAE Bootstrap
name: dcae-bootstrap
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
alias: postgres
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
apiVersion: v2
description: ONAP DCAE Cloudify Manager
name: dcae-cloudify-manager
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: cmpv2Config
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
apiVersion: v2
description: ONAP DCAE Config Binding Service
name: dcae-config-binding-service
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
appVersion: "1.0"
description: DCAE Dashboard
name: dcae-dashboard
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP DCAE Deployment Handler
name: dcae-deployment-handler
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP DCAE Health Check
name: dcae-healthcheck
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP DCAE Inventory API Service
name: dcae-inventory-api
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP DCAE Policy Handler
name: dcae-policy-handler
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP DCAE Service Change Handler
name: dcae-servicechange-handler
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP DCAE MOD
name: dcaemod
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaemod-genprocessor
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcaemod-genprocessor'
condition: dcaemod-genprocessor.enabled
- name: dcaemod-distributor-api
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcaemod-distributor-api'
condition: dcaemod-distributor-api.enabled
- name: dcaemod-designtool
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcaemod-designtool'
condition: dcaemod-designtool.enabled
- name: dcaemod-onboarding-api
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcaemod-onboarding-api'
condition: dcaemod-onboarding-api.enabled
- name: dcaemod-runtime-api
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcaemod-runtime-api'
condition: dcaemod-runtime-api.enabled
- name: dcaemod-nifi-registry
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcaemod-nifi-registry'
condition: dcaemod-nifi-registry.enabled
- name: dcaemod-healthcheck
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dcaemod-healthcheck'
condition: dcaemod-healthcheck.enabled
apiVersion: v2
description: ONAP DCAE MOD Design Tool
name: dcaemod-designtool
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP DCAE MOD Distributor API
name: dcaemod-distributor-api
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP DCAE MOD Genprocessor
name: dcaemod-genprocessor
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP DCAE MOD Health Check
name: dcaemod-healthcheck
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP DCAE MOD Nifi Registry
name: dcaemod-nifi-registry
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP DCAE MOD Onboarding API
name: dcaemod-onboarding-api
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP DCAE MOD Runtime API
name: dcaemod-runtime-api
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# ============LICENSE_END=========================================================
apiVersion: v2
-appVersion: "Jakarta"
+appVersion: "Kohn"
description: TBD
name: TBD
version: TBD
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: dcaegen2-services-common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: postgres.enabled
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: mongo
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: mongo.enabled
nodePortPrefix: 302
nodePortPrefixExt: 304
-#################################################################
-# Filebeat configuration defaults.
-#################################################################
-filebeatConfig:
- logstashServiceName: log-ls
- logstashPort: 5044
-
#################################################################
# initContainer images.
#################################################################
# log directory where logging sidecar should look for log files
# if absent, no sidecar will be deployed
-#logDirectory: TBD #/opt/app/VESCollector/logs #DONE
-
-# Following requires manual override until fix for DCAEGEN2-3087
-# is available to switch logDirectory setting to log.path
-log:
- path: /opt/app/
+#log:
+# path: TBD #/opt/app/VESCollector/logs #DONE
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# directory where TLS certs should be stored
# application image
-image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.2
+image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.3
# Resource Limit flavor -By Default using small
flavor: small
# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs,Bell Canada
# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
+# Modifications Copyright © 2021-2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
apiVersion: v2
description: ONAP DMaaP components
name: dmaap
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
+ - name: dmaap-strimzi
+ version: ~11.x-0
+ repository: 'file://components/dmaap-strimzi'
+ condition: dmaap-strimzi.enabled
- name: message-router
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/message-router'
condition: message-router.enabled
- name: dmaap-bc
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dmaap-bc'
condition: dmaap-bc.enabled
- name: dmaap-dr-node
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dmaap-dr-node'
condition: dmaap-dr-node.enabled
- name: dmaap-dr-prov
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dmaap-dr-prov'
condition: dmaap-dr-prov.enabled
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: a Helm chart to deploy ONAP DMaaP Bus Controller (aka dmaap-bc) in Kubernetes
name: dmaap-bc
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: PG.enabled
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP DMaaP Data Router Node Server
name: dmaap-dr-node
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP DMaaP Data Router Provisioning Server
name: dmaap-dr-prov
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: mariadb-galera
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: global.mariadbGalera.localCluster
- name: mariadb-init
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
.project
.idea/
*.tmproj
+Chart.lock
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
+# Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
apiVersion: v2
-description: ONAP Dmaap Message Router Zookeeper Service
-name: message-router-zookeeper
-version: 10.0.0
+description: ONAP Dmaap Strimzi Kafka Bridge
+name: dmaap-strimzi
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# limitations under the License.
ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../../dist
+OUTPUT_DIR := $(ROOT_DIR)/../dist
PACKAGE_DIR := $(OUTPUT_DIR)/packages
SECRET_DIR := $(OUTPUT_DIR)/secrets
-EXCLUDES :=
+EXCLUDES := dist resources templates charts docker
HELM_BIN := helm
HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-
-apiVersion: v1
-kind: Service
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaBridge
metadata:
- name: {{ .Values.service.name }}
+ name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
spec:
- ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- clusterIP: None
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
-
+ replicas: {{ .Values.kafkaBridgeReplicaCount }}
+ enableMetrics: false
+ bootstrapServers: {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}:{{ .Values.global.kafkaInternalPort }}
+ authentication:
+ type: {{ .Values.global.saslMechanism }}
+ username: {{ .Values.global.kafkaStrimziAdminUser }}
+ passwordSecret:
+ secretName: {{ .Values.global.kafkaStrimziAdminUser }}
+ password: password
+ http:
+ port: {{ .Values.kafkaBridgePort }}
--- /dev/null
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ kafkaBootstrap: strimzi-kafka-bootstrap
+ kafkaStrimziAdminUser: strimzi-kafka-admin
+ kafkaInternalPort: 9092
+ saslMechanism: scram-sha-512
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+kafkaBridgeReplicaCount: 1
+kafkaBridgePort: 8080
+
+ingress:
+ enabled: false
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: dmaap-strimzi
+ roles:
+ - read
# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018 AT&T
# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
+# Modifications Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
apiVersion: v2
description: ONAP Message Router
name: message-router
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- - name: message-router-kafka
- version: ~10.x-0
- repository: 'file://components/message-router-kafka'
- - name: message-router-zookeeper
- version: ~10.x-0
- repository: 'file://components/message-router-zookeeper'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
+++ /dev/null
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: ONAP Message Router Kafka Service
-name: message-router-kafka
-version: 10.0.0
-
-dependencies:
- - name: common
- version: ~10.x-0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
- repository: '@local'
- - name: certInitializer
- version: ~10.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~10.x-0
- repository: '@local'
- - name: serviceAccount
- version: ~10.x-0
- repository: '@local'
+++ /dev/null
-jmxUrl: service:jmx:rmi:///jndi/rmi://localhost:{{ .Values.jmx.port }}/jmxrmi
-lowercaseOutputName: true
-lowercaseOutputLabelNames: true
-ssl: false
-rules:
-- pattern : kafka.server<type=ReplicaManager, name=(.+)><>(Value|OneMinuteRate)
- name: "cp_kafka_server_replicamanager_$1"
-- pattern : kafka.controller<type=KafkaController, name=(.+)><>Value
- name: "cp_kafka_controller_kafkacontroller_$1"
-- pattern : kafka.server<type=BrokerTopicMetrics, name=(.+)><>OneMinuteRate
- name: "cp_kafka_server_brokertopicmetrics_$1"
-- pattern : kafka.network<type=RequestMetrics, name=RequestsPerSec, request=(.+)><>OneMinuteRate
- name: "cp_kafka_network_requestmetrics_requestspersec_$1"
-- pattern : kafka.network<type=SocketServer, name=NetworkProcessorAvgIdlePercent><>Value
- name: "cp_kafka_network_socketserver_networkprocessoravgidlepercent"
-- pattern : kafka.server<type=ReplicaFetcherManager, name=MaxLag, clientId=(.+)><>Value
- name: "cp_kafka_server_replicafetchermanager_maxlag_$1"
-- pattern : kafka.server<type=KafkaRequestHandlerPool, name=RequestHandlerAvgIdlePercent><>OneMinuteRate
- name: "cp_kafka_kafkarequesthandlerpool_requesthandleravgidlepercent"
-- pattern : kafka.controller<type=ControllerStats, name=(.+)><>OneMinuteRate
- name: "cp_kafka_controller_controllerstats_$1"
-- pattern : kafka.server<type=SessionExpireListener, name=(.+)><>OneMinuteRate
- name: "cp_kafka_server_sessionexpirelistener_$1"
+++ /dev/null
-KafkaServer {
- org.onap.dmaap.kafkaAuthorize.PlainLoginModule1 required
- username="${KAFKA_ADMIN}"
- password="${KAFKA_PSWD}"
- user_${KAFKA_ADMIN}="${KAFKA_PSWD}";
-};
-Client {
- org.apache.zookeeper.server.auth.DigestLoginModule required
- username="${ZK_ADMIN}"
- password="${ZK_PSWD}";
- };
+++ /dev/null
-Client {
- org.apache.zookeeper.server.auth.DigestLoginModule required
- username="${ZK_ADMIN}"
- password="${ZK_PSWD}";
- };
\ No newline at end of file
+++ /dev/null
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
+++ /dev/null
-{{/*
-# Copyright © 2019 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if .Values.global.aafEnabled }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-jaas-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/jaas/kafka_server_jaas.conf").AsConfig . | indent 2 }}
----
-{{- else }}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-jaas-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/jaas/zk_client_jaas.conf").AsConfig . | indent 2 }}
----
-{{- end }}
-{{- if .Values.prometheus.jmx.enabled }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-prometheus-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/jmx-kafka-prometheus.yml").AsConfig . | indent 2 }}
----
-{{- end }}
+++ /dev/null
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- $global := . -}}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if eq "True" (include "common.needPV" .) -}}
-{{ range $i, $e := until (int $global.Values.replicaCount) }}
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: {{ include "common.release" $global }}-{{ $global.Values.service.name }}-{{ $i }}
- namespace: {{ include "common.namespace" $global }}
- labels:
- app: {{ $global.Values.service.name }}
- chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" $global }}
- heritage: {{ $global.Release.Service }}
-spec:
- capacity:
- storage: {{ $global.Values.persistence.size }}
- accessModes:
- - {{ $global.Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" $global }}-data"
- hostPath:
- path: {{ $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }}
- persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
-{{ end }}
-{{ end }}
-{{ end }}
+++ /dev/null
-{{/*
-# Copyright © 2020 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.secretFast" . }}
+++ /dev/null
-{{/*
-# Copyright © 2019 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- $root := . -}}
-{{ range $i, $e := until (int $root.Values.replicaCount) }}
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ $root.Values.service.name }}-{{ $i }}
- namespace: {{ include "common.namespace" $root }}
- labels:
- app: {{ $root.Values.service.name }}
- chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" $root }}
- heritage: {{ $root.Release.Service }}
-
-spec:
- type: {{ $root.Values.service.type }}
- externalTrafficPolicy: Local
- selector:
- statefulset.kubernetes.io/pod-name: {{ include "common.release" $root }}-{{ $root.Values.service.name }}-{{ $i }}
- ports:
- - port: {{ $root.Values.service.externalPort }}
- targetPort: {{ $root.Values.service.externalPort }}
- nodePort: {{ $root.Values.service.baseNodePort | add $i }}
- name: {{ $root.Values.service.name }}-{{ $i }}
-{{ end }}
+++ /dev/null
-{{/*
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- serviceName: {{ .Values.service.name }}
- replicas: {{ .Values.replicaCount }}
- podManagementPolicy: Parallel
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- {{- if .Values.prometheus.jmx.enabled }}
- annotations:
- prometheus.io/scrape: "true"
- prometheus.io/port: {{ .Values.prometheus.jmx.port | quote }}
- {{- end }}
- spec:
- {{- if .Values.nodeAffinity }}
- nodeAffinity:
- {{ toYaml .Values.nodeAffinity | indent 10 }}
- {{- end }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
- initContainers:
- - command:
- - /app/ready.py
- args:
- - --container-name
- - {{ .Values.zookeeper.name }}
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
- - command:
- - sh
- - -exec
- - |
- rm -rf '/var/lib/kafka/data/lost+found';
- chown -R 1000:0 /var/lib/kafka/data;
- image: {{ include "repositoryGenerator.image.busybox" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: /var/lib/kafka/data
- name: kafka-data
- name: {{ include "common.name" . }}-permission-fixer
- - command:
- - sh
- args:
- - -c
- - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/etc/kafka/secrets/jaas/${PFILE}; done"
- env:
- - name: ZK_ADMIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-client" "key" "login") | indent 10 }}
- - name: ZK_PSWD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-client" "key" "password") | indent 10 }}
- - name: KAFKA_ADMIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "kafka-admin" "key" "login") | indent 10 }}
- - name: KAFKA_PSWD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "kafka-admin" "key" "password") | indent 10 }}
- volumeMounts:
- - mountPath: /etc/kafka/secrets/jaas
- name: jaas-config
- - mountPath: /config-input
- name: jaas
- image: {{ include "repositoryGenerator.image.envsubst" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-update-config
- {{ include "common.certInitializer.initContainer" . | indent 6 | trim }}
- containers:
- {{- if .Values.prometheus.jmx.enabled }}
- - name: prometheus-jmx-exporter
- image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.prometheus.jmx.image }}:{{ .Values.prometheus.jmx.imageTag }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - java
- - -XX:+UnlockExperimentalVMOptions
- - -XX:+UseCGroupMemoryLimitForHeap
- - -XX:MaxRAMFraction=1
- - -XshowSettings:vm
- - -jar
- - jmx_prometheus_httpserver.jar
- - {{ .Values.prometheus.jmx.port | quote }}
- - /etc/jmx-kafka/jmx-kafka-prometheus.yml
- ports:
- - containerPort: {{ .Values.prometheus.jmx.port }}
- resources:
-{{ toYaml .Values.prometheus.jmx.resources | indent 10 }}
- volumeMounts:
- - name: jmx-config
- mountPath: /etc/jmx-kafka
- {{- end }}
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - sh
- - -exc
- - |
- export KAFKA_BROKER_ID=${HOSTNAME##*-} && \
- {{- if .Values.global.aafEnabled }}
- cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.final_cadi_files }} /etc/kafka/data/{{ .Values.certInitializer.final_cadi_files }} && \
- export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_SASL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_SASL_PLAINTEXT://:{{ .Values.service.internalPort }} && \
- {{ else }}
- export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_PLAINTEXT://:{{ .Values.service.internalPort }} && \
- {{- end }}
- exec /etc/confluent/docker/run
- resources:
-{{ include "common.resources" . | indent 12 }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- - containerPort: {{ .Values.service.externalPort }}
- {{- if .Values.prometheus.jmx.enabled }}
- - containerPort: {{ .Values.jmx.port }}
- name: jmx
- {{- end }}
- {{ if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
- {{ end }}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
- env:
- - name: HOST_IP
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: status.hostIP
- - name: KAFKA_ZOOKEEPER_CONNECT
- value: "{{ include "common.kafkaNodes" (dict "dot" . "replicaCount" .Values.zookeeper.replicaCount "componentName" .Values.zookeeper.name "port" .Values.zookeeper.port ) }}"
- - name: KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE
- value: "{{ .Values.kafka.enableSupport }}"
- - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR
- value: "{{ .Values.config.offsets_topic_replication_factor | default .Values.replicaCount }}"
- - name: KAFKA_NUM_PARTITIONS
- value: "{{ .Values.config.num_partition | default .Values.replicaCount }}"
- - name: KAFKA_DEFAULT_REPLICATION_FACTOR
- value: "{{ .Values.config.default_replication_factor | default .Values.replicaCount }}"
- {{- if .Values.global.aafEnabled }}
- - name: KAFKA_OPTS
- value: "{{ .Values.kafka.jaasOptionsAaf }}"
- - name: aaf_locate_url
- value: https://aaf-locate.{{ include "common.namespace" . }}:8095
- - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP
- value: "{{ .Values.kafka.protocolMapAaf }}"
- - name: KAFKA_LISTENERS
- value: "{{ .Values.kafka.listenersAaf }}"
- - name: KAFKA_SASL_ENABLED_MECHANISMS
- value: "{{ .Values.kafka.saslMech }}"
- - name: KAFKA_INTER_BROKER_LISTENER_NAME
- value: "{{ .Values.kafka.interBrokerListernerAaf }}"
- - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL
- value: "{{ .Values.kafka.saslInterBrokerProtocol }}"
- - name: KAFKA_AUTHORIZER_CLASS_NAME
- value: "{{ .Values.kafka.authorizer }}"
- {{ else }}
- - name: KAFKA_OPTS
- value: "{{ .Values.kafka.jaasOptions }}"
- - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP
- value: "{{ .Values.kafka.protocolMap }}"
- - name: KAFKA_LISTENERS
- value: "{{ .Values.kafka.listeners }}"
- - name: KAFKA_INTER_BROKER_LISTENER_NAME
- value: "{{ .Values.kafka.interBrokerListerner }}"
- {{- end }}
- {{- range $key, $value := .Values.configurationOverrides }}
- - name: {{ printf "KAFKA_%s" $key | replace "." "_" | upper | quote }}
- value: {{ $value | quote }}
- {{- end }}
- {{- if .Values.jmx.port }}
- - name: KAFKA_JMX_PORT
- value: "{{ .Values.jmx.port }}"
- {{- end }}
- - name: enableCadi
- value: "{{ .Values.global.aafEnabled }}"
- volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /var/run/docker.sock
- name: docker-socket
- - name: jaas-config
- mountPath: /etc/kafka/secrets/jaas
- - mountPath: /var/lib/kafka/data
- name: kafka-data
- {{- if .Values.tolerations }}
- tolerations:
- {{ toYaml .Values.tolerations | indent 10 }}
- {{- end }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: jaas-config
- emptyDir:
- medium: Memory
- - name: docker-socket
- hostPath:
- path: /var/run/docker.sock
- - name: jaas
- configMap:
- name: {{ include "common.fullname" . }}-jaas-configmap
- {{- if .Values.prometheus.jmx.enabled }}
- - name: jmx-config
- configMap:
- name: {{ include "common.fullname" . }}-prometheus-configmap
- {{- end }}
-{{ if not .Values.persistence.enabled }}
- - name: kafka-data
- emptyDir: {}
-{{ else }}
- volumeClaimTemplates:
- - metadata:
- name: kafka-data
- labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- spec:
- accessModes:
- - {{ .Values.persistence.accessMode | quote }}
- storageClassName: {{ include "common.storageClass" . }}
- resources:
- requests:
- storage: {{ .Values.persistence.size | quote }}
-{{ end }}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
-
-
-#################################################################
-# AAF part
-#################################################################
-certInitializer:
- nameOverride: dmaap-mr-kafka-cert-initializer
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- # aafDeployCredsExternalSecret: some secret
- fqdn: dmaap-mr
- fqi: dmaapmr@mr.dmaap.onap.org
- public_fqdn: mr.dmaap.onap.org
- cadi_longitude: "-122.26147"
- cadi_latitude: "37.78187"
- app_ns: org.osaaf.aaf
- credsPath: /opt/app/osaaf/local
- fqi_namespace: org.onap.dmaap.mr
- final_cadi_files: cadi.properties
- aaf_add_config: |
- echo "*** concat the three prop files"
- cd {{ .Values.credsPath }}
- cat {{ .Values.fqi_namespace }}.props > {{ .Values.final_cadi_files }}
- cat {{ .Values.fqi_namespace }}.cred.props >> {{ .Values.final_cadi_files }}
- cat {{ .Values.fqi_namespace }}.location.props >> {{ .Values.final_cadi_files }}
- echo "*** configuration result:"
- cat {{ .Values.final_cadi_files }}
- chown -R 1000 .
-
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-image: onap/dmaap/kafka111:1.1.1
-pullPolicy: Always
-
-
-zookeeper:
- name: message-router-zookeeper
- port: 2181
- replicaCount: 1
-
-kafka:
- heapOptions: -Xmx5G -Xms1G
- jaasOptions: -Djava.security.auth.login.config=/etc/kafka/secrets/jaas/zk_client_jaas.conf
- jaasOptionsAaf: -Djava.security.auth.login.config=/etc/kafka/secrets/jaas/kafka_server_jaas.conf
- enableSupport: false
- protocolMapAaf: INTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT,EXTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT
- protocolMap: INTERNAL_PLAINTEXT:PLAINTEXT,EXTERNAL_PLAINTEXT:PLAINTEXT
- listenersAaf: EXTERNAL_SASL_PLAINTEXT://0.0.0.0:9091,INTERNAL_SASL_PLAINTEXT://0.0.0.0:9092
- listeners: EXTERNAL_PLAINTEXT://0.0.0.0:9091,INTERNAL_PLAINTEXT://0.0.0.0:9092
- authorizer: org.onap.dmaap.kafkaAuthorize.KafkaCustomAuthorizer
- saslInterBrokerProtocol: PLAIN
- saslMech: PLAIN
- interBrokerListernerAaf: INTERNAL_SASL_PLAINTEXT
- interBrokerListerner: INTERNAL_PLAINTEXT
-
-config: {}
- # offsets_topic_replication_factor:
- # num_partition:
- # default_replication_factor:
-
-configurationOverrides:
- "log.dirs": "/var/lib/kafka/data"
- "log.retention.hours": "168"
- "transaction.state.log.replication.factor": "1"
- "transaction.state.log.min.isr": "1"
- "num.recovery.threads.per.data.dir": "5"
- "zookeeper.connection.timeout.ms": "6000"
- "zookeeper.set.acl": "true"
-
-jmx:
- port: 5555
-
-prometheus:
- jmx:
- enabled: false
- image: solsson/kafka-prometheus-jmx-exporter@sha256
- imageTag: 6f82e2b0464f50da8104acd7363fb9b995001ddff77d248379f8788e78946143
- port: 5556
-
-jaas:
- config:
- zkClient: kafka
- zkClientPassword: kafka_secret
- kafkaAdminUser: admin
- kafkaAdminPassword: admin_secret
- #kafkaAdminUserExternal: some secret
- #zkClientPasswordExternal: some secret
-
-
-secrets:
- - uid: zk-client
- type: basicAuth
- externalSecret: '{{ .Values.jaas.config.zkClientPasswordExternal}}'
- login: '{{ .Values.jaas.config.zkClient }}'
- password: '{{ .Values.jaas.config.zkClientPassword }}'
- passwordPolicy: required
- - uid: kafka-admin
- type: basicAuth
- externalSecret: '{{ .Values.jaas.config.kafkaAdminUserExternal}}'
- login: '{{ .Values.jaas.config.kafkaAdminUser }}'
- password: '{{ .Values.jaas.config.kafkaAdminPassword }}'
- passwordPolicy: required
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# default number of instances
-replicaCount: 1
-
-
-# To access Kafka outside cluster, this value must be set to hard and the number of nodes in K8S cluster must be equal or greater then replica count
-podAntiAffinityType: soft
-
-# defult partitions
-defaultpartitions: 3
-
-nodeSelector: {}
-
-nodeAffinity: {}
-
-affinity: {}
-
-tolerations: {}
-
-
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 90
- periodSeconds: 20
- timeoutSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 90
- periodSeconds: 20
- timeoutSeconds: 100
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
-
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
-
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- ##
- # storageClass: "-"
- accessMode: ReadWriteOnce
- size: 2Gi
- mountPath: /dockerdata-nfs
- mountSubPath: message-router/data-kafka
-
-service:
- type: NodePort
- name: message-router-kafka
- portName: tcp-message-router-kafka
- internalPort: 9092
- internalSSLPort: 9093
- externalPort: 9091
- baseNodePort: 30490
-
-
-
-ingress:
- enabled: false
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 2000m
- memory: 4Gi
- requests:
- cpu: 500m
- memory: 1Gi
- large:
- limits:
- cpu: 4000m
- memory: 8Gi
- requests:
- cpu: 1000m
- memory: 2Gi
- unlimited: {}
-
-#Pods Service Account
-serviceAccount:
- nameOverride: message-router-kafka
- roles:
- - read
+++ /dev/null
-jmxUrl: service:jmx:rmi:///jndi/rmi://localhost:{{ .Values.jmx.port }}/jmxrmi
-lowercaseOutputName: true
-lowercaseOutputLabelNames: true
-ssl: false
-rules:
-- pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+)><>(\\w+)"
- name: "message-router-zookeeper_$2"
-- pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+), name1=replica.(\\d+)><>(\\w+)"
- name: "message-router-zookeeper_$3"
- labels:
- replicaId: "$2"
-- pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+), name1=replica.(\\d+), name2=(\\w+)><>(\\w+)"
- name: "message-router-zookeeper_$4"
- labels:
- replicaId: "$2"
- memberType: "$3"
-- pattern: "org.apache.ZooKeeperService<name0=ReplicatedServer_id(\\d+), name1=replica.(\\d+), name2=(\\w+), name3=(\\w+)><>(\\w+)"
- name: "message-router-zookeeper_$4_$5"
- labels:
- replicaId: "$2"
- memberType: "$3"
+++ /dev/null
-Server {
- org.apache.zookeeper.server.auth.DigestLoginModule required
- user_${ZK_ADMIN}="${ZK_PSWD}";
-};
\ No newline at end of file
+++ /dev/null
-# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright © 2018 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
+++ /dev/null
-{{/*
-# Copyright © 2019 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- /*
- Calculate the maximum number of zk server down in order to guarantee ZK quorum.
- For guaranteeing ZK quorum we need half of the server + 1 up.
-
- div in go template cast return an int64
- so we need to know if it is an even number or an odd.
- For this we are doing (n/2)*2=n?
- if true it is even else it is even
-*/ -}}
-{{- define "zk.maxUnavailable" -}}
-{{- $halfReplica := div .Values.replicaCount 2 -}}
- {{/* divide by 2 and multiply by 2 in order to know if it is an even number*/}}
- {{if eq (mul $halfReplica 2) (int .Values.replicaCount) }}
- {{- toYaml (sub $halfReplica 1) -}}
- {{else}}
- {{- toYaml $halfReplica -}}
- {{end}}
-{{- end -}}
+++ /dev/null
-{{/*
-Create a server list string based on fullname, namespace, # of zookeeperServers
-in a format like "zkhost1:port:port;zkhost2:port:port"
-*/}}
-{{- define "zookeeper.serverlist" -}}
-{{- $namespace := include "common.namespace" . }}
-{{- $fullname := include "common.fullname" . -}}
-{{- $name := include "common.name" . -}}
-{{- $serverPort := .Values.service.serverPort -}}
-{{- $leaderElectionPort := .Values.service.leaderElectionPort -}}
-{{- $zk := dict "zookeeperServers" (list) -}}
-{{- range $idx, $v := until (int .Values.zookeeperServers) }}
-{{- $noop := printf "%s-%d.%s.%s.svc.cluster.local:%d:%d" $fullname $idx $name $namespace (int $serverPort) (int $leaderElectionPort) | append $zk.zookeeperServers | set $zk "zookeeperServers" -}}
-{{- end }}
-{{- printf "%s" (join ";" $zk.zookeeperServers) | quote -}}
-{{- end -}}
\ No newline at end of file
+++ /dev/null
-{{/*
-# Copyright © 2020 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if .Values.prometheus.jmx.enabled }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-prometheus-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/jmx-zookeeper-prometheus.yml").AsConfig . | indent 2 }}
----
-{{ end }}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-jaas-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ (.Files.Glob "resources/config/zk_server_jaas.conf").AsConfig | indent 2 }}
+++ /dev/null
-{{/*
-# Copyright © 2018 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- $global := . -}}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if eq "True" (include "common.needPV" .) -}}
-{{ range $i, $e := until (int $global.Values.replicaCount) }}
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: {{ include "common.release" $global }}-{{ $global.Values.service.name }}-{{ $i }}
- namespace: {{ include "common.namespace" $global }}
- labels:
- app: {{ $global.Values.service.name }}
- chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" $global }}
- heritage: {{ $global.Release.Service }}
-spec:
- capacity:
- storage: {{ $global.Values.persistence.size }}
- accessModes:
- - {{ $global.Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" $global }}-data"
- hostPath:
- path: {{ $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }}
- persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
-{{ end }}
-{{ end }}
-{{ end }}
+++ /dev/null
-{{/*
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.service.name }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.clientPort }}
- name: {{ .Values.service.clientPortName }}
- - port: {{ .Values.service.serverPort }}
- name: {{ .Values.service.serverPortName }}
- - port: {{ .Values.service.leaderElectionPort }}
- name: {{ .Values.service.leaderElectionPortName }}
- clusterIP: None
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- serviceName: {{ .Values.service.name }}
- replicas: {{ .Values.replicaCount }}
- updateStrategy:
- type: RollingUpdate
- rollingUpdate:
- maxUnavailable: {{ .Values.maxUnavailable }}
- podManagementPolicy: Parallel
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- {{- if .Values.prometheus.jmx.enabled }}
- annotations:
- prometheus.io/scrape: "true"
- prometheus.io/port: {{ .Values.prometheus.jmx.port | quote }}
- {{- end }}
- spec:
- {{- if .Values.nodeAffinity }}
- nodeAffinity:
- {{ toYaml .Values.nodeAffinity | indent 10 }}
- {{- end }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
- initContainers:
- - name: {{ include "common.name" . }}-permission-fixer
- command:
- - sh
- - -exec
- - >
- chown -R 1000:0 /tmp/zookeeper/apikeys;
- image: {{ include "repositoryGenerator.image.busybox" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: /tmp/zookeeper/apikeys
- name: zookeeper-data
- - command:
- - sh
- args:
- - -c
- - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/etc/zookeeper/secrets/jaas/${PFILE}; done"
- env:
- - name: ZK_ADMIN
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-admin" "key" "login") | indent 10 }}
- - name: ZK_PSWD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-admin" "key" "password") | indent 10 }}
- volumeMounts:
- - mountPath: /etc/zookeeper/secrets/jaas
- name: jaas-config
- - mountPath: /config-input
- name: jaas
- image: {{ include "repositoryGenerator.image.envsubst" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-update-config
- containers:
- {{- if .Values.prometheus.jmx.enabled }}
- - name: prometheus-jmx-exporter
- image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.prometheus.jmx.image }}:{{ .Values.prometheus.jmx.imageTag }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - java
- - -XX:+UnlockExperimentalVMOptions
- - -XX:+UseCGroupMemoryLimitForHeap
- - -XX:MaxRAMFraction=1
- - -XshowSettings:vm
- - -jar
- - jmx_prometheus_httpserver.jar
- - {{ .Values.prometheus.jmx.port | quote }}
- - /etc/jmx-zookeeper/jmx-zookeeper-prometheus.yml
- ports:
- - containerPort: {{ .Values.prometheus.jmx.port }}
- resources:
-{{ toYaml .Values.prometheus.jmx.resources | indent 10 }}
- volumeMounts:
- - name: jmx-config
- mountPath: /etc/jmx-zookeeper
- {{- end }}
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- resources:
-{{ include "common.resources" . | indent 12 }}
- ports:
- - containerPort: {{ .Values.service.clientPort }}
- name: {{ .Values.service.clientPortName }}
- - containerPort: {{ .Values.service.serverPort }}
- name: {{ .Values.service.serverPortName }}
- - containerPort: {{ .Values.service.leaderElectionPort }}
- name: {{ .Values.service.leaderElectionPortName }}
- {{- if .Values.prometheus.jmx.enabled }}
- - containerPort: {{ .Values.jmx.port }}
- name: jmx
- {{- end }}
- {{ if eq .Values.liveness.enabled true }}
- livenessProbe:
- exec:
- command: ['/bin/bash', '-c', 'echo "ruok" | nc -w 2 localhost 2181 | grep imok']
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
- {{ end }}
- readinessProbe:
- exec:
- command: ['/bin/bash', '-c', 'echo "ruok" | nc -w 2 localhost 2181 | grep imok']
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
- resources:
-{{ include "common.resources" . | indent 10 }}
- env:
- - name : KAFKA_HEAP_OPTS
- value: "{{ .Values.zkConfig.heapOptions }}"
- {{- if .Values.jmx.port }}
- - name : KAFKA_JMX_PORT
- value: "{{ .Values.jmx.port }}"
- {{- end }}
- - name : ZOOKEEPER_REPLICAS
- value: "{{ .Values.replicaCount }}"
- - name : ZOOKEEPER_TICK_TIME
- value: "{{ .Values.zkConfig.tickTime }}"
- - name : ZOOKEEPER_SYNC_LIMIT
- value: "{{ .Values.zkConfig.syncLimit }}"
- - name : ZOOKEEPER_INIT_LIMIT
- value: "{{ .Values.zkConfig.initLimit }}"
- - name : ZOOKEEPER_MAX_CLIENT_CNXNS
- value: "{{ .Values.zkConfig.maxClientCnxns }}"
- - name : ZOOKEEPER_AUTOPURGE_SNAP_RETAIN_COUNT
- value: "{{ .Values.zkConfig.autoPurgeSnapRetainCount}}"
- - name : ZOOKEEPER_AUTOPURGE_PURGE_INTERVAL
- value: "{{ .Values.zkConfig.autoPurgePurgeInterval}}"
- - name: ZOOKEEPER_CLIENT_PORT
- value: "{{ .Values.zkConfig.clientPort }}"
- - name: KAFKA_OPTS
- value: "{{ .Values.zkConfig.kafkaOpts }}"
- - name: ZOOKEEPER_QUORUM_LISTEN_ON_ALL_IPS
- value: "true"
- - name: ZOOKEEPER_SERVERS
- value: {{ template "zookeeper.serverlist" . }}
- - name: ZOOKEEPER_SERVER_ID
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- command:
- - "bash"
- - "-c"
- - |
- ZOOKEEPER_SERVER_ID=$((${HOSTNAME##*-}+1)) \
- /etc/confluent/docker/run
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /var/lib/zookeeper/data
- name: zookeeper-data
- - name: jaas-config
- mountPath: /etc/zookeeper/secrets/jaas
- {{- if .Values.tolerations }}
- tolerations:
- {{ toYaml .Values.tolerations | indent 10 }}
- {{- end }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: jaas-config
- emptyDir:
- medium: Memory
- - name: docker-socket
- hostPath:
- path: /var/run/docker.sock
- - name: jaas
- configMap:
- name: {{ include "common.fullname" . }}-jaas-configmap
- {{- if .Values.prometheus.jmx.enabled }}
- - name: jmx-config
- configMap:
- name: {{ include "common.fullname" . }}-prometheus-configmap
- {{- end }}
-{{ if not .Values.persistence.enabled }}
- - name: zookeeper-data
- emptyDir: {}
-{{ else }}
- volumeClaimTemplates:
- - metadata:
- name: zookeeper-data
- labels:
- app: {{ include "common.fullname" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- spec:
- accessModes:
- - {{ .Values.persistence.accessMode | quote }}
- storageClassName: {{ include "common.storageClass" . }}
- resources:
- requests:
- storage: {{ .Values.persistence.size | quote }}
-{{ end }}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-image: onap/dmaap/zookeeper:6.1.0
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-
-# default number of instances
-replicaCount: 1
-
-zookeeperServers: 1
-
-nodeSelector: {}
-
-nodeAffinity: {}
-
-affinity: {}
-
-tolerations: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 60
- periodSeconds: 20
- timeoutSeconds: 10
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 60
- periodSeconds: 20
- timeoutSeconds: 10
-
-#Zookeeper properties
-zkConfig:
- tickTime: 2000
- syncLimit: 5
- initLimit: 20
- maxClientCnxns: 200
- autoPurgeSnapRetainCount: 3
- autoPurgePurgeInterval: 24
- heapOptions: -Xmx2G -Xms2G
- kafkaOpts: -Djava.security.auth.login.config=/etc/zookeeper/secrets/jaas/zk_server_jaas.conf -Dzookeeper.kerberos.removeHostFromPrincipal=true -Dzookeeper.kerberos.removeRealmFromPrincipal=true -Dzookeeper.authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider -Dzookeeper.requireClientAuthScheme=sasl -Dzookeeper.4lw.commands.whitelist=*
- clientPort: 2181
-
-jmx:
- port: 5555
-
-prometheus:
- jmx:
- enabled: false
- image: solsson/kafka-prometheus-jmx-exporter@sha256
- imageTag: 6f82e2b0464f50da8104acd7363fb9b995001ddff77d248379f8788e78946143
- port: 5556
-
-jaas:
- config:
- zkAdminUser: kafka
- zkAdminPassword: kafka_secret
- #zkAdminPasswordExternal= some password
-
-secrets:
- - uid: zk-admin
- type: basicAuth
- externalSecret: '{{ .Values.jaas.config.zkAdminPasswordExternal}}'
- login: '{{ .Values.jaas.config.zkAdminUser }}'
- password: '{{ .Values.jaas.config.zkAdminPassword }}'
- passwordPolicy: required
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
-
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
-
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- ##
- # storageClass: "-"
- accessMode: ReadWriteOnce
- size: 2Gi
- mountPath: /dockerdata-nfs
- mountSubPath: message-router/data-zookeeper
-
-
-rollingUpdate:
- maxUnavailable: 1
-service:
- type: ClusterIP
- name: message-router-zookeeper
- portName: message-router-zookeeper
- clientPortName: tcp-client
- clientPort: 2181
- serverPortName: tcp-server
- serverPort: 2888
- leaderElectionPortName: tcp-leader
- leaderElectionPort: 3888
-
-ingress:
- enabled: false
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 2000m
- memory: 4Gi
- requests:
- cpu: 500m
- memory: 1Gi
- large:
- limits:
- cpu: 4000m
- memory: 8Gi
- requests:
- cpu: 1000m
- memory: 2Gi
- unlimited: {}
-
-#Pods Service Account
-serviceAccount:
- nameOverride: message-router-zookeeper
- roles:
- - read
# org.onap.dmaap
# ================================================================================
# Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2021-2022 Nordix Foundation
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
#
###############################################################################
###############################################################################
-##
-## Cambria API Server config
-##
-## Default values are shown as commented settings.
-##
-###############################################################################
-##
-## HTTP service
-##
-## 3904 is standard as of 7/29/14.
-#
-## Zookeeper Connection
-##
-## Both Cambria and Kafka make use of Zookeeper.
-##
-#config.zk.servers=172.18.1.1
-#config.zk.servers={{.Values.zookeeper.name}}:{{.Values.zookeeper.port}}
*/}}
-config.zk.servers={{ include "common.kafkaNodes" (dict "dot" . "replicaCount" (index .Values "message-router-zookeeper" "replicaCount") "componentName" .Values.zookeeper.name "port" .Values.zookeeper.port ) }}
-#config.zk.root=/fe3c/cambria/config
-
-
-###############################################################################
##
## Kafka Connection
##
## Items below are passed through to Kafka's producer and consumer
## configurations (after removing "kafka.")
## if you want to change request.required.acks it can take this one value
-#kafka.metadata.broker.list=localhost:9092,localhost:9093
-#kafka.metadata.broker.list={{.Values.kafka.name}}:{{.Values.kafka.port}}
-kafka.metadata.broker.list={{ include "common.kafkaNodes" (dict "dot" . "replicaCount" (index .Values "message-router-kafka" "replicaCount") "componentName" .Values.kafka.name "port" .Values.kafka.port ) }}
-
-##kafka.request.required.acks=-1
-#kafka.client.zookeeper=${config.zk.servers}
+kafka.metadata.broker.list={{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}:{{ .Values.global.kafkaInternalPort }}
+config.zk.servers=127.0.0.1:{{ .Values.global.zkTunnelService.internalPort }}
+#kafka.request.required.acks=-1
consumer.timeout.ms=100
zookeeper.connection.timeout.ms=6000
zookeeper.session.timeout.ms=20000
cambria.consumer.cache.zkBasePath=/fe3c/cambria/consumerCache
consumer.timeout=17
default.partitions=3
-default.replicas={{ index .Values "message-router-kafka" "replicaCount" }}
+default.replicas=3
##############################################################################
#100mb
maxcontentlength=10000
<!--
============LICENSE_START=======================================================
Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+ Modifications Copyright © 2021-2022 Nordix Foundation
================================================================================
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
============LICENSE_END=========================================================
-->
-<configuration scan="true" scanPeriod="3 seconds" debug="false">
+<configuration scan="true" scanPeriod="3 seconds" debug="true">
<contextName>${module.ajsc.namespace.name}</contextName>
<jmxConfigurator />
<property name="logDirectory" value="${AJSC_HOME}/log" />
</encoder>
</appender>
- <appender name="ERROR" class="ch.qos.logback.core.ConsoleAppender"> class="ch.qos.logback.core.ConsoleAppender">
+ <appender name="ERROR" class="ch.qos.logback.core.ConsoleAppender">
<filter class="ch.qos.logback.classic.filter.LevelFilter">
<level>ERROR</level>
<onMatch>ACCEPT</onMatch>
<!-- Msgrtr related loggers -->
- <logger name="org.onap.dmaap.dmf.mr.service" level="INFO" />
- <logger name="org.onap.dmaap.dmf.mr.service.impl" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.service" level="TRACE" />
+ <logger name="org.onap.dmaap.dmf.mr.service.impl" level="TRACE" />
- <logger name="org.onap.dmaap.dmf.mr.resources" level="INFO" />
- <logger name="org.onap.dmaap.dmf.mr.resources.streamReaders" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.resources" level="TRACE" />
+ <logger name="org.onap.dmaap.dmf.mr.resources.streamReaders" level="TRACE" />
- <logger name="org.onap.dmaap.dmf.mr.backends" level="INFO" />
- <logger name="org.onap.dmaap.dmf.mr.backends.kafka" level="INFO" />
- <logger name="org.onap.dmaap.dmf.mr.backends.memory" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.backends" level="TRACE" />
+ <logger name="org.onap.dmaap.dmf.mr.backends.kafka" level="TRACE" />
+ <logger name="org.onap.dmaap.dmf.mr.backends.memory" level="TRACE" />
- <logger name="org.onap.dmaap.dmf.mr.beans" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.beans" level="TRACE" />
- <logger name="org.onap.dmaap.dmf.mr.constants" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.constants" level="TRACE" />
- <logger name="org.onap.dmaap.dmf.mr.exception" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.exception" level="TRACE" />
- <logger name="org.onap.dmaap.dmf.mr.listener" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.listener" level="TRACE" />
- <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.metabroker" level="TRACE" />
- <logger name="org.onap.dmaap.dmf.mr.metrics.publisher" level="INFO" />
- <logger name="org.onap.dmaap.dmf.mr.metrics.publisher.impl" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.metrics.publisher" level="TRACE" />
+ <logger name="org.onap.dmaap.dmf.mr.metrics.publisher.impl" level="TRACE" />
- <logger name="org.onap.dmaap.dmf.mr.security" level="INFO" />
- <logger name="org.onap.dmaap.dmf.mr.security.impl" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.security" level="TRACE" />
+ <logger name="org.onap.dmaap.dmf.mr.security.impl" level="TRACE" />
- <logger name="org.onap.dmaap.dmf.mr.transaction" level="INFO" />
- <logger name="com.att.dmf.mr.transaction.impl" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.transaction" level="TRACE" />
+ <logger name="com.att.dmf.mr.transaction.impl" level="TRACE" />
- <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" />
- <logger name="org.onap.dmaap.dmf.mr.metabroker" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.metabroker" level="TRACE" />
+ <logger name="org.onap.dmaap.dmf.mr.metabroker" level="TRACE" />
- <logger name="org.onap.dmaap.dmf.mr.utils" level="INFO" />
- <logger name="org.onap.dmaap.mr.filter" level="INFO" />
+ <logger name="org.onap.dmaap.dmf.mr.utils" level="TRACE" />
+ <logger name="org.onap.dmaap.mr.filter" level="TRACE" />
- <!--<logger name="com.att.nsa.cambria.*" level="INFO" />-->
+ <!--<logger name="com.att.nsa.cambria.*" level="TRACE" />-->
<!-- Msgrtr loggers in ajsc -->
- <logger name="org.onap.dmaap.service" level="INFO" />
- <logger name="org.onap.dmaap" level="INFO" />
+ <logger name="org.onap.dmaap.service" level="TRACE" />
+ <logger name="org.onap.dmaap" level="TRACE" />
<!-- Spring related loggers -->
- <logger name="org.springframework" level="WARN" additivity="false"/>
- <logger name="org.springframework.beans" level="WARN" additivity="false"/>
- <logger name="org.springframework.web" level="WARN" additivity="false" />
- <logger name="com.blog.spring.jms" level="WARN" additivity="false" />
+ <logger name="org.springframework" level="TRACE" additivity="false"/>
+ <logger name="org.springframework.beans" level="TRACE" additivity="false"/>
+ <logger name="org.springframework.web" level="TRACE" additivity="false" />
+ <logger name="com.blog.spring.jms" level="TRACE" additivity="false" />
<!-- AJSC Services (bootstrap services) -->
- <logger name="ajsc" level="WARN" additivity="false"/>
- <logger name="ajsc.RouteMgmtService" level="INFO" additivity="false"/>
- <logger name="ajsc.ComputeService" level="INFO" additivity="false" />
- <logger name="ajsc.VandelayService" level="WARN" additivity="false"/>
- <logger name="ajsc.FilePersistenceService" level="WARN" additivity="false"/>
- <logger name="ajsc.UserDefinedJarService" level="WARN" additivity="false" />
- <logger name="ajsc.UserDefinedBeansDefService" level="WARN" additivity="false" />
- <logger name="ajsc.LoggingConfigurationService" level="WARN" additivity="false" />
+ <logger name="ajsc" level="TRACE" additivity="false"/>
+ <logger name="ajsc.RouteMgmtService" level="TRACE" additivity="false"/>
+ <logger name="ajsc.ComputeService" level="TRACE" additivity="false" />
+ <logger name="ajsc.VandelayService" level="TRACE" additivity="false"/>
+ <logger name="ajsc.FilePersistenceService" level="TRACE" additivity="false"/>
+ <logger name="ajsc.UserDefinedJarService" level="TRACE" additivity="false" />
+ <logger name="ajsc.UserDefinedBeansDefService" level="TRACE" additivity="false" />
+ <logger name="ajsc.LoggingConfigurationService" level="TRACE" additivity="false" />
<!-- AJSC related loggers (DME2 Registration, csi logging, restlet, servlet
logging) -->
- <logger name="ajsc.utils" level="WARN" additivity="false"/>
- <logger name="ajsc.utils.DME2Helper" level="INFO" additivity="false" />
- <logger name="ajsc.filters" level="DEBUG" additivity="false" />
- <logger name="ajsc.beans.interceptors" level="DEBUG" additivity="false" />
- <logger name="ajsc.restlet" level="DEBUG" additivity="false" />
- <logger name="ajsc.servlet" level="DEBUG" additivity="false" />
- <logger name="com.att" level="WARN" additivity="false" />
- <logger name="com.att.ajsc.csi.logging" level="WARN" additivity="false" />
- <logger name="com.att.ajsc.filemonitor" level="WARN" additivity="false"/>
+ <logger name="ajsc.utils" level="TRACE" additivity="false"/>
+ <logger name="ajsc.utils.DME2Helper" level="TRACE" additivity="false" />
+ <logger name="ajsc.filters" level="TRACE" additivity="false" />
+ <logger name="ajsc.beans.interceptors" level="TRACE" additivity="false" />
+ <logger name="ajsc.restlet" level="TRACE" additivity="false" />
+ <logger name="ajsc.servlet" level="TRACE" additivity="false" />
+ <logger name="com.att" level="TRACE" additivity="false" />
+ <logger name="com.att.ajsc.csi.logging" level="TRACE" additivity="false" />
+ <logger name="com.att.ajsc.filemonitor" level="TRACE" additivity="false"/>
- <logger name="com.att.nsa.dmaap.util" level="INFO" additivity="false"/>
- <logger name="com.att.cadi.filter" level="INFO" additivity="false" />
+ <logger name="com.att.nsa.dmaap.util" level="TRACE" additivity="false"/>
+ <logger name="com.att.cadi.filter" level="TRACE" additivity="false" />
<!-- Other Loggers that may help troubleshoot -->
- <logger name="net.sf" level="WARN" additivity="false" />
- <logger name="org.apache.commons.httpclient" level="WARN" additivity="false"/>
- <logger name="org.apache.commons" level="WARN" additivity="false" />
- <logger name="org.apache.coyote" level="WARN" additivity="false"/>
- <logger name="org.apache.jasper" level="WARN" additivity="false"/>
+ <logger name="net.sf" level="TRACE" additivity="false" />
+ <logger name="org.apache.commons.httpclient" level="TRACE" additivity="false"/>
+ <logger name="org.apache.commons" level="TRACE" additivity="false" />
+ <logger name="org.apache.coyote" level="TRACE" additivity="false"/>
+ <logger name="org.apache.jasper" level="TRACE" additivity="false"/>
<!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
May aid in troubleshooting) -->
- <logger name="org.apache.camel" level="WARN" additivity="false" />
- <logger name="org.apache.cxf" level="WARN" additivity="false" />
- <logger name="org.apache.camel.processor.interceptor" level="WARN" additivity="false"/>
- <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" additivity="false" />
- <logger name="org.apache.cxf.service" level="WARN" additivity="false" />
- <logger name="org.restlet" level="DEBUG" additivity="false" />
- <logger name="org.apache.camel.component.restlet" level="DEBUG" additivity="false" />
- <logger name="org.apache.kafka" level="DEBUG" additivity="false" />
- <logger name="org.apache.zookeeper" level="INFO" additivity="false" />
- <logger name="org.I0Itec.zkclient" level="DEBUG" additivity="false" />
+ <logger name="org.apache.camel" level="TRACE" additivity="false" />
+ <logger name="org.apache.cxf" level="TRACE" additivity="false" />
+ <logger name="org.apache.camel.processor.interceptor" level="TRACE" additivity="false"/>
+ <logger name="org.apache.cxf.jaxrs.interceptor" level="TRACE" additivity="false" />
+ <logger name="org.apache.cxf.service" level="TRACE" additivity="false" />
+ <logger name="org.restlet" level="TRACE" additivity="false" />
+ <logger name="org.apache.camel.component.restlet" level="TRACE" additivity="false" />
+ <logger name="org.apache.kafka" level="TRACE" additivity="false" />
+ <logger name="org.apache.zookeeper" level="TRACE" additivity="false" />
+ <logger name="org.I0Itec.zkclient" level="TRACE" additivity="false" />
<!-- logback internals logging -->
- <logger name="ch.qos.logback.classic" level="INFO" additivity="false"/>
- <logger name="ch.qos.logback.core" level="INFO" additivity="false" />
+ <logger name="ch.qos.logback.classic" level="TRACE" additivity="false"/>
+ <logger name="ch.qos.logback.core" level="TRACE" additivity="false" />
<!-- logback jms appenders & loggers definition starts here -->
<!-- logback jms appenders & loggers definition starts here -->
<appender-ref ref="Audit-Record-Queue" />
</appender>
- <logger name="AuditRecord" level="INFO" additivity="FALSE">
+ <logger name="AuditRecord" level="TRACE" additivity="FALSE">
<appender-ref ref="STDOUT" />
</logger>
- <logger name="AuditRecord_DirectCall" level="INFO" additivity="FALSE">
+ <logger name="AuditRecord_DirectCall" level="TRACE" additivity="FALSE">
<appender-ref ref="STDOUT" />
</logger>
<appender name="ASYNC-perf" class="ch.qos.logback.classic.AsyncAppender">
<discardingThreshold>0</discardingThreshold>
<appender-ref ref="Performance-Tracker-Queue" />
</appender>
- <logger name="PerfTrackerRecord" level="INFO" additivity="FALSE">
+ <logger name="PerfTrackerRecord" level="TRACE" additivity="FALSE">
<appender-ref ref="ASYNC-perf" />
<appender-ref ref="perfLogs" />
</logger>
<!-- logback jms appenders & loggers definition ends here -->
- <root level="DEBUG">
+ <root level="TRACE">
<appender-ref ref="DEBUG" />
<appender-ref ref="ERROR" />
<appender-ref ref="INFO" />
+++ /dev/null
-_sNOLphPzrU7L0L3oWv0pYwgV_ddGF1XoBsQEIAp34jfP-fGJFPfFYaMpDEZ3gwH59rNw6qyMZHk
-k-4irklvVcWk36lC3twNvc0DueRCVrws1bkuhOLCXdxHJx-YG-1xM8EJfRmzh79WPlPkbAdyPmFF
-Ah44V0GjAnInPOFZA6MHP9rNx9B9qECHRfmvzU13vJCcgTsrmOr-CEiWfRsnzPjsICxpq9OaVT_D
-zn6rNaroGm1OiZNCrCgvRkCUHPOOCw3j9G1GeaImoZNYtozbz9u4sj13PU-MxIIAa64b1bMMMjpz
-Upc8lVPI4FnJKg6axMmEGn5zJ6JUq9mtOVyPj__2GEuDgpx5H4AwodXXVjFsVgR8UJwI_BvS2JVp
-JoQk0J1RqXmAXVamlsMAfzmmbARXgmrBfnuhveZnh9ymFVU-YZeujdANniXAwBGI7c6hG_BXkH7i
-Eyf4Fn41_SV78PskP6qgqJahr9r3bqdjNbKBztIKCOEVrE_w3IM5r02l-iStk_NBRkj6cq_7VCpG
-afxZ2CtZMwuZMiypO_wOgbdpCSKNzsL-NH2b4b08OlKiWb263gz634KJmV5WEfCl-6eH-JUFbWOS
-JwQfActLNT2ZQPl2MyZQNBzJEWoJRgS6k7tPRO-zqeUtYYHGHVMCxMuMHGQcoilNNHEFeBCG_fBh
-yAKb9g9F86Cbx9voMLiyTX2T3rwVHiSJFOzfNxGmfN5JWOthIun_c5hEY1tLQ15BomzkDwk7BAj7
-VbRCrVD45B6xrmSTMBSWYmLyr6mnQxQqeh9cMbD-0ZAncE3roxRnRvPKjFFa208ykYUp2V83r_PJ
-fV5I9ZPKSjk9DwFyrjkcQQEYDhdK6IFqcd6nEthjYVkmunu2fsX0bIOm9GGdIbKGqBnpdgBO5hyT
-rBr9HSlZrHcGdti1R823ckDF0Ekcl6kioDr5NLIpLtg9zUEDRm3QrbX2mv5Zs8W0pYnOqglxy3lz
-bJZTN7oR7VasHUtjmp0RT9nLZkUs5TZ6MHhlIq3ZsQ6w_Q9Rv1-ofxfwfCC4EBrWKbWAGCf6By4K
-Ew8321-2YnodhmsK5BrT4zQ1DZlmUvK8BmYjZe7wTljKjgYcsLTBfX4eMhJ7MIW1kpnl8AbiBfXh
-QzN56Mki51Q8PSQWHm0W9tnQ0z6wKdck6zBJ8JyNzewZahFKueDTn-9DOqIDfr3YHvQLLzeXyJ8e
-h4AgjW-hvlLzRGtkCknjLIgXVa3rMTycseAwbW-mgdCqqkw3SdEG8feAcyntmvE8j2jbtSDStQMB
-9JdvyNLuQdNG4pxpusgvVso0-8NQF0YVa9VFwg9U6IPSx5p8FcW68OAHt_fEgT4ZtiH7o9aur4o9
-oYqUh2lALCY-__9QLq1KkNjMKs33Jz9E8LbRerG9PLclkTrxCjYAeUWBjCwSI7OB7xkuaYDSjkjj
-a46NLpdBN1GNcsFFcZ79GFAK0_DsyxGLX8Tq6q0Bvhs8whD8wlSxpTGxYkyqNX-vcb7SDN_0WkCE
-XSdZWkqTHXcYbOvoCOb_e6SFAztuMenuHWY0utX0gBfx_X5lPDFyoYXErxFQHiA7t27keshXNa6R
-ukQRRS8kMjre1U74sc-fRNXkXpl57rG4rgxaEX0eBeowa53KAsVvUAoSac2aC_nfzXrDvoyf9Xi3
-JpEZNhUDLpFCEycV4I7jGQ9wo9qNaosvlsr6kbLDNdb_1xrGVgjT3xEvRNJNPqslSAu-yD-UFhC3
-AmCdYUnugw_eEFqXCHTARcRkdPPvl2XsmEKY2IqEeO5tz4DyXQFaL-5hEVh6lYEU1EOWHk3UGIXe
-Vc5_Ttp82qNLmlJPbZvgmNTJzYTHDQ_27KBcp7IVVZgPDjVKdWqQvZ18KhxvfF3Idgy82LBZniFV
-IbtxllXiPRxoPQriSXMnXjh3XkvSDI2pFxXfEvLRn1tvcFOwPNCz3QfPIzYg8uYXN5bRt3ZOrR_g
-ZhIlrc7HO0VbNbeqEVPKMZ-cjkqGj4VAuDKoQc0eQ6X_wCoAGO78nPpLeIvZPx1X3z5YoqNA
\ No newline at end of file
{{/*
# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018 AT&T
+# Modifications Copyright © 2021-2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
---
apiVersion: v1
kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-dbc-mrclusters
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/mr_clusters/*.json").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-dbc-topics
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/topics/*.json").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
metadata:
name: {{ include "common.fullname" . }}-sys-props
namespace: {{ include "common.namespace" . }}
{{/*
# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018 AT&T
+# Modifications Copyright © 2021-2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
data:
{{ (.Files.Glob "resources/config/dmaap/mykey").AsSecrets | indent 2 }}
type: Opaque
+---
+{{ include "common.secretFast" . }}
{{/*
# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018 AT&T
+# Modifications Copyright © 2021-2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers:
- - command:
- - /app/ready.py
- args:
- - --container-name
- - {{ .Values.kafka.name }}
- - --container-name
- - {{ .Values.zookeeper.name }}
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
{{ include "common.certInitializer.initContainer" . | indent 6 | trim }}
{{- if .Values.global.aafEnabled }}
- name: {{ include "common.name" . }}-update-config
- name: jmx-config
mountPath: /etc/jmx-kafka
{{- end }}
+ - name: srimzi-zk-entrance
+ image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.zookeeper.entrance.image }}
+ command:
+ - /opt/stunnel/stunnel_run.sh
+ ports:
+ - containerPort: {{ .Values.global.zkTunnelService.internalPort }}
+ name: zoo
+ protocol: TCP
+ env:
+ - name: LOG_LEVEL
+ value: debug
+ - name: STRIMZI_ZOOKEEPER_CONNECT
+ value: '{{ include "common.release" . }}-strimzi-zookeeper-client:{{ .Values.global.zkTunnelService.internalPort }}'
+ imagePullPolicy: Always
+ livenessProbe:
+ exec:
+ command:
+ - /opt/stunnel/stunnel_healthcheck.sh
+ - '{{ .Values.global.zkTunnelService.internalPort }}'
+ failureThreshold: 3
+ initialDelaySeconds: 15
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 5
+ readinessProbe:
+ exec:
+ command:
+ - /opt/stunnel/stunnel_healthcheck.sh
+ - '{{ .Values.global.zkTunnelService.internalPort }}'
+ failureThreshold: 3
+ initialDelaySeconds: 15
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 5
+ volumeMounts:
+ - mountPath: /etc/cluster-operator-certs/
+ name: cluster-operator-certs
+ - mountPath: /etc/cluster-ca-certs/
+ name: cluster-ca-certs
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
successThreshold: {{ .Values.startup.successThreshold }}
failureThreshold: {{ .Values.startup.failureThreshold }}
env:
+ - name: JAASLOGIN
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "mr-kafka-admin-secret" "key" "sasl.jaas.config") | indent 12 }}
+ - name: SASLMECH
+ value: {{ .Values.global.saslMechanism }}
- name: enableCadi
value: "{{ .Values.global.aafEnabled }}"
volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- mountPath: /appl/dmaapMR1/bundleconfig/etc/logback.xml
subPath: logback.xml
name: logback
- - mountPath: /appl/dmaapMR1/etc/keyfile
- subPath: mykey
- name: mykey
{{- if .Values.global.aafEnabled }}
- mountPath: /appl/dmaapMR1/etc/runner-web.xml
subPath: runner-web.xml
configMap:
name: {{ include "common.fullname" . }}-prometheus-configmap
{{- end }}
- - name: mykey
- secret:
- secretName: {{ include "common.fullname" . }}-secret
- name: sys-props
configMap:
name: {{ include "common.fullname" . }}-sys-props
- name: jetty
emptyDir: {}
+ - name: cluster-operator-certs
+ secret:
+ defaultMode: 288
+ secretName: {{ include "common.release" . }}-strimzi-cluster-operator-certs
+ - name: cluster-ca-certs
+ secret:
+ defaultMode: 288
+ secretName: {{ include "common.release" . }}-strimzi-cluster-ca-cert
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+ name: {{ include "common.fullname" . }}-zk-network-policy
+ namespace: {{ include "common.namespace" . }}
+spec:
+ podSelector:
+ matchLabels:
+ strimzi.io/name: {{ include "common.release" . }}-strimzi-zookeeper
+ ingress:
+ - from:
+ - podSelector:
+ matchLabels:
+ app.kubernetes.io/name: {{ include "common.name" . }}
+ ports:
+ - port: {{ .Values.global.zkTunnelService.internalPort }}
+ protocol: TCP
+ policyTypes:
+ - Ingress
# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018 AT&T
+# Modifications Copyright © 2021-2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
#################################################################
global:
nodePortPrefix: 302
-
+ kafkaBootstrap: strimzi-kafka-bootstrap
+ saslMechanism: scram-sha-512
+ kafkaInternalPort: 9092
+ zkTunnelService:
+ type: ClusterIP
+ name: zk-tunnel-svc
+ portName: tcp-zk-tunnel
+ internalPort: 2181
#################################################################
# AAF part
image: onap/dmaap/dmaap-mr:1.3.2
pullPolicy: Always
-kafka:
- name: message-router-kafka
- port: 9092
zookeeper:
- name: message-router-zookeeper
- port: 2181
+ entrance:
+ image: scholzj/zoo-entrance:latest
+
+secrets:
+ - uid: mr-kafka-admin-secret
+ externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+ type: genericKV
+ envs:
+ - name: sasl.jaas.config
+ value: '{{ .Values.config.someConfig }}'
+ policy: generate
# flag to enable debugging - application support required
debugEnabled: false
# application configuration
-config: {}
+config:
+ someConfig: blah
# default number of instances
replicaCount: 1
# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs,Bell Canada
+# Modifications Copyright © 2021-2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
aafAppNs: org.osaaf.aaf
aafLocatorContainer: oom
+ #Strimzi config
+ kafkaBootstrap: strimzi-kafka-bootstrap
+ kafkaStrimziAdminUser: strimzi-kafka-admin
+ kafkaInternalPort: 9092
+ saslMechanism: scram-sha-512
+
#Component overrides
message-router:
enabled: true
+ config:
+ jaasConfExternalSecret: '{{ .Values.global.kafkaStrimziAdminUser }}'
dmaap-bc:
enabled: true
dmaap-dr-node:
enabled: true
dmaap-dr-prov:
enabled: true
+dmaap-strimzi:
+ enabled: true
#Pods Service Account
serviceAccount:
resolve_deploy_flags() {
- flags=($1)
- n=${#flags[*]}
- i=0 ; while [ "$i" -lt "$n" ]; do
- PARAM=${flags[i]}
- if [ "$PARAM" = "-f" ] || \
- [ "$PARAM" = "--values" ] || \
- [ "$PARAM" = "--set" ] || \
- [ "$PARAM" = "--set-string" ] || \
- [ "$PARAM" = "--version" ]; then
- # skip param and its value
- i=$((i + 1))
+ skip="false"
+ for param in $1; do
+ if [ "$skip" = "false" ]; then
+ if [ "$param" = "-f" ] || \
+ [ "$param" = "--values" ] || \
+ [ "$param" = "--set" ] || \
+ [ "$param" = "--set-string" ] || \
+ [ "$param" = "--version" ]; then
+ skip="true"
+ else
+ DEPLOY_FLAGS="$DEPLOY_FLAGS $param"
+ fi
else
- DEPLOY_FLAGS="$DEPLOY_FLAGS $PARAM"
+ skip="false"
fi
- i=$((i+1))
done
echo "$DEPLOY_FLAGS"
}
check_for_dep() {
try=0
retries=60
- until (kubectl get deployment -n $HELM_NAMESPACE | grep -P "\b$1\b") &>/dev/null; do
- (( ++try > retries )) && exit 1
+ until (kubectl get deployment -n $HELM_NAMESPACE | grep -P "\b$1\b") >/dev/null 2>&1; do
+ try=$(($try + 1))
+ [ $try -gt $retries ] && exit 1
echo "$1 not found. Retry $try/$retries"
sleep 10
done
if [ $SUBCHART_ENABLED -eq 1 ]; then
deploy_subchart
else
- array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}"))
- n=${#array[*]}
- for i in $(seq $(($n-1)) -1 0); do
- helm del "${array[i]}"
+ reverse_list=
+ for item in $(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}")
+ do
+ reverse_list="$item $reverse_list"
+ done
+ for item in $reverse_list
+ do
+ helm del $item
done
fi
done
+
for subchart in * ; do
SUBCHART_OVERRIDES=$CACHE_SUBCHART_DIR/$subchart/subchart-overrides.yaml
if [ $SUBCHART_ENABLED -eq 1 ]; then
deploy_subchart
else
- array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}"))
- n=${#array[*]}
- for i in $(seq $(($n-1)) -1 0); do
- helm del "${array[i]}"
+ reverse_list=
+ for item in $(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}")
+ do
+ reverse_list="$item $reverse_list"
+ done
+ for item in $reverse_list
+ do
+ helm del $item
done
fi
done
apiVersion: v2
description: <Short application description - this is visible via 'helm search'>
name: <onap-app>
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP DCAE HOLMES
name: holmes
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: global.postgres.localCluster
- name: postgres-init
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: not global.postgres.localCluster
- name: holmes-rule-mgmt
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/holmes-rule-mgmt'
- name: holmes-engine-mgmt
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/holmes-engine-mgmt'
appVersion: "2.0"
description: Holmes Engine Management
name: holmes-engine-mgmt
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
logging:
# The default level of all loggers. Can be OFF, ERROR, WARN, INFO, DEBUG, TRACE, or ALL.
- level: ALL
+ level: INFO
# Logger-specific levels.
loggers:
appenders:
- type: console
- threshold: ALL
+ threshold: INFO
timeZone: UTC
logFormat: "%d{yyyy-MM-dd HH:mm:ss SSS} %-5p [%c][%t] invocationID:{InvocationID} - %m%n"
- type: file
archivedLogFilenamePattern: /var/log/ONAP/holmes/zip/engine-d-error-%d{yyyy-MM-dd}.log.gz
archivedFileCount: 7
- type: file
- threshold: DEBUG
+ threshold: INFO
logFormat: "%d{yyyy-MM-dd HH:mm:ss SSS} %-5p [%c][%t] invocationID:{InvocationID} - %m%n"
currentLogFilename: /var/log/ONAP/holmes/engine-d-debug.log
archivedLogFilenamePattern: /var/log/ONAP/holmes/zip/engine-d-debug-%d{yyyy-MM-dd}.log.gz
# Application configuration defaults.
#################################################################
# application image
-image: onap/holmes/engine-management:10.0.2
+image: onap/holmes/engine-management:10.0.5
consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
#################################################################
appVersion: "2.0"
description: Holmes Rule Management
name: holmes-rule-mgmt
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
logging:
# The default level of all loggers. Can be OFF, ERROR, WARN, INFO, DEBUG, TRACE, or ALL.
- level: ALL
+ level: INFO
# Logger-specific levels.
loggers:
appenders:
- type: console
- threshold: ALL
+ threshold: INFO
timeZone: UTC
logFormat: "%d{yyyy-MM-dd HH:mm:ss SSS} %-5p [%c][%t] invocationID:{InvocationID} - %m%n"
- type: file
archivedLogFilenamePattern: /var/log/ONAP/holmes/zip/rulemgt-relation-error-%d{yyyy-MM-dd}.log.gz
archivedFileCount: 7
- type: file
- threshold: DEBUG
+ threshold: INFO
logFormat: "%d{yyyy-MM-dd HH:mm:ss SSS} %-5p [%c][%t] invocationID:{InvocationID} - %m%n"
currentLogFilename: /var/log/ONAP/holmes/rulemgt-relation-debug.log
archivedLogFilenamePattern: /var/log/ONAP/holmes/zip/rulemgt-relation-debug-%d{yyyy-MM-dd}.log.gz
# Application configuration defaults.
#################################################################
# application image
-image: onap/holmes/rule-management:10.0.2
+image: onap/holmes/rule-management:10.0.5
consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
#################################################################
apiVersion: v2
description: ONAP Logging ElasticStack
name: log
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: log-elasticsearch
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/log-elasticsearch'
- name: log-kibana
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/log-kibana'
- name: log-logstash
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/log-logstash'
apiVersion: v2
description: ONAP Logging Elasticsearch
name: log-elasticsearch
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP Logging Kibana
name: log-kibana
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP Logging Logstash
name: log-logstash
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP Modeling (Modeling)
name: modeling
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: modeling-etsicatalog
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/modeling-etsicatalog'
apiVersion: v2
description: ONAP Modeling - Etsicatalog
name: modeling-etsicatalog
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: mariadb-galera
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: global.mariadbGalera.localCluster
- name: mariadb-init
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: not global.mariadbGalera.localCluster
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# application image
flavor: small
-image: onap/modeling/etsicatalog:1.0.13
+image: onap/modeling/etsicatalog:1.0.14
pullPolicy: Always
#Istio sidecar injection policy
apiVersion: v2
description: ONAP MicroServices Bus
name: msb
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: kube2msb
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/kube2msb'
- name: msb-consul
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/msb-consul'
- name: msb-discovery
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/msb-discovery'
- name: msb-eag
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/msb-eag'
- name: msb-iag
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/msb-iag'
apiVersion: v2
description: ONAP MicroServices Bus Kube2MSB Registrator
name: kube2msb
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP MicroServices Bus Consul
name: msb-consul
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP MicroServices Bus Discovery
name: msb-discovery
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP MicroServices Bus Internal API Gateway
name: msb-eag
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP MicroServices Bus Internal API Gateway
name: msb-iag
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP multicloud broker
name: multicloud
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: multicloud-fcaps
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/multicloud-fcaps'
condition: multicloud-fcaps.enabled
- name: multicloud-k8s
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/multicloud-k8s'
condition: multicloud-k8s.enabled
- name: multicloud-pike
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/multicloud-pike'
condition: multicloud-pike.enabled
- name: multicloud-prometheus
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/multicloud-prometheus'
condition: multicloud-prometheus.enabled
- name: multicloud-starlingx
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/multicloud-starlingx'
condition: multicloud-starlingx.enabled
- name: multicloud-vio
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/multicloud-vio'
condition: multicloud-vio.enabled
- name: multicloud-windriver
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/multicloud-windriver'
condition: multicloud-windriver.enabled
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP multicloud OpenStack fcaps Plugin
name: multicloud-fcaps
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP Multicloud Kubernetes Plugin
name: multicloud-k8s
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: mongo
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: etcd
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# Application configuration defaults.
#################################################################
# application image
-image: onap/multicloud/k8s:0.10.0
+image: onap/multicloud/k8s:0.10.1
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v2
description: ONAP multicloud OpenStack Pike Plugin
name: multicloud-pike
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP Multicloud Prometheus
name: multicloud-prometheus
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: prometheus-alertmanager
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/prometheus-alertmanager'
- name: prometheus-grafana
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/prometheus-grafana'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP Multicloud Prometheus Alert Manager
name: prometheus-alertmanager
-version: 10.0.0
+version: 11.0.0
apiVersion: v2
description: ONAP Multicloud Grafana for Prometheus
name: prometheus-grafana
-version: 10.0.0
+version: 11.0.0
apiVersion: v2
description: ONAP multicloud OpenStack Starlingx Plugin
name: multicloud-starlingx
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP multicloud VIO plugin
name: multicloud-vio
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP multicloud OpenStack WindRiver Plugin
name: multicloud-windriver
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP Northbound Interface
name: nbi
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: mongo
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: mariadb-galera
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: global.mariadbGalera.localCluster
- name: mariadb-init
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: not global.mariadbGalera.localCluster
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# application image
repository: nexus3.onap.org:10001
-image: onap/externalapi/nbi:8.0.1
+image: onap/externalapi/nbi:10.0.0
pullPolicy: IfNotPresent
sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU=
aai_authorization: Basic QUFJOkFBSQ==
apiVersion: v2
name: onap
-version: 10.0.0
-appVersion: Jakarta
+version: 11.0.0
+appVersion: Kohn
description: Open Network Automation Platform (ONAP)
home: https://www.onap.org/
sources:
dependencies:
- name: aaf
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: aaf.enabled
- name: aai
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: aai.enabled
- name: appc
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: appc.enabled
- name: cassandra
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: cassandra.enabled
- name: cds
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: cds.enabled
- name: cli
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: cli.enabled
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: consul
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: consul.enabled
- name: contrib
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: global.addTestingComponents
- name: cps
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: cps.enabled
- name: dcaegen2
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcaegen2.enabled
- name: dcaegen2-services
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcaegen2-services.enabled
- name: dcaemod
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dcaemod.enabled
- name: holmes
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: holmes.enabled
- name: dmaap
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dmaap.enabled
- name: log
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: log.enabled
- name: sniro-emulator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: sniro-emulator.enabled
- name: mariadb-galera
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: mariadb-galera.enabled
- name: msb
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: msb.enabled
- name: multicloud
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: multicloud.enabled
- name: nbi
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: nbi.enabled
- name: policy
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: policy.enabled
- name: portal
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: portal.enabled
- name: postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: postgres.enabled
- name: oof
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: oof.enabled
- name: repository-wrapper
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: robot
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: robot.enabled
- name: sdc
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: sdc.enabled
- name: sdnc
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: sdnc.enabled
- name: so
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: so.enabled
- name: strimzi
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: strimzi.enabled
- name: uui
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: uui.enabled
- name: vfc
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: vfc.enabled
- name: vid
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: vid.enabled
- name: vnfsdk
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: vnfsdk.enabled
- name: modeling
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: modeling.enabled
- name: platform
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: platform.enabled
- name: a1policymanagement
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: a1policymanagement.enabled
- name: cert-wrapper
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: cert-wrapper.enabled
- name: roles-wrapper
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: roles-wrapper.enabled
initialDelaySeconds: 120
mariadb-galera:
liveness:
- initialDelaySeconds: 180
+ initialDelaySeconds: 30
periodSeconds: 60
mariadb-galera-server:
liveness:
# Copyright (c) 2020 Nordix Foundation, Modifications
# Modifications Copyright © 2020 Nokia
# Modifications Copyright © 2021 Orange
+# Modifications Copyright © 2022 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
enabled: true
dcaegen2-services:
enabled: true
+ dcae-datafile-collector:
+ enabled: true
+ dcae-datalake-admin-ui:
+ enabled: true
+ dcae-datalake-des:
+ enabled: true
+ dcae-datalake-feeder:
+ enabled: true
+ dcae-heartbeat:
+ enabled: true
+ dcae-hv-ves-collector:
+ enabled: true
+ dcae-kpi-ms:
+ enabled: true
+ dcae-ms-healthcheck:
+ enabled: true
+ dcae-pm-mapper:
+ enabled: true
+ dcae-pmsh:
+ enabled: true
+ dcae-prh:
+ enabled: true
+ dcae-restconf-collector:
+ enabled: true
+ dcae-slice-analysis-ms:
+ enabled: true
+ dcae-snmptrap-collector:
+ enabled: true
+ dcae-son-handler:
+ enabled: true
+ dcae-tcagen2:
+ enabled: true
+ dcae-ves-collector:
+ enabled: true
+ dcae-ves-mapper:
+ enabled: true
+ dcae-ves-openapi-manager:
+ enabled: true
dcaemod:
enabled: true
holmes:
openStackServiceTenantName: "$OPENSTACK_TENANT_NAME"
openStackEncryptedPasswordHere: "$OPENSTACK_ENCRYPTED_PASSWORD"
strimzi:
- enabled: false
+ enabled: true
uui:
enabled: false
vid:
loggingImage: beats/filebeat:5.5.0
# mariadb client image
- mariadbImage: bitnami/mariadb:10.6.5-debian-10-r28
+ mariadbImage: bitnami/mariadb:10.5.8
# nginx server image
nginxImage: bitnami/nginx:1.21.4
apiVersion: v2
description: ONAP Optimization Framework
name: oof
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: oof-has
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/oof-has'
condition: oof-has.enabled
- name: oof-templates
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/oof-templates'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP Homing and Allocation Service
name: oof-has
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: music
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: music.enabled
- name: etcd
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: etcd.enabled
- name: etcd-init
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: etcd-init.enabled
- name: oof-has-api
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/oof-has-api'
condition: oof-has-api.enabled
- name: oof-has-controller
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/oof-has-controller'
condition: oof-has-controller.enabled
- name: oof-has-data
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/oof-has-data'
condition: oof-has-data.enabled
- name: oof-has-reservation
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/oof-has-reservation'
condition: oof-has-reservation.enabled
- name: oof-has-solver
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/oof-has-solver'
condition: oof-has-solver.enabled
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP Homing and Allocation Servicei - API
name: oof-has-api
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: oof-templates
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../../../oof-templates'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
global: # global defaults
nodePortPrefix: 302
image:
- optf_has: onap/optf-has:2.2.1
+ optf_has: onap/optf-has:2.3.0
#################################################################
# secrets metaconfig
apiVersion: v2
description: ONAP Homing and Allocation Sservice - Controller
name: oof-has-controller
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: oof-templates
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../../../oof-templates'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
global:
image:
- optf_has: onap/optf-has:2.2.1
+ optf_has: onap/optf-has:2.3.0
#################################################################
# Secrets metaconfig
apiVersion: v2
description: ONAP Homing and Allocation Service - Data Component
name: oof-has-data
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: oof-templates
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../../../oof-templates'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
global:
image:
- optf_has: onap/optf-has:2.2.1
+ optf_has: onap/optf-has:2.3.0
#################################################################
# secrets metaconfig
apiVersion: v2
description: ONAP Homing and Allocation Sevice - Reservation Component
name: oof-has-reservation
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: oof-templates
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../../../oof-templates'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
global:
image:
- optf_has: onap/optf-has:2.2.1
+ optf_has: onap/optf-has:2.3.0
#################################################################
# secrets metaconfig
apiVersion: v2
description: ONAP Homing and Allocation Service - Solver Component
name: oof-has-solver
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: oof-templates
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../../../oof-templates'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
global:
image:
- optf_has: onap/optf-has:2.2.1
+ optf_has: onap/optf-has:2.3.0
#################################################################
# secrets metaconfig
#password =
get_ta_list_url = "/api/v1/execute/ran-coverage-area/get_ta_list"
+
+[dcae]
+
+#
+# From conductor
+#
+#
+# Data Store table prefix. (string value)
+#table_prefix = dcae
+
+# Base URL for DCAE, up to and not including the version, and without a
+# trailing slash. (string value)
+server_url = https://{{.Values.config.dcae.service}}.{{ include "common.namespace" . }}:{{.Values.config.dcae.port}}
+
+# Timeout for DCAE Rest Call (string value)
+#dcae_rest_timeout = 30
+
+# Number of retry for DCAE Rest Call (string value)
+#dcae_retries = 3
+
+# The version of A&AI in v# format. (string value)
+server_url_version = v1
+
+# SSL/TLS certificate file in pem format. This certificate must be registered
+# with the SDC endpoint. (string value)
+#certificate_file = certificate.pem
+certificate_file =
+
+# Private Certificate Key file in pem format. (string value)
+#certificate_key_file = certificate_key.pem
+certificate_key_file =
+
+# Certificate Authority Bundle file in pem format. Must contain the appropriate
+# trust chain for the Certificate file. (string value)
+#certificate_authority_bundle_file = certificate_authority_bundle.pem
+certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer
+
+# Username for DCAE. (string value)
+#username =
+
+# Password for DCAE. (string value)
+#password =
+
+get_slice_config_url = "/api/v1/slices-config"
\ No newline at end of file
global:
commonConfigPrefix: onap-oof-has
image:
- optf_has: onap/optf-has:2.2.1
+ optf_has: onap/optf-has:2.3.0
persistence:
enabled: true
cps:
service: cps-tbdmt
port: 8080
+ dcae:
+ service: dcae-slice-analysis-ms
+ port: 8080
etcd:
serviceName: &etcd-service oof-has-etcd
port: 2379
apiVersion: v2
description: ONAP OOF helm templates
name: oof-templates
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'AN') > service-instance*('service-role','nsi')"
- "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'AN_NF') > service-instance*('workload-context','AN')"
- "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'TN_MH') > service-instance*('workload-context','AN')"
+ - "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'TN_FH') > service-instance*('workload-context','AN')"
- "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'AN_NF') > service-instance*('workload-context','AN')"
apiVersion: v2
description: ONAP platform components
name: platform
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: oom-cert-service
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/oom-cert-service'
- name: cmpv2-cert-provider
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/cmpv2-cert-provider'
- name: chartmuseum
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/chartmuseum'
apiVersion: v2
description: ONAP Chart Museum
name: chartmuseum
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP CMPv2 certificate external provider for cert-manager
name: cmpv2-cert-provider
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
metadata:
labels:
control-plane: controller-manager
+ {{- if (include "common.onServiceMesh" . | nindent 6 ) }}
+ annotations:
+ {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }}
+ linkerd.io/inject: disabled
+ {{- end }}
+ {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }}
+ traffic.sidecar.istio.io/excludeInboundPorts: "8080,8443"
+ traffic.sidecar.istio.io/includeInboundPorts: '*'
+ {{- end }}
+ {{- end }}
spec:
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
apiVersion: v2
description: ONAP Cert Service
name: oom-cert-service
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certManagerCertificate
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: cmpv2Config
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
selector: {{- include "common.selectors" . | nindent 4 }}
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+ {{- if (include "common.onServiceMesh" . ) }}
+ annotations:
+ {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }}
+ linkerd.io/inject: disabled
+ {{- end }}
+ {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }}
+ traffic.sidecar.istio.io/excludeInboundPorts: "8080,8443"
+ traffic.sidecar.istio.io/includeInboundPorts: '*'
+ {{- end }}
+ {{- end }}
spec:
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
apiVersion: v2
description: ONAP Policy
name: policy
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: mariadb-galera
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: policy-nexus
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/policy-nexus'
condition: policy-nexus.enabled
- name: policy-api
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/policy-api'
condition: policy-api.enabled
- name: policy-pap
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/policy-pap'
condition: policy-pap.enabled
- name: policy-xacml-pdp
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/policy-xacml-pdp'
condition: policy-xacml-pdp.enabled
- name: policy-apex-pdp
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/policy-apex-pdp'
condition: policy-apex-pdp.enabled
- name: policy-drools-pdp
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/policy-drools-pdp'
condition: policy-drools-pdp.enabled
- name: policy-distribution
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/policy-distribution'
condition: policy-distribution.enabled
- name: policy-clamp-be
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/policy-clamp-be'
condition: policy-clamp-be.enabled
- name: policy-clamp-ac-k8s-ppnt
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/policy-clamp-ac-k8s-ppnt'
condition: policy-clamp-ac-k8s-ppnt.enabled
- name: policy-clamp-ac-http-ppnt
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/policy-clamp-ac-http-ppnt'
condition: policy-clamp-ac-http-ppnt.enabled
- name: policy-clamp-ac-pf-ppnt
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/policy-clamp-ac-pf-ppnt'
condition: policy-clamp-ac-pf-ppnt.enabled
- name: policy-clamp-runtime-acm
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/policy-clamp-runtime-acm'
condition: policy-clamp-runtime-acm.enabled
- name: policy-gui
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/policy-gui'
condition: policy-gui.enabled
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
+ - name: readinessCheck
+ version: ~11.x-0
+ repository: '@local'
+ - name: postgres
+ version: ~11.x-0
+ repository: '@local'
+ condition: global.postgres.localCluster
apiVersion: v2
description: ONAP Policy APEX PDP
name: policy-apex-pdp
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# ============LICENSE_END=========================================================
*/}}
-{{- if .Values.prometheus.enabled }}
+{{- if .Values.global.prometheusEnabled }}
{{ include "common.serviceMonitor" . }}
-{{- end }}
\ No newline at end of file
+{{- end }}
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-apex-pdp:2.7.1
+image: onap/policy-apex-pdp:2.7.3
pullPolicy: Always
# flag to enable debugging - application support required
roles:
- read
-prometheus:
- enabled: true
-
metrics:
serviceMonitor:
# Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
apiVersion: v2
description: ONAP Policy Design API
name: policy-api
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
driverClassName: org.mariadb.jdbc.Driver
username: "${SQL_USER}"
password: "${SQL_PASSWORD}"
+ hikari:
+ maximumPoolSize: 20
jpa:
properties:
hibernate:
# ============LICENSE_END=========================================================
*/}}
-{{- if .Values.prometheus.enabled }}
+{{- if .Values.global.prometheusEnabled }}
{{ include "common.serviceMonitor" . }}
-{{- end }}
\ No newline at end of file
+{{- end }}
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-api:2.6.1
+image: onap/policy-api:2.6.3
pullPolicy: Always
# flag to enable debugging - application support required
roles:
- read
-prometheus:
- enabled: true
-
metrics:
serviceMonitor:
# Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
apiVersion: v2
description: ONAP Policy Clamp Controlloop Http Participant
name: policy-clamp-ac-http-ppnt
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
user:
name: ${RESTSERVER_USER}
password: ${RESTSERVER_PASSWORD}
+{{- if .Values.config.useStrimziKafka }}
+ kafka:
+ bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+ security.protocol: SASL_PLAINTEXT
+ properties.sasl:
+ mechanism: SCRAM-SHA-512
+ jaas.config: ${JAASLOGIN}
+{{ else }}
+{{ toYaml .Values.config.eventPublisher | nindent 2 }}
+{{- end }}
+
+{{- if .Values.config.additional }}
+{{ toYaml .Values.config.additional | nindent 2 }}
+{{- end }}
security:
enable-csrf: false
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }}
- name: RESTSERVER_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }}
+{{- if .Values.config.useStrimziKafka }}
+ - name: JAASLOGIN
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }}
+{{- end }}
volumeMounts:
- mountPath: /config-input
name: ac-http-ppnt-config
externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
password: '{{ .Values.certStores.trustStorePassword }}'
passwordPolicy: required
+ - uid: policy-kafka-user
+ externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+ type: genericKV
+ envs:
+ - name: sasl.jaas.config
+ value: '{{ .Values.config.someConfig }}'
+ policy: generate
certStores:
keyStorePassword: Pol1cy_0nap
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-http-ppnt:6.2.1
+image: onap/policy-clamp-ac-http-ppnt:6.2.3
pullPolicy: Always
# application configuration
nameOverride: policy-clamp-ac-http-ppnt
roles:
- read
+
+config:
+# Event consumption (kafka) properties
+ useStrimziKafka: true
+ kafkaBootstrap: strimzi-kafka-bootstrap
+ kafka:
+ consumer:
+ groupId: policy-group
+ app:
+ listener:
+ acRuntimeTopic: policy-acruntime-participant
+# If targeting a custom kafka cluster, ie useStrimziKakfa: false
+# uncomment below config and target your kafka bootstrap servers,
+# along with any other security config.
+#
+# eventConsumption:
+# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092
+# spring.kafka.security.protocol: PLAINTEXT
+# spring.kafka.consumer.group-id: policy-group
+#
+# Any new property can be added in the env by setting in overrides in the format mentioned below
+# All the added properties must be in "key: value" format instead of yaml.
+# additional:
+# spring.config.max-size: 200
+# spring.config.min-size: 10
+
apiVersion: v2
description: ONAP Policy Clamp Controlloop K8s Participant
name: policy-clamp-ac-k8s-ppnt
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
user:
name: ${RESTSERVER_USER}
password: ${RESTSERVER_PASSWORD}
+{{- if .Values.config.useStrimziKafka }}
+ kafka:
+ bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+ security.protocol: SASL_PLAINTEXT
+ properties.sasl:
+ mechanism: SCRAM-SHA-512
+ jaas.config: ${JAASLOGIN}
+{{ else }}
+{{ toYaml .Values.config.eventPublisher | nindent 2 }}
+{{- end }}
+
+{{- if .Values.config.additional }}
+{{ toYaml .Values.config.additional | nindent 2 }}
+{{- end }}
security:
enable-csrf: false
api:
enabled: false
-# Sample Permitted list of helm repositories. Before deployment update the repositories where the helm charts are located.
-# The Kubernetes participant accept only HTTPS Address
-helm:
- repos:
- -
- repoName: bitnami
- address: https://charts.bitnami.com/bitnami
+# Permitted list of helm repositories. Values are updated from values.yaml
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/*.{xml,yaml}").AsConfig . | indent 2 }}
+{{- if .Values.repoList }}
+{{ tpl (.Files.Glob "resources/config/KubernetesParticipantParameters.yaml").AsConfig . | indent 2 }}
+{{ toYaml .Values.repoList | indent 4 }}
+{{ tpl (.Files.Glob "resources/config/*.{json,xml,sh}").AsConfig . | indent 2 }}
+{{- end }}
\ No newline at end of file
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }}
- name: RESTSERVER_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }}
+{{- if .Values.config.useStrimziKafka }}
+ - name: JAASLOGIN
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }}
+{{- end }}
volumeMounts:
- mountPath: /config-input
name: ac-k8s-ppnt-config
# ============LICENSE_END=========================================================
*/}}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: policy-clamp-cl-k8s-ppnt
- namespace: {{ include "common.namespace" . }}
----
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
- name: {{ include "common.namespace" . }}-policy-clamp-cl-k8s-ppnt-binding
+ name: {{ include "common.namespace" . }}-policy-clamp-ac-k8s-ppnt-binding
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
name: cluster-admin
subjects:
- kind: ServiceAccount
- name: policy-clamp-cl-k8s-ppnt
+ name: {{ include "common.fullname" (dict "suffix" "create" "dot" . )}}
namespace: {{ include "common.namespace" . }}
externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
password: '{{ .Values.certStores.trustStorePassword }}'
passwordPolicy: required
+ - uid: policy-kafka-user
+ externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+ type: genericKV
+ envs:
+ - name: sasl.jaas.config
+ value: '{{ .Values.config.someConfig }}'
+ policy: generate
certStores:
keyStorePassword: Pol1cy_0nap
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-k8s-ppnt:6.2.1
+image: onap/policy-clamp-ac-k8s-ppnt:6.2.3
pullPolicy: Always
# flag to enable debugging - application support required
nameOverride: policy-clamp-ac-k8s-ppnt
roles:
- create
+# Update the config here for permitting repositories and protocols
+repoList:
+ helm:
+ repos:
+ -
+ repoName: kong
+ address: https://charts.konghq.com
+ -
+ repoName: bitnami
+ address: https://charts.bitnami.com/bitnami
+
+ protocols:
+ - http
+ - https
+
+config:
+# Event consumption (kafka) properties
+ useStrimziKafka: true
+ kafkaBootstrap: strimzi-kafka-bootstrap
+ kafka:
+ consumer:
+ groupId: policy-group
+ app:
+ listener:
+ acRuntimeTopic: policy-acruntime-participant
+# If targeting a custom kafka cluster, ie useStrimziKakfa: false
+# uncomment below config and target your kafka bootstrap servers,
+# along with any other security config.
+#
+# eventConsumption:
+# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092
+# spring.kafka.security.protocol: PLAINTEXT
+# spring.kafka.consumer.group-id: policy-group
+#
+# Any new property can be added in the env by setting in overrides in the format mentioned below
+# All the added properties must be in "key: value" format instead of yaml.
+# additional:
+# spring.config.max-size: 200
+# spring.config.min-size: 10
apiVersion: v2
description: ONAP Policy Clamp Controlloop Policy Participant
name: policy-clamp-ac-pf-ppnt
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
user:
name: ${RESTSERVER_USER}
password: ${RESTSERVER_PASSWORD}
+{{- if .Values.config.useStrimziKafka }}
+ kafka:
+ bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+ security.protocol: SASL_PLAINTEXT
+ properties.sasl:
+ mechanism: SCRAM-SHA-512
+ jaas.config: ${JAASLOGIN}
+{{ else }}
+{{ toYaml .Values.config.eventPublisher | nindent 2 }}
+{{- end }}
+
+{{- if .Values.config.additional }}
+{{ toYaml .Values.config.additional | nindent 2 }}
+{{- end }}
security:
enable-csrf: false
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }}
- name: RESTSERVER_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }}
+{{- if .Values.config.useStrimziKafka }}
+ - name: JAASLOGIN
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }}
+{{- end }}
volumeMounts:
- mountPath: /config-input
name: ac-pf-ppnt-config
externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
password: '{{ .Values.certStores.trustStorePassword }}'
passwordPolicy: required
+ - uid: policy-kafka-user
+ externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+ type: genericKV
+ envs:
+ - name: sasl.jaas.config
+ value: '{{ .Values.config.someConfig }}'
+ policy: generate
certStores:
keyStorePassword: Pol1cy_0nap
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-pf-ppnt:6.2.1
+image: onap/policy-clamp-ac-pf-ppnt:6.2.3
pullPolicy: Always
# flag to enable debugging - application support required
nameOverride: policy-clamp-ac-pf-ppnt
roles:
- read
+
+config:
+# Event consumption (kafka) properties
+ useStrimziKafka: true
+ kafkaBootstrap: strimzi-kafka-bootstrap
+ kafka:
+ consumer:
+ groupId: policy-group
+ app:
+ listener:
+ acRuntimeTopic: policy-acruntime-participant
+# If targeting a custom kafka cluster, ie useStrimziKakfa: false
+# uncomment below config and target your kafka bootstrap servers,
+# along with any other security config.
+#
+# eventConsumption:
+# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092
+# spring.kafka.security.protocol: PLAINTEXT
+# spring.kafka.consumer.group-id: policy-group
+#
+# Any new property can be added in the env by setting in overrides in the format mentioned below
+# All the added properties must be in "key: value" format instead of yaml.
+# additional:
+# spring.config.max-size: 200
+# spring.config.min-size: 10
apiVersion: v2
description: ONAP Policy Clamp Backend
name: policy-clamp-be
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
flavor: small
# application image
-image: onap/policy-clamp-backend:6.2.1
+image: onap/policy-clamp-backend:6.2.3
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v2
description: ONAP Policy Clamp Controlloop Runtime
name: policy-clamp-runtime-acm
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
hibernate:
dialect: org.hibernate.dialect.MariaDB103Dialect
format_sql: true
+{{- if .Values.config.useStrimziKafka }}
+ kafka:
+ bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+ security.protocol: SASL_PLAINTEXT
+ properties.sasl:
+ mechanism: SCRAM-SHA-512
+ jaas.config: ${JAASLOGIN}
+{{ else }}
+{{ toYaml .Values.config.eventPublisher | nindent 2 }}
+{{- end }}
+
+{{- if .Values.config.additional }}
+{{ toYaml .Values.config.additional | nindent 2 }}
+{{- end }}
security:
enable-csrf: false
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "runtime-secret" "key" "login") | indent 10 }}
- name: RUNTIME_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "runtime-secret" "key" "password") | indent 10 }}
+{{- if .Values.config.useStrimziKafka }}
+ - name: JAASLOGIN
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }}
+{{- end }}
volumeMounts:
- mountPath: /config-input
name: ac-runtime-config
login: '{{ .Values.config.policyAppUserName }}'
password: '{{ .Values.config.policyAppUserPassword }}'
passwordPolicy: required
+ - uid: policy-kafka-user
+ externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+ type: genericKV
+ envs:
+ - name: sasl.jaas.config
+ value: '{{ .Values.config.someConfig }}'
+ policy: generate
certStores:
keyStorePassword: Pol1cy_0nap
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-runtime-acm:6.2.1
+image: onap/policy-clamp-runtime-acm:6.2.3
pullPolicy: Always
# flag to enable debugging - application support required
policyAppUserName: runtimeUser
policyAppUserPassword: none
+# Event consumption (kafka) properties
+ useStrimziKafka: true
+ kafkaBootstrap: strimzi-kafka-bootstrap
+ kafka:
+ consumer:
+ groupId: policy-group
+ app:
+ listener:
+ acRuntimeTopic: policy.policy-acruntime-participant
+# If targeting a custom kafka cluster, ie useStrimziKakfa: false
+# uncomment below config and target your kafka bootstrap servers,
+# along with any other security config.
+#
+# eventConsumption:
+# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092
+# spring.kafka.security.protocol: PLAINTEXT
+# spring.kafka.consumer.group-id: policy-group
+#
+# Any new property can be added in the env by setting in overrides in the format mentioned below
+# All the added properties must be in "key: value" format instead of yaml.
+# additional:
+# spring.config.max-size: 200
+# spring.config.min-size: 10
+
db:
user: policy_user
password: policy_user
apiVersion: v2
description: ONAP Policy Distribution
name: policy-distribution
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# ============LICENSE_END=========================================================
*/}}
-{{- if .Values.prometheus.enabled }}
+{{- if .Values.global.prometheusEnabled }}
{{ include "common.serviceMonitor" . }}
-{{- end }}
\ No newline at end of file
+{{- end }}
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-distribution:2.7.1
+image: onap/policy-distribution:2.7.3
pullPolicy: Always
# flag to enable debugging - application support required
roles:
- read
-prometheus:
- enabled: true
-
metrics:
serviceMonitor:
# Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
apiVersion: v2
description: ONAP Drools Policy Engine (PDP-D)
name: policy-drools-pdp
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# ============LICENSE_END=========================================================
*/}}
-{{- if .Values.prometheus.enabled }}
+{{- if .Values.global.prometheusEnabled }}
{{ include "common.serviceMonitor" . }}
{{- end }}
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-pdpd-cl:1.10.2
+image: onap/policy-pdpd-cl:1.10.3
pullPolicy: Always
# flag to enable debugging - application support required
roles:
- read
-prometheus:
- enabled: true
-
metrics:
serviceMonitor:
# Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
apiVersion: v2
description: ONAP Policy GUI
name: policy-gui
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
+++ /dev/null
-server {
-
- listen 2443 default ssl;
- ssl_protocols TLSv1.2;
- {{ if .Values.global.aafEnabled }}
- ssl_certificate {{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.clamp_pem}};
- ssl_certificate_key {{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.clamp_key}};
- {{ else }}
- ssl_certificate /etc/ssl/clamp.pem;
- ssl_certificate_key /etc/ssl/clamp.key;
- {{ end }}
-
- ssl_verify_client optional_no_ca;
- absolute_redirect off;
-
- location / {
- root /usr/share/nginx/html;
- index index.html index.htm;
- try_files $uri $uri/ =404;
- }
-
- location /clamp/restservices/clds/ {
- proxy_pass https://policy-clamp-be:8443/restservices/clds/;
- proxy_set_header X-SSL-Cert $ssl_client_escaped_cert;
- }
-
- location = /50x.html {
- root /var/lib/nginx/html;
- }
- error_page 500 502 503 504 /50x.html;
- error_log /var/log/nginx/error.log warn;
-}
{{/*
# ============LICENSE_START=======================================================
-# Copyright (C) 2021 Nordix Foundation.
+# Copyright (C) 2021-2022 Nordix Foundation.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+{{- if .Values.global.aafEnabled }}
+ command: ["sh","-c"]
+ args: ["source {{ .Values.certInitializer.credsPath }}/.ci;/opt/app/policy/gui/bin/policy-gui.sh"]
+ env:
+{{- else }}
+ command: ["/opt/app/policy/gui/bin/policy-gui.sh"]
+ env:
+ - name: KEYSTORE_PASSWD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
+ - name: TRUSTSTORE_PASSWD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }}
+{{- end }}
+ - name: CLAMP_URL
+ value: https://policy-clamp-be:8443
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- name: logs
mountPath: {{ .Values.log.path }}
- - mountPath: /etc/nginx/conf.d/default.conf
- name: {{ include "common.fullname" . }}-config
- subPath: default.conf
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
- name: {{ include "common.fullname" . }}-config
configMap:
name: {{ include "common.fullname" . }}
- items:
- - key: default.conf
- path: default.conf
- name: logs
emptyDir: {}
{{ if .Values.global.centralizedLoggingEnabled }}{{ include "common.log.volumes" . | nindent 8 }}{{ end }}
# ============LICENSE_START=======================================================
-# Copyright (C) 2021 Nordix Foundation.
+# Copyright (C) 2021-2022 Nordix Foundation.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
#AAF service
aafEnabled: true
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: keystore-password
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
+ password: '{{ .Values.certStores.keyStorePassword }}'
+ passwordPolicy: required
+ - uid: truststore-password
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
+ password: '{{ .Values.certStores.trustStorePassword }}'
+ passwordPolicy: required
+
+certStores:
+ keyStorePassword: Pol1cy_0nap
+ trustStorePassword: Pol1cy_0nap
+
#################################################################
# AAF part
#################################################################
certInitializer:
- permission_user: 1000
- permission_group: 999
- addconfig: true
- keystoreFile: "org.onap.clamp.p12"
- truststoreFile: "org.onap.clamp.trust.jks"
- keyFile: "org.onap.clamp.keyfile"
- truststoreFileONAP: "truststoreONAPall.jks"
- clamp_key: "clamp.key"
- clamp_pem: "clamp.pem"
- clamp_ca_certs_pem: "clamp-ca-certs.pem"
nameOverride: policy-gui-cert-initializer
aafDeployFqi: deployer@people.osaaf.org
aafDeployPass: demo123456!
- # aafDeployCredsExternalSecret: some secret
- fqdn: clamp
- fqi: clamp@clamp.onap.org
- public_fqdn: clamp.onap.org
- cadi_longitude: "0.0"
+ fqdn: policy
+ fqi: policy@policy.onap.org
+ public_fqdn: policy.onap.org
cadi_latitude: "0.0"
- app_ns: org.osaaf.aaf
+ cadi_longitude: "0.0"
credsPath: /opt/app/osaaf/local
+ app_ns: org.osaaf.aaf
+ uid: 100
+ gid: 101
aaf_add_config: >
- cd {{ .Values.credsPath }};
- openssl pkcs12 -in {{ .Values.keystoreFile }} -nocerts -nodes -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_key }};
- openssl pkcs12 -in {{ .Values.keystoreFile }} -clcerts -nokeys -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_pem }};
- openssl pkcs12 -in {{ .Values.keystoreFile }} -cacerts -nokeys -chain -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_ca_certs_pem }};
- chmod a+rx *;
+ echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci;
+ echo "export TRUSTSTORE='{{ .Values.credsPath }}/org.onap.policy.trust.jks'" >> {{ .Values.credsPath }}/.ci;
+ echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
+ echo "export TRUSTSTORE_PASSWD='${cadi_truststore_password}'" >> {{ .Values.credsPath }}/.ci;
+ chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
subChartsOnly:
enabled: true
flavor: small
# application image
-image: onap/policy-gui:2.2.0
+image: onap/policy-gui:2.2.3
pullPolicy: Always
# flag to enable debugging - application support required
# log configuration
log:
- path: /var/log/nginx/
+ path: /var/log/onap/policy/gui
#################################################################
# Application configuration defaults.
apiVersion: v2
description: ONAP Policy Nexus
name: policy-nexus
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP Policy Administration (PAP)
name: policy-pap
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
driverClassName: org.mariadb.jdbc.Driver
username: "${SQL_USER}"
password: "${SQL_PASSWORD}"
+ hikari:
+ maximumPoolSize: 20
jpa:
properties:
hibernate:
naming:
physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
implicit-strategy: org.onap.policy.common.spring.utils.CustomImplicitNamingStrategy
+{{- if .Values.config.useStrimziKafka }}
+ kafka:
+ bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092
+ security.protocol: SASL_PLAINTEXT
+ properties.sasl:
+ mechanism: SCRAM-SHA-512
+ jaas.config: ${JAASLOGIN}
+{{ else }}
+{{ toYaml .Values.config.eventPublisher | nindent 2 }}
+{{- end }}
+
+{{- if .Values.config.additional }}
+{{ toYaml .Values.config.additional | nindent 2 }}
+{{- end }}
server:
port: 6969
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "distribution-secret" "key" "login") | indent 10 }}
- name: DISTRIBUTION_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "distribution-secret" "key" "password") | indent 10 }}
+{{- if .Values.config.useStrimziKafka }}
+ - name: JAASLOGIN
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }}
+{{- end }}
volumeMounts:
- mountPath: /config-input
name: papconfig
# ============LICENSE_END=========================================================
*/}}
-{{- if .Values.prometheus.enabled }}
+{{- if .Values.global.prometheusEnabled }}
{{ include "common.serviceMonitor" . }}
-{{- end }}
\ No newline at end of file
+{{- end }}
externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
password: '{{ .Values.certStores.trustStorePassword }}'
passwordPolicy: required
+ - uid: policy-kafka-user
+ externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+ type: genericKV
+ envs:
+ - name: sasl.jaas.config
+ value: '{{ .Values.config.someConfig }}'
+ policy: generate
certStores:
keyStorePassword: Pol1cy_0nap
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-pap:2.6.1
+image: onap/policy-pap:2.6.3
pullPolicy: Always
# flag to enable debugging - application support required
roles:
- read
-prometheus:
- enabled: true
-
metrics:
serviceMonitor:
# Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
externalSecretNameSuffix: policy-pap-user-creds
externalSecretUserKey: login
externalSecretPasswordKey: password
+
+# application configuration
+config:
+# Event consumption (kafka) properties
+ useStrimziKafka: true
+ kafkaBootstrap: strimzi-kafka-bootstrap
+ kafka:
+ consumer:
+ groupId: poicy-group
+ app:
+ listener:
+ policyPdpPapTopic: policy-pdp-pap
+# If targeting a custom kafka cluster, ie useStrimziKakfa: false
+# uncomment below config and target your kafka bootstrap servers,
+# along with any other security config.
+#
+# eventConsumption:
+# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092
+# spring.kafka.security.protocol: PLAINTEXT
+# spring.kafka.consumer.group-id: policy-group
+#
+# Any new property can be added in the env by setting in overrides in the format mentioned below
+# All the added properties must be in "key: value" format instead of yaml.
apiVersion: v2
description: ONAP Policy XACML PDP (PDP-X)
name: policy-xacml-pdp
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# ============LICENSE_END=========================================================
*/}}
-{{- if .Values.prometheus.enabled }}
+{{- if .Values.global.prometheusEnabled }}
{{ include "common.serviceMonitor" . }}
-{{- end }}
\ No newline at end of file
+{{- end }}
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-xacml-pdp:2.6.2
+image: onap/policy-xacml-pdp:2.6.3
pullPolicy: Always
# flag to enable debugging - application support required
roles:
- read
-prometheus:
- enabled: true
-
metrics:
serviceMonitor:
# Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
--- /dev/null
+#!/bin/sh
+#
+# ============LICENSE_START=======================================================
+# Copyright (C) 2021-2022 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+#
+
+#psql() { /usr/bin/psql -h ${PG_HOST} -p ${PG_PORT} "$@"; };
+
+export PGPASSWORD=${PG_ADMIN_PASSWORD};
+
+psql -h ${PG_HOST} -p ${PG_PORT} -U postgres --command "CREATE USER ${PG_USER} WITH PASSWORD '${PG_USER_PASSWORD}'"
+
+for db in migration pooling policyadmin policyclamp operationshistory clampacm
+do
+ psql -h ${PG_HOST} -p ${PG_PORT} -U postgres --command "CREATE DATABASE ${db};"
+ psql -h ${PG_HOST} -p ${PG_PORT} -U postgres --command "GRANT ALL PRIVILEGES ON DATABASE ${db} TO ${PG_USER};"
+done
+#!/bin/sh
{{/*
-# Copyright © 2020 AT&T
+# Copyright (C) 2022 Nordix Foundation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-
-{{ include "common.secretFast" . }}
+/opt/app/policy/bin/prepare_upgrade.sh ${SQL_DB}
+/opt/app/policy/bin/db-migrator-pg -s ${SQL_DB} -o upgrade
+rc=$?
+/opt/app/policy/bin/db-migrator-pg -s ${SQL_DB} -o report
+exit $rc
{{/*
# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018, 2020 AT&T Intellectual Property
-# Modifications Copyright (C) 2021 Nordix Foundation.
+# Modifications Copyright (C) 2021-2022 Nordix Foundation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
{{/*
# Copyright © 2018 Amdocs, Bell Canada
# Modifications Copyright © 2020 AT&T Intellectual Property
-# Modifications Copyright (C) 2021 Nordix Foundation.
+# Modifications Copyright (C) 2022 Nordix Foundation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
spec:
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
- initContainers:
+ initContainers: {{ if .Values.global.postgres.localCluster }}{{ include "common.readinessCheck.waitFor" . | nindent 6 }}{{ end }}
#This container checks that all galera instances are up before initializing it.
- - name: {{ include "common.name" . }}-readiness
+ - name: {{ include "common.name" . }}-mariadb-readiness
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command:
value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}"
resources:
{{ include "common.resources" . }}
+ {{ if .Values.global.postgres.localCluster }}
+ - name: {{ include "common.release" . }}-policy-pg-config
+ image: {{ .Values.repository }}/{{ .Values.postgresImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /docker-entrypoint-initdb.d/db-pg.sh
+ name: {{ include "common.fullname" . }}-config
+ subPath: db-pg.sh
+ command:
+ - /bin/sh
+ args:
+ - -x
+ - /docker-entrypoint-initdb.d/db-pg.sh
+ env:
+ - name: PG_ADMIN_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-root-pass" "key" "password") | indent 12 }}
+ - name: PG_HOST
+ value: "{{ .Values.postgres.service.name2 }}"
+ - name: PG_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "login") | indent 12 }}
+ - name: PG_USER_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 12 }}
+ - name: PG_PORT
+ value: "{{ .Values.postgres.service.internalPort }}"
+ resources:
+{{ include "common.resources" . }}
+ {{ end }}
containers:
- name: {{ include "common.release" . }}-policy-galera-db-migrator
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.dbmigrator.image }}
value: {{ .Values.dbmigrator.schema }}
- name: POLICY_HOME
value: {{ .Values.dbmigrator.policy_home }}
+ - name: SCRIPT_DIRECTORY
+ value: "sql"
resources:
{{ include "common.resources" . }}
+ {{ if .Values.global.postgres.localCluster }}
+ - name: {{ include "common.release" . }}-policy-pg-db-migrator
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.dbmigrator.image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /dbcmd-config/db_migrator_pg_policy_init.sh
+ name: {{ include "common.fullname" . }}-config
+ subPath: db_migrator_pg_policy_init.sh
+ command:
+ - /bin/sh
+ args:
+ - -x
+ - /dbcmd-config/db_migrator_pg_policy_init.sh
+ env:
+ - name: SQL_HOST
+ value: "{{ .Values.postgres.service.name2 }}"
+ - name: SQL_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "login") | indent 10 }}
+ - name: SQL_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 10 }}
+ - name: SQL_DB
+ value: {{ .Values.dbmigrator.schema }}
+ - name: POLICY_HOME
+ value: {{ .Values.dbmigrator.policy_home }}
+ - name: SCRIPT_DIRECTORY
+ value: "postgres"
+ - name: PGPASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 10 }}
+ resources:
+{{ include "common.resources" . }}
+ {{ end }}
restartPolicy: Never
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
path: db.sh
- key: db_migrator_policy_init.sh
path: db_migrator_policy_init.sh
+ - key: db-pg.sh
+ path: db-pg.sh
+ - key: db_migrator_pg_policy_init.sh
+ path: db_migrator_pg_policy_init.sh
+
--- /dev/null
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{- if .Values.config.useStrimziKafka }}
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: {{ .Values.config.acRuntimeTopic.name }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ partitions: {{ .Values.config.acRuntimeTopic.partitions }}
+ config:
+ retention.ms: {{ .Values.config.acRuntimeTopic.retentionMs }}
+ segment.bytes: {{ .Values.config.acRuntimeTopic.segmentBytes }}
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: {{ .Values.config.policyPdpPapTopic.name }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ partitions: {{ .Values.config.policyPdpPapTopic.partitions }}
+ config:
+ retention.ms: {{ .Values.config.policyPdpPapTopic.retentionMs }}
+ segment.bytes: {{ .Values.config.policyPdpPapTopic.segmentBytes }}
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: {{ .Values.config.policyHeartbeatTopic.name }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ partitions: {{ .Values.config.policyHeartbeatTopic.partitions }}
+ config:
+ retention.ms: {{ .Values.config.policyHeartbeatTopic.retentionMs }}
+ segment.bytes: {{ .Values.config.policyHeartbeatTopic.segmentBytes }}
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: {{ .Values.config.policyNotificationTopic.name }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ partitions: {{ .Values.config.policyNotificationTopic.partitions }}
+ config:
+ retention.ms: {{ .Values.config.policyNotificationTopic.retentionMs }}
+ segment.bytes: {{ .Values.config.policyNotificationTopic.segmentBytes }}
+{{- end }}
--- /dev/null
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{- if .Values.config.useStrimziKafka }}
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaUser
+metadata:
+ name: {{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ authentication:
+ type: scram-sha-512
+ authorization:
+ type: simple
+ acls:
+ - resource:
+ type: group
+ name: {{ .Values.config.acRuntimeTopic.consumer.groupId }}
+ operation: Read
+ - resource:
+ type: topic
+ name: {{ .Values.config.acRuntimeTopic.name }}
+ operation: Read
+ - resource:
+ type: topic
+ name: {{ .Values.config.acRuntimeTopic.name }}
+ operation: Write
+{{- end }}
service: &mariadbService
name: &policy-mariadb policy-mariadb
internalPort: 3306
+ prometheusEnabled: false
+ postgres:
+ localCluster: false
+ service:
+ name: pgset
+ name2: tcp-pgset-primary
+ name3: tcp-pgset-replica
+ container:
+ name: postgres
+ kafkaBootstrap: strimzi-kafka-bootstrap
+ policyKafkaUser: policy-kafka-user
#################################################################
# Secrets metaconfig
login: '{{ .Values.restServer.policyApiUserName }}'
password: '{{ .Values.restServer.policyApiUserPassword }}'
passwordPolicy: required
+ - uid: pg-root-pass
+ name: &pgRootPassSecretName '{{ include "common.release" . }}-policy-pg-root-pass'
+ type: password
+ externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "policy-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}'
+ password: '{{ .Values.postgres.config.pgRootpassword }}'
+ policy: generate
+ - uid: pg-user-creds
+ name: &pgUserCredsSecretName '{{ include "common.release" . }}-policy-pg-user-creds'
+ type: basicAuth
+ externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "policy-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}'
+ login: '{{ .Values.postgres.config.pgUserName }}'
+ password: '{{ .Values.postgres.config.pgUserPassword }}'
+ passwordPolicy: generate
db: &dbSecretsHook
credsExternalSecret: *dbSecretName
db: *dbSecretsHook
restServer:
apiUserExternalSecret: *policyApiCredsSecret
+ config:
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
policy-pap:
enabled: true
db: *dbSecretsHook
restServer:
papUserExternalSecret: *policyPapCredsSecret
apiUserExternalSecret: *policyApiCredsSecret
+ config:
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
policy-xacml-pdp:
enabled: true
db: *dbSecretsHook
+ config:
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
policy-apex-pdp:
enabled: true
db: *dbSecretsHook
+ config:
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
policy-drools-pdp:
enabled: true
db: *dbSecretsHook
+ config:
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
policy-distribution:
enabled: true
db: *dbSecretsHook
+ config:
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
policy-clamp-be:
enabled: true
db: *dbSecretsHook
config:
appUserExternalSecret: *policyAppCredsSecret
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
policy-clamp-ac-k8s-ppnt:
enabled: true
+ config:
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
policy-clamp-ac-pf-ppnt:
enabled: true
restServer:
apiUserExternalSecret: *policyApiCredsSecret
papUserExternalSecret: *policyPapCredsSecret
+ config:
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
policy-clamp-ac-http-ppnt:
enabled: true
+ config:
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
policy-nexus:
enabled: false
+ config:
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
policy-clamp-runtime-acm:
enabled: true
db: *dbSecretsHook
config:
appUserExternalSecret: *policyAppCredsSecret
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
policy-gui:
enabled: true
+ config:
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
#################################################################
# DB configuration defaults.
image: mariadb:10.5.8
dbmigrator:
- image: onap/policy-db-migrator:2.4.1
+ image: onap/policy-db-migrator:2.4.3
schema: policyadmin
policy_home: "/opt/app/policy"
config:
policyAppUserName: runtimeUser
+ useStrimziKafka: true
+ acRuntimeTopic:
+ name: policy-acruntime-participant
+ partitions: 10
+ retentionMs: 7200000
+ segmentBytes: 1073741824
+ consumer:
+ groupId: policy-group
+ policyPdpPapTopic:
+ name: policy-pdp-pap
+ partitions: 10
+ retentionMs: 7200000
+ segmentBytes: 1073741824
+ consumer:
+ groupId: policy-group
+ policyHeartbeatTopic:
+ name: policy-heartbeat
+ partitions: 10
+ retentionMs: 7200000
+ segmentBytes: 1073741824
+ consumer:
+ groupId: policy-group
+ policyNotificationTopic:
+ name: policy-notification
+ partitions: 10
+ retentionMs: 7200000
+ segmentBytes: 1073741824
+ consumer:
+ groupId: policy-group
mariadb-galera:
# mariadb-galera.config and global.mariadb.config must be equals
serviceAccount:
nameOverride: *policy-mariadb
+postgresImage: library/postgres:latest
+# application configuration override for postgres
+postgres:
+ nameOverride: &postgresName policy-postgres
+ service:
+ name: *postgresName
+ name2: policy-pg-primary
+ name3: policy-pg-replica
+ container:
+ name:
+ primary: policy-pg-primary
+ replica: policy-pg-replica
+ persistence:
+ mountSubPath: policy/postgres/data
+ mountInitPath: policy
+ config:
+ pgUserName: policy_user
+ pgDatabase: policyadmin
+ pgUserExternalSecret: *pgUserCredsSecretName
+ pgRootPasswordExternalSecret: *pgRootPassSecretName
+
+readinessCheck:
+ wait_for:
+ - '{{ ternary .Values.postgres.service.name "postgres" .Values.global.postgres.localCluster }}'
+
restServer:
policyPapUserName: policyadmin
policyPapUserPassword: zb!XztG34
apiVersion: v2
description: ONAP Web Portal
name: portal
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: portal-app
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/portal-app'
- name: portal-cassandra
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/portal-cassandra'
- name: portal-mariadb
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/portal-mariadb'
- name: portal-sdk
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/portal-sdk'
- name: portal-widget
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/portal-widget'
apiVersion: v2
description: ONAP Portal application
name: portal-app
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: Portal cassandra
name: portal-cassandra
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: MariaDB Service
name: portal-mariadb
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
#!/bin/bash
set -eo pipefail
-shopt -s nullglob
# logging functions
mysql_log() {
mysql_note "Database files initialized"
}
+if [ -z "$DATADIR" ]; then
+ DATADIR='unknown'
+fi
+if [ -z "$SOCKET" ]; then
+ SOCKET='unknown'
+fi
+if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
+ DATABASE_ALREADY_EXISTS='false'
+fi
+
# Loads various settings that are used elsewhere in the script
# This should be called after mysql_check_config, but before any other functions
docker_setup_env() {
# Get config
- declare -g DATADIR SOCKET
DATADIR="$(mysql_get_config 'datadir' "$@")"
SOCKET="$(mysql_get_config 'socket' "$@")"
file_env 'MYSQL_ROOT_PASSWORD'
file_env 'PORTAL_DB_TABLES'
- declare -g DATABASE_ALREADY_EXISTS
if [ -d "$DATADIR/mysql" ]; then
DATABASE_ALREADY_EXISTS='true'
fi
apiVersion: v2
description: Portal software development kit
name: portal-sdk
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: Portal widgets micro service application
name: portal-widget
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: A helm Chart for kubernetes-ONAP Robot
name: robot
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
done
fi
-export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l")
+export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "ls -1q /share/logs/ | wc -l")
OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_demo_$key
DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90))
if [ -n "$TAG" ]; then
VARIABLEFILES="-V /share/config/robot_properties.py"
kubectl --namespace $NAMESPACE exec ${POD} -- ${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} -i ${TAG} --display $DISPLAY_NUM 2> ${TAG}.out
-fi
\ No newline at end of file
+fi
done
fi
-export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l")
+export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "ls -1q /share/logs/ | wc -l")
OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_$2
DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90))
done
fi
-export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l")
+export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "ls -1q /share/logs/ | wc -l")
OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_helmlist
DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90))
set -x
POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot)
-export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l")
+export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "ls -1q /share/logs/ | wc -l")
TAGS="-i $TAG"
ETEHOME=/var/opt/ONAP
OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_instantiate_vnf
echo "Executing instantiation..."
if [ $POLL = 1 ]; then
- kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM > /tmp/vnf_instantiation.$BUILDNUM.log 2>&1 &"
+ kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM > /tmp/vnf_instantiation.$BUILDNUM.log 2>&1 &"
- pid=`kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "pgrep runTags.sh -n"`
+ pid=`kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "pgrep runTags.sh -n"`
if [ -z "$pid" ]; then
echo "robot testsuite unable to start"
exit 1
fi
- kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "while ps -p \"$pid\" --no-headers | grep -v defunct; do echo \$'\n\n'; echo \"Testsuite still running \"\`date\`; echo \"LOG FILE: \"; tail -10 /tmp/vnf_instantiation.$BUILDNUM.log; sleep 30; done"
+ kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "while ps -p \"$pid\" --no-headers | grep -v defunct; do echo \$'\n\n'; echo \"Testsuite still running \"\`date\`; echo \"LOG FILE: \"; tail -10 /tmp/vnf_instantiation.$BUILDNUM.log; sleep 30; done"
else
- kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM"
+ kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM"
fi
set +x
GLOBAL_DMAAP_KAFKA_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "message-router-kafka" "port" 9092) }}'
GLOBAL_DMAAP_KAFKA_JAAS_USERNAME = '{{ .Values.kafkaJaasUsername }}'
GLOBAL_DMAAP_KAFKA_JAAS_PASSWORD = '{{ .Values.kafkaJaasPassword }}'
+# strimzi kafka
+GLOBAL_KAFKA_BOOTSTRAP_SERVICE = '{{ include "common.release" . }}-strimzi-kafka-bootstrap:9092'
+GLOBAL_KAFKA_USER = '{{ .Values.strimziKafkaJaasUsername }}'
# DROOL server port and credentials
GLOBAL_DROOLS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "policy-drools-pdp" "port" 9696) }}'
GLOBAL_DROOLS_USERNAME = '{{ .Values.droolsUsername }}'
# DMAAP BC
bcUsername: "dmaap-bc@dmaap-bc.onap.org"
bcPassword: "demo123456!"
+
# DMAAP KAFKA JAAS
kafkaJaasUsername: "admin"
kafkaJaasPassword: "admin_secret"
+# STRIMZI KAFKA JAAS
+strimziKafkaJaasUsername: "strimzi-kafka-admin"
+
#OOF
oofUsername: "oof@oof.onap.org"
oofPassword: "demo123456!"
apiVersion: v2
description: Service Design and Creation Umbrella Helm charts
name: sdc
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: sdc-be
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/sdc-be'
- name: sdc-cs
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/sdc-cs'
- name: sdc-fe
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/sdc-fe'
- name: sdc-onboarding-be
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/sdc-onboarding-be'
- name: sdc-wfd-be
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/sdc-wfd-be'
condition: sdc-wfd.enabled
- name: sdc-wfd-fe
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/sdc-wfd-fe'
condition: sdc-wfd.enabled
- name: sdc-helm-validator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/sdc-helm-validator'
condition: sdcHelmValidator.enabled
apiVersion: v2
description: ONAP Service Design and Creation Backend API
name: sdc-be
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-backend-all-plugins:1.10.1
-backendInitImage: onap/sdc-backend-init:1.10.1
+image: onap/sdc-backend-all-plugins:1.11.4
+backendInitImage: onap/sdc-backend-init:1.11.4
pullPolicy: Always
apiVersion: v2
description: ONAP Service Design and Creation Cassandra
name: sdc-cs
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: cassandra
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-cassandra:1.10.1
-cassandraInitImage: onap/sdc-cassandra-init:1.10.1
+image: onap/sdc-cassandra:1.11.4
+cassandraInitImage: onap/sdc-cassandra-init:1.11.4
pullPolicy: Always
config:
apiVersion: v2
description: ONAP Service Design and Creation Front End
name: sdc-fe
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
spec:
type: {{ .Values.service.type }}
ports:
- - port: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- targetPort: {{ .Values.service.internalPort }}
- {{ if eq .Values.service.type "NodePort" -}}
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- {{ end }}
- {{ if (include "common.needTLS" .) }}
- - port: {{ .Values.service.internalPort2 }}
- targetPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName }}s
- {{ if eq .Values.service.type "NodePort" -}}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
- {{ end }}
- {{ end }}
+ name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
+ {{- else -}}
+ - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.externalPort2 .Values.service.externalPort }}
+ targetPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
+ {{- end}}
selector:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-frontend:1.10.1
+image: onap/sdc-frontend:1.11.4
pullPolicy: Always
config:
type: NodePort
name: sdc-fe
portName: http
- nodePort: "06"
internalPort: 8181
externalPort: 8181
- nodePort2: "07"
internalPort2: 9443
externalPort2: 9443
+ nodePort: "07"
+
ingress:
enabled: false
apiVersion: v2
description: ONAP Service Design and Creation Helm Validator
name: sdc-helm-validator
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP Service Design and Creation Onboarding API
name: sdc-onboarding-be
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-onboard-backend:1.10.1
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.10.1
+image: onap/sdc-onboard-backend:1.11.4
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.11.4
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v2
description: ONAP Service Design and Creation Workflow Designer backend
name: sdc-wfd-be
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-workflow-backend:1.7.0
-configInitImage: onap/sdc-workflow-init:1.7.0
+image: onap/sdc-workflow-backend:1.11.1
+configInitImage: onap/sdc-workflow-init:1.11.1
pullPolicy: Always
initJob:
apiVersion: v2
description: ONAP Service Design and Creation Workflow Designer frontend
name: sdc-wfd-fe
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-workflow-frontend:1.7.0
+image: onap/sdc-workflow-frontend:1.11.1
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v2
description: SDN Controller
name: sdnc
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certManagerCertificate
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: logConfiguration
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: network-name-gen
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: network-name-gen.enabled
- name: dgbuilder
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: dgbuilder.enabled
- name: sdnc-prom
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: config.geoEnabled
- name: mariadb-galera
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: global.mariadbGalera.localCluster
- name: elasticsearch
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: config.sdnr.enabled
# conditions for sdnc-subcharts
- name: dmaap-listener
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/dmaap-listener/'
condition: sdnc.dmaap-listener.enabled,dmaap-listener.enabled
- name: ueb-listener
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/ueb-listener/'
condition: sdnc.ueb-listener.enabled,ueb-listener.enabled
- name: sdnc-ansible-server
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/sdnc-ansible-server/'
condition: sdnc.sdnc-ansible-server.enabled,sdnc-ansible-server.enabled
- name: sdnc-web
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/sdnc-web/'
condition: sdnc.sdnc-web.enabled,sdnc-web.enabled
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: SDNC DMaaP Listener
name: dmaap-listener
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdnc-dmaap-listener-image:2.3.0
+image: onap/sdnc-dmaap-listener-image:2.3.2
pullPolicy: Always
# flag to enable debugging - application support required
apiVersion: v2
description: SDN-C Ansible Server
name: sdnc-ansible-server
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdnc-ansible-server-image:2.3.0
+image: onap/sdnc-ansible-server-image:2.3.2
pullPolicy: Always
# flag to enable debugging - application support required
service:
type: ClusterIP
name: sdnc-ansible-server
- portName: sdnc-ansible-server
+ portName: http
internalPort: 8000
externalPort: 8000
apiVersion: v2
description: ONAP SDNC Policy Driven Ownership Management
name: sdnc-prom
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
-#!/bin/bash
+#!/bin/sh
{{/*
# Copyright © 2018 Amdocs
debugLog "Currently running sdnc and dns failover"
return
fi
- trap "rm -f ${lockFile}" INT TERM RETURN
- echo $BASHPID > ${lockFile}
+ trap "rm -f ${lockFile}" INT TERM EXIT
+ echo $$ > ${lockFile}
# perform takeover
debugLog "Started executing sdnc.failover for $SITE_NAME"
apiVersion: v2
description: SDN-C Web Server
name: sdnc-web
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
{{ if .Values.liveness.enabled }}
livenessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end }}
readinessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: WEBPROTOCOL
- value: {{ .Values.config.webProtocol }}
+ value: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.webProtocol .Values.config.webPlainProtocol }}
- name: WEBPORT
- value: {{ .Values.config.webPort | quote }}
+ value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.webPort .Values.config.webPlainPort | quote }}
- name: SDNRPROTOCOL
- value: {{ .Values.config.sdnrProtocol }}
+ value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrProtocol .Values.config.sdnrPlainProtocol }}
- name: SDNRHOST
- value: {{ .Values.config.sdnrHost }}.{{ include "common.namespace" . }}
+ value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrHost .Values.config.sdnrPlainHost }}.{{ include "common.namespace" . }}
- name: SDNRPORT
- value: {{ .Values.config.sdnrPort | quote }}
+ value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrPort .Values.config.sdnrPlainPort | quote }}
+ {{ if (include "common.needTLS" .) }}
- name: SSL_CERT_DIR
value: {{ .Values.config.sslCertDir }}
- name: SSL_CERTIFICATE
value: {{ .Values.config.sslCertiticate }}
- name: SSL_CERTIFICATE_KEY
value: {{ .Values.config.sslCertKey }}
+ {{ end }}
{{ if .Values.config.transportpce.enabled }}
- name: TRPCEURL
value: {{ .Values.config.transportpce.transportpceUrl }}
# Application configuration defaults.
#################################################################
# application image
-image: "onap/sdnc-web-image:2.2.5"
+image: "onap/sdnc-web-image:2.3.2"
pullPolicy: Always
config:
sdncChartName: sdnc
webProtocol: HTTPS
+ webPlainProtocol: HTTP
webPort: 8443
+ webPlainPort: 8080
sdnrProtocol: https
+ sdnrPlainProtocol: http
sdnrHost: "sdnc"
+ sdnrPlainHost: "sdnc"
sdnrPort: "8443"
+ sdnrPlainPort : "8080"
sslCertDir: "/opt/app/osaaf/local/certs"
sslCertiticate: "cert.pem"
sslCertKey: "key.pem"
# for liveness and readiness probe only
# internalPort:
internalPort: 8443
+ internalPlainPort: 8080
ports:
- - name: "sdnc-web"
+ - name: http-sdnc-web
port: "8443"
+ plain_port: "8080"
+ port_protocol: http
nodePort: "05"
#ingress:
apiVersion: v2
description: SDNC UEB Listener
name: ueb-listener
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
+{{- if (include "common.needTLS" .) }}
org.onap.ccsdk.sli.northbound.uebclient.asdc-address=sdc-be.{{.Release.Namespace}}:8443
+{{- else }}
+org.onap.ccsdk.sli.northbound.uebclient.asdc-address=sdc-be.{{.Release.Namespace}}:8080
+org.onap.ccsdk.sli.northbound.uebclient.use-https=false
+{{- end }}
org.onap.ccsdk.sli.northbound.uebclient.consumer-group=sdc-OpenSource-Env1-sdnc-dockero
org.onap.ccsdk.sli.northbound.uebclient.consumer-id=sdc-COpenSource-Env11-sdnc-dockero
org.onap.ccsdk.sli.northbound.uebclient.environment-name=AUTO
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdnc-ueb-listener-image:2.3.0
+image: onap/sdnc-ueb-listener-image:2.3.2
pullPolicy: Always
# flag to enable debugging - application support required
#
# Configuration file for A&AI Client
#
+{{- if (include "common.needTLS" .) }}
org.onap.ccsdk.sli.adaptors.aai.uri=https://aai.{{.Release.Namespace}}:8443
+{{- else }}
+org.onap.ccsdk.sli.adaptors.aai.uri=http://aai.{{.Release.Namespace}}:80
+{{- end }}
connection.timeout=60000
read.timeout=60000
"tokenSecret": "${OAUTH_TOKEN_SECRET}",
"tokenIssuer": {{ .Values.config.sdnr.oauth.tokenIssuer | quote }},
"publicUrl": {{ .Values.config.sdnr.oauth.publicUrl | quote }},
- "redirectUri": "{{ .Values.config.sdnr.oauth.redirectUri | quote | default "null" }}",
+ "redirectUri": "{{ .Values.config.sdnr.oauth.redirectUri | default "null" }}",
"supportOdlUsers": "{{ .Values.config.sdnr.oauth.supportOdlUsers | default "true" }}",
"providers": {{ .Values.config.sdnr.oauth.providers | toJson }}
-}
\ No newline at end of file
+}
command:
- /bin/bash
args:
- - {{.Values.config.binDir }}/installSdncDb.sh
+ - -c
+ - |
+ sleep 60; {{.Values.config.binDir }}/installSdncDb.sh
resources: {{ include "common.resources" . | nindent 10 }}
+ {{- if include "common.onServiceMesh" . }}
+ - name: sdnc-service-mesh-wait-for-job-container
+ image: {{ include "repositoryGenerator.image.quitQuit" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /bin/sh
+ - "-c"
+ args:
+ - |
+ echo "waiting 20s for istio side cars to be up"; sleep 20s;
+ /app/ready.py --service-mesh-check sdnc -t 45;
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ {{- end }}
{{- if .Values.nodeSelector }}
nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
{{- end }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["/bin/bash"]
- args: ["-c", "{{ .Values.config.binDir }}/startODL.sh"]
+ args:
+ - -c
+ - |
+ sleep 90; "{{ .Values.config.binDir }}/startODL.sh"
env:
- name: SDNC_AAF_ENABLED
value: "{{ .Values.global.aafEnabled}}"
value: "-k"
volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
resources: {{ include "common.resources" . | nindent 12 }}
+ {{- if include "common.onServiceMesh" . }}
+ - name: sdnrdb-service-mesh-wait-for-job-container
+ image: {{ include "repositoryGenerator.image.quitQuit" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /bin/sh
+ - "-c"
+ args:
+ - |
+ echo "waiting 30s for istio side cars to be up"; sleep 30s;
+ /app/ready.py --service-mesh-check sdnc-sdnrdb-init-job -t 45;
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ {{- end }}
{{- if .Values.nodeSelector }}
nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }}
{{- end -}}
# application images
pullPolicy: Always
-image: onap/sdnc-image:2.3.0
+image: onap/sdnc-image:2.3.2
# flag to enable debugging - application support required
debugEnabled: false
service:
type: NodePort
name: sdnc
- portName: sdnc
+ portName: http
internalPort: 8181
internalPort2: 8101
internalPort3: 8080
apiVersion: v2
description: ONAP Mock Sniro Emulator
name: sniro-emulator
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
internalPort: 9999
externalPort: 80
nodePort: 88
- portName: httpd
+ portName: http
ingress:
enabled: false
apiVersion: v2
description: ONAP Service Orchestrator
name: so
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
+ condition: global.aafEnabled
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: mariadb-galera
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: global.mariadbGalera.localCluster
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: soHelpers
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/soHelpers'
- name: so-admin-cockpit
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/so-admin-cockpit'
condition: so-admin-cockpit.enabled
- name: so-appc-orchestrator
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/so-appc-orchestrator'
condition: so-appc-orchestrator.enabled
- name: so-bpmn-infra
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/so-bpmn-infra'
- name: so-catalog-db-adapter
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/so-catalog-db-adapter'
condition: so-catalog-db-adapter.enabled
- name: so-cnf-adapter
- version: ~10.x-0
+ version: ~11.x-0
repository: "file://components/so-cnf-adapter"
condition: so-cnf-adapter.enabled
- name: so-etsi-nfvo-ns-lcm
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/so-etsi-nfvo-ns-lcm'
condition: so-etsi-nfvo-ns-lcm.enabled
- name: so-etsi-sol003-adapter
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/so-etsi-sol003-adapter'
condition: so-etsi-sol003-adapter.enabled
- name: so-mariadb
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/so-mariadb'
- name: so-nssmf-adapter
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/so-nssmf-adapter'
condition: so-nssmf-adapter.enabled
- name: so-oof-adapter
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/so-oof-adapter'
condition: so-oof-adapter.enabled
- name: so-openstack-adapter
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/so-openstack-adapter'
condition: so-openstack-adapter.enabled
- name: so-request-db-adapter
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/so-request-db-adapter'
- name: so-sdc-controller
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/so-sdc-controller'
- name: so-sdnc-adapter
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/so-sdnc-adapter'
condition: so-sdnc-adapter.enabled
- name: so-ve-vnfm-adapter
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/so-ve-vnfm-adapter'
condition: so-ve-vnfm-adapter.enabled
- name: so-etsi-sol005-adapter
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/so-etsi-sol005-adapter'
condition: so-etsi-sol005-adapter.enabled
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: A Helm chart for ONAP Service Orchestration Monitoring
name: so-admin-cockpit
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: soHelpers
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../soHelpers'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
ports:
- containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
{{if and (eq .Values.service.type "NodePort") (.Values.global.aafEnabled) -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
-
-
apiVersion: v2
description: A Helm chart for so appc orchestrator
name: so-appc-orchestrator
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: soHelpers
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../soHelpers'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
appVersion: "1.0"
description: A Helm chart for SO Bpmn Infra
name: so-bpmn-infra
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: soHelpers
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../soHelpers'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}}
dme2:
timeout: '30000'
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
workflowAaiDistributionDelay: PT30S
pnfEntryNotificationTimeout: P14D
cds:
oof:
auth: {{ .Values.mso.oof.auth }}
callbackEndpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
+ {{ if (include "common.needTLS" .) }}
endpoint: https://oof-osdf.{{ include "common.namespace" . }}:8698
+ {{ else }}
+ endpoint: http://oof-osdf.{{ include "common.namespace" . }}:8698
+ {{ end }}
timeout: PT30M
workflow:
CreateGenericVNFV1:
{{ include "so.helpers.livenessProbe" .| indent 8 }}
ports:
- containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
# Filebeat sidecar container
{{ include "common.log.sidecar" . | nindent 6 }}
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
type: ClusterIP
internalPort: *containerPort
externalPort: 8081
- portName: so-bpmn-port
+ portName: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
apiVersion: v2
description: A Helm chart for so-catalog-db-adapter
name: so-catalog-db-adapter
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: soHelpers
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../soHelpers'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
{{ include "so.helpers.livenessProbe" .| indent 8 }}
ports:
- containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
type: ClusterIP
internalPort: *containerPort
externalPort: *containerPort
- portName: so-catdb-port
+ portName: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
appVersion: "1.7.1"
description: A Helm chart for Kubernetes
name: so-cnf-adapter
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: soHelpers
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../soHelpers'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
aai:
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.server.aai.auth ) }}
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
enabled: {{ .Values.global.aai.enabled }}
logging:
path: logs
prometheus:
enabled: true # Whether exporting of metrics to Prometheus is enabled.
step: 1m # Step size (i.e. reporting frequency) to use.
-
apiVersion: v2
description: ONAP SO ETSI NFVO NS LCM
name: so-etsi-nfvo-ns-lcm
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: soHelpers
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../soHelpers'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
aai:
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}}
version: v19
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
spring:
datasource:
hikari:
etsi-catalog-manager:
base:
{{- if .Values.global.msbEnabled }}
+ {{ if (include "common.needTLS" .) }}
endpoint: https://msb-iag:443/api
+ {{ else }}
+ endpoint: http://msb-iag:443/api
+ {{ end }}
http:
client:
ssl:
apiVersion: v2
description: ONAP SO ETSI SOL003 Adapter
name: so-etsi-sol003-adapter
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: soHelpers
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../soHelpers'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
aai:
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}}
version: v15
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
spring:
security:
usercredentials:
username: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.username "value2" .Values.sdc.username )}}
password: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.password "value2" .Values.sdc.password )}}
key: {{ .Values.sdc.key }}
+ {{ if (include "common.needTLS" .) }}
endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://sdc-be.{{ include "common.namespace" . }}:8080
+ {{ end }}
vnfmadapter:
endpoint: http://so-etsi-sol003-adapter.{{ include "common.namespace" . }}:9092
etsi-catalog-manager:
failureThreshold: {{ .Values.livenessProbe.failureThreshold}}
ports:
- containerPort: {{ .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: so-etsi-sol005-adapter
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: soHelpers
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../soHelpers'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
msb-port: 80
adapters:
requestDb:
+ {{ if (include "common.needTLS" .) }}
endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+ {{ else }}
+ endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+ {{ end }}
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}}
#Actuator
management:
failureThreshold: {{ .Values.livenessProbe.failureThreshold}}
ports:
- containerPort: {{ .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
\ No newline at end of file
+ release: {{ include "common.release" . }}
apiVersion: v2
description: MariaDB Service
name: so-mariadb
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
command:
- /bin/bash
- -c
- - mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb nfvo > /var/data/mariadb/backup-`date +%s`.sql
+ - |
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
+ mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb nfvo > /var/data/mariadb/backup-`date +%s`.sql
volumeMounts:
- mountPath: /etc/localtime
name: localtime
readOnly: true
- name: backup-storage
mountPath: /var/data/mariadb
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: localtime
- /bin/bash
- -c
- >
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
mysql() { /usr/bin/mysql -h ${DB_HOST} -P ${DB_PORT} "$@"; };
export -f mysql;
mysql --user=root --password=${MYSQL_ROOT_PASSWORD} requestdb -e exit > /dev/null 2>&1 {{ if not .Values.global.migration.enabled }} && echo "Database already initialized!!!" && exit 0 {{ end }};
{{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
nodePortPrefix: 302
nodePortPrefixExt: 304
repository: nexus3.onap.org:10001
- readinessImage: onap/oom/readiness:3.0.1
+ readinessImage: onap/oom/readiness:4.1.0
ubuntuInitRepository: docker.io
mariadbGalera:
nameOverride: &mariadbName mariadb-galera
nameOverride: so-mariadb
roles:
- read
+
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}-config'
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: so-nssmf-adapter
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: soHelpers
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../soHelpers'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
*/}}
aai:
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}}
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
logging:
path: logs
spring:
msb-port: 80
adapters:
requestDb:
+ {{ if (include "common.needTLS" .) }}
endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+ {{ else }}
+ endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+ {{ end }}
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}}
#Actuator
management:
service:
type: ClusterIP
ports:
- - name: api
+ - name: http
port: *containerPort
updateStrategy:
type: RollingUpdate
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: so-oof-adapter
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: soHelpers
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../soHelpers'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
oof:
auth: ${OOF_LOGIN}:${OOF_PASSWORD}
+ {{ if (include "common.needTLS" .) }}
endpoint: https://oof-osdf.{{ include "common.namespace" . }}:8698
+ {{ else }}
+ endpoint: http://oof-osdf.{{ include "common.namespace" . }}:8698
+ {{ end }}
#Actuator
management:
endpoints:
service:
type: ClusterIP
ports:
- - name: api
+ - name: http
port: *containerPort
updateStrategy:
type: RollingUpdate
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: so-openstack-adapter
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: soHelpers
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../soHelpers'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
*/}}
aai:
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}}
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
server:
port: {{ index .Values.containerPort }}
spring:
{{ include "so.helpers.livenessProbe" .| indent 8 }}
ports:
- containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
# Filebeat sidecar container
{{ include "common.log.sidecar" . | nindent 6 }}
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
type: ClusterIP
internalPort: *containerPort
externalPort: *containerPort
- portName: so-optack-port
+ portName: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
apiVersion: v2
description: A Helm chart for request-db-adapter
name: so-request-db-adapter
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: soHelpers
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../soHelpers'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
{{ include "so.helpers.livenessProbe" .| indent 8 }}
ports:
- containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
type: ClusterIP
internalPort: *containerPort
externalPort: *containerPort
- portName: so-reqdb-port
+ portName: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: so-sdc-controller
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: soHelpers
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../soHelpers'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.requestDb.auth )}}
aai:
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
asdc-connections:
asdc-controller1:
user: mso
consumerGroup: SO-OpenSource-Env11
consumerId: SO-COpenSource-Env11
environmentName: AUTO
+ {{ if (include "common.needTLS" .) }}
asdcAddress: sdc-be.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ asdcAddress: sdc-be.{{ include "common.namespace" . }}:8080
+ {{ end }}
password: {{ index .Values "mso" "asdc-connections" "asdc-controller1" "password" }}
pollingInterval: 60
pollingTimeout: 60
relevantArtifactTypes: HEAT,HEAT_ENV,HEAT_VOL
useHttpsWithDmaap: false
+ useHttpsWithSdc: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
activateServerTLSAuth: false
keyStorePassword:
keyStorePath:
{{ include "so.helpers.livenessProbe" .| indent 8 }}
ports:
- containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
# Filebeat sidecar container
{{ include "common.log.sidecar" . | nindent 6 }}
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
type: ClusterIP
internalPort: *containerPort
externalPort: *containerPort
- portName: so-sdc-port
+ portName: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: so-sdnc-adapter
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: soHelpers
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../soHelpers'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
{{ include "so.helpers.livenessProbe" .| indent 8 }}
ports:
- containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
# Filebeat sidecar container
{{ include "common.log.sidecar" . | nindent 6 }}
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
type: ClusterIP
internalPort: *containerPort
externalPort: *containerPort
- portName: so-sdnc-port
+ portName: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
apiVersion: v2
description: ONAP SO VE VNFM Adapter (SOL002)
name: so-ve-vnfm-adapter
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: readinessCheck
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: soHelpers
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://../soHelpers'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
port: {{ include "common.getPort" (dict "global" . "name" "http") }}
vevnfmadapter:
+ {{ if (include "common.needTLS" .) }}
endpoint: https://msb-iag:30283/api/{{ include "common.servicename" . }}/v1
+ {{ else }}
+ endpoint: http://msb-iag:30283/api/{{ include "common.servicename" . }}/v1
+ {{ end }}
aai:
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
dmaap:
endpoint: http://message-router.{{ include "common.namespace" . }}:3904
apiVersion: v2
description: A Helm chart for SO helpers
name: soHelpers
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
aai:
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}}
server:
port: {{ index .Values.containerPort }}
activate:
instanceid: test
userid: cs0008
- endpoint: http://sdc-be.{{ include "common.namespace" . }}:8443
+ {{ if (include "common.needTLS" .) }}
+ endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://sdc-be.{{ include "common.namespace" . }}:8080
+ {{ end }}
tenant:
isolation:
retry:
count: 3
aai:
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}}
extApi:
{{ include "so.helpers.livenessProbe" .| indent 8 }}
ports:
- containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
# Filebeat sidecar container
{{ include "common.log.sidecar" . | nindent 6 }}
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
nodePort: 77
internalPort: *containerPort
externalPort: *containerPort
- portName: so-apih-port
+ portName: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
apiVersion: v2
description: ONAP Strimzi kafka
name: strimzi
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
{{/*
-# Copyright © 2018 AT&T
+# Copyright © 2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-
-apiVersion: policy/v1beta1
-kind: PodDisruptionBudget
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaUser
metadata:
- name: {{ include "common.fullname" . }}-pdb
+ name: {{ .Values.kafkaStrimziAdminUser }}
labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- maxUnavailable: 1
+ authentication:
+ type: {{ .Values.saslMechanism }}
+ authorization:
+ type: simple
+ acls:
+ - resource:
+ type: group
+ name: onap-group
+ operation: Read
\ No newline at end of file
authorization:
type: simple
superUsers:
- - {{ include "common.release" . }}-{{ .Values.kafkaStrimziAdminUser }}
+ - {{ .Values.kafkaStrimziAdminUser }}
template:
pod:
securityContext:
runAsUser: 0
fsGroup: 0
config:
+ default.replication.factor: {{ .Values.replicaCount }}
+ min.insync.replicas: {{ .Values.replicaCount }}
offsets.topic.replication.factor: {{ .Values.replicaCount }}
transaction.state.log.replication.factor: {{ .Values.replicaCount }}
- transaction.state.log.min.isr: 2
+ transaction.state.log.min.isr: {{ .Values.replicaCount }}
log.message.format.version: "3.0"
inter.broker.protocol.version: "3.0"
storage:
type: jbod
- class: {{ include "common.storageClass" (dict "dot" . "suffix" "kafka" "persistenceInfos" .Values.persistenceKafka) }}
volumes:
- id: 0
type: persistent-claim
replicas: {{ .Values.replicaCount }}
config:
ssl.hostnameVerification: false
+ ssl.quorum.hostnameVerification: false
+ {{- if (include "common.onServiceMesh" .) }}
+ sslQuorum: false
+ {{- end }}
storage:
type: persistent-claim
size: {{ .Values.persistenceZk.size }}
#################################################################
# Application configuration defaults.
#################################################################
-replicaCount: 2
+replicaCount: 3
kafkaInternalPort: 9092
saslMechanism: scram-sha-512
version: 3.0.0
apiVersion: v2
description: ONAP uui
name: uui
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: uui-server
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/uui-server'
- name: uui-nlp
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/uui-nlp'
apiVersion: v2
description: ONAP UUI NLP
name: uui-nlp
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: serviceAccount
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
apiVersion: v2
description: ONAP uui server
name: uui-server
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
\ No newline at end of file
-#!/bin/bash
+#!/bin/sh
{{/*
#
# Copyright 2016-2017 ZTE Corporation.
echo "usecase-ui database init script start..."
dbScript="$main_path/resources/bin/initDB.sh"
-source $dbScript 127.0.0.1 5432 postgres uui
+$dbScript 127.0.0.1 5432 postgres uui
echo "usecase-ui database init script finished normally..."
JAVA_PATH="$JAVA_HOME/bin/java"
echo @jar_path@ $jar_path
echo "Starting usecase-ui-server..."
-$JAVA_PATH $JAVA_OPTS -classpath $jar_path -jar $jar_path $SPRING_OPTS
\ No newline at end of file
+$JAVA_PATH $JAVA_OPTS -classpath $jar_path -jar $jar_path $SPRING_OPTS
# application image
repository: nexus3.onap.org:10001
-image: onap/usecase-ui-server:4.0.6
+image: onap/usecase-ui-server:4.0.7
pullPolicy: Always
# application configuration
flavor: small
# application image
-image: onap/usecase-ui:4.0.6
+image: onap/usecase-ui:4.0.7
pullPolicy: Always
# application configuration
apiVersion: v2
description: ONAP Virtual Function Controller (VF-C)
name: vfc
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: mariadb-galera
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: global.mariadbGalera.localCluster
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: vfc-generic-vnfm-driver
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/vfc-generic-vnfm-driver'
condition: vfc-generic-vnfm-driver.enabled
- name: vfc-huawei-vnfm-driver
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/vfc-huawei-vnfm-driver'
condition: vfc-huawei-vnfm-driver.enabled
- name: vfc-nslcm
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/vfc-nslcm'
condition: vfc-nslcm.enabled
- name: vfc-redis
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/vfc-redis'
condition: vfc-redis.enabled
- name: vfc-vnflcm
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/vfc-vnflcm'
condition: vfc-vnflcm.enabled
- name: vfc-vnfmgr
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/vfc-vnfmgr'
condition: vfc-vnfmgr.enabled
- name: vfc-vnfres
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/vfc-vnfres'
condition: vfc-vnfres.enabled
- name: vfc-zte-vnfm-driver
- version: ~10.x-0
+ version: ~11.x-0
repository: 'file://components/vfc-zte-vnfm-driver'
condition: vfc-zte-vnfm-driver.enabled
apiVersion: v2
description: ONAP VFC - Generic VNFM Driver
name: vfc-generic-vnfm-driver
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: MSB_HOST
- value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
+ value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
+ {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }}
- name: SSL_ENABLED
- value: "{{ .Values.global.config.ssl_enabled }}"
+ value: "true"
+ {{- else }}
+ - name: SSL_ENABLED
+ value: "false"
+ {{- end }}
- name: REG_TO_MSB_WHEN_START
value: "{{ .Values.global.config.reg_to_msb_when_start }}"
volumeMounts:
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
# application image
flavor: small
-image: onap/vfc/gvnfmdriver:1.4.3
+image: onap/vfc/gvnfmdriver:1.4.4
pullPolicy: Always
#Istio sidecar injection policy
service:
type: ClusterIP
name: vfc-generic-vnfm-driver
- portName: vfc-generic-vnfm-driver
+ portName: http
externalPort: 8484
internalPort: 8484
# nodePort: 30484
apiVersion: v2
description: ONAP VFC - Huawei VNFM Driver
name: vfc-huawei-vnfm-driver
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: MSB_PROTO
- value: "{{ .Values.global.config.msbprotocol }}"
+ value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}"
+ {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }}
- name: SSL_ENABLED
- value: "{{ .Values.global.config.ssl_enabled }}"
+ value: "true"
+ {{- else }}
+ - name: SSL_ENABLED
+ value: "false"
+ {{- end }}
- name: MSB_ADDR
value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
- name: REG_TO_MSB_WHEN_START
port: {{ .Values.service.internalPort }}
targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- - name: {{ .Values.service.portName }}2
+ - name: {{ .Values.service.portName }}s
port: {{ .Values.service.internalPort2 }}
targetPort: {{ .Values.service.internalPort2 }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
name: {{ .Values.service.portName }}
- port: {{ .Values.service.externalPort2 }}
targetPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName }}2
+ name: {{ .Values.service.portName }}s
{{- end}}
selector:
app: {{ include "common.name" . }}
service:
type: ClusterIP
name: vfc-huawei-vnfm-driver
- portName: vfc-huawei-vnfm-driver
+ portName: http
externalPort: 8482
internalPort: 8482
externalPort2: 8483
apiVersion: v2
description: ONAP VFC - NS Life Cycle Management
name: vfc-nslcm
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: MSB_HOST
- value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
+ value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
+ {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }}
- name: SSL_ENABLED
- value: "{{ .Values.global.config.ssl_enabled }}"
+ value: "true"
+ {{- else }}
+ - name: SSL_ENABLED
+ value: "false"
+ {{- end }}
- name: MYSQL_ADDR
value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}'
- name: MYSQL_ROOT_USER
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
# application image
flavor: small
-image: onap/vfc/nslcm:1.4.4
+image: onap/vfc/nslcm:1.4.7
pullPolicy: Always
#Istio sidecar injection policy
service:
type: ClusterIP
name: vfc-nslcm
- portName: vfc-nslcm
+ portName: http
externalPort: 8403
internalPort: 8403
# nodePort: 30403
apiVersion: v2
description: ONAP VFC - REDIS
name: vfc-redis
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
service:
type: ClusterIP
name: vfc-redis
- portName: vfc-redis
+ portName: http
externalPort: 6379
internalPort: 6379
apiVersion: v2
description: ONAP VFC - VNF Life Cycle Management
name: vfc-vnflcm
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: MSB_HOST
- value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
+ value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
+ {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }}
- name: SSL_ENABLED
- value: "{{ .Values.global.config.ssl_enabled }}"
+ value: "true"
+ {{- else }}
+ - name: SSL_ENABLED
+ value: "false"
+ {{- end }}
- name: MYSQL_ADDR
value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}'
- name: MYSQL_ROOT_USER
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
# application image
flavor: small
-image: onap/vfc/vnflcm:1.4.2
+image: onap/vfc/vnflcm:1.4.3
pullPolicy: Always
#Istio sidecar injection policy
service:
type: ClusterIP
name: vfc-vnflcm
- portName: vfc-vnflcm
+ portName: http
externalPort: 8801
internalPort: 8801
# nodePort: 30801
apiVersion: v2
description: ONAP VFC - VNF Manager
name: vfc-vnfmgr
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: MSB_HOST
- value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
+ value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
+ {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }}
- name: SSL_ENABLED
- value: "{{ .Values.global.config.ssl_enabled }}"
+ value: "true"
+ {{- else }}
+ - name: SSL_ENABLED
+ value: "false"
+ {{- end }}
- name: MYSQL_ADDR
value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}'
- name: REDIS_HOST
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
service:
type: ClusterIP
name: vfc-vnfmgr
- portName: vfc-vnfmgr
+ portName: http
externalPort: 8803
internalPort: 8803
# nodePort: 30803
apiVersion: v2
description: ONAP VFC - VNF Resource Manager
name: vfc-vnfres
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: MSB_HOST
- value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
+ value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
+ {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }}
- name: SSL_ENABLED
- value: "{{ .Values.global.config.ssl_enabled }}"
+ value: "true"
+ {{- else }}
+ - name: SSL_ENABLED
+ value: "false"
+ {{- end }}
- name: MYSQL_ADDR
value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}'
- name: REDIS_HOST
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
# application image
flavor: small
-image: onap/vfc/vnfres:1.4.0
+image: onap/vfc/vnfres:1.4.1
pullPolicy: Always
#Istio sidecar injection policy
service:
type: ClusterIP
name: vfc-vnfres
- portName: vfc-vnfres
+ portName: http
externalPort: 8802
internalPort: 8802
# nodePort: 30802
apiVersion: v2
description: ONAP VFC - ZTE VNFM Driver
name: vfc-zte-vnfm-driver
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: MSB_HOST
- value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
+ value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
+ {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }}
- name: SSL_ENABLED
- value: "{{ .Values.global.config.ssl_enabled }}"
+ value: "true"
+ {{- else }}
+ - name: SSL_ENABLED
+ value: "false"
+ {{- end }}
- name: REG_TO_MSB_WHEN_START
value: "{{ .Values.global.config.reg_to_msb_when_start }}"
volumeMounts:
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
service:
type: ClusterIP
name: vfc-zte-vnfm-driver
- portName: vfc-zte-vnfm-driver
+ portName: http
externalPort: 8410
internalPort: 8410
global:
config:
ssl_enabled: false
- msbprotocol: https
+ msbprotocol: http
msbServiceName: msb-iag
msbPort: 443
redisServiceName: vfc-redis
apiVersion: v2
description: ONAP Virtual Infrastructure Deployment
name: vid
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
# local reference to common chart, as it is
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: mariadb-galera
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: global.mariadbGalera.localCluster
- name: mariadb-init
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
condition: not global.mariadbGalera.localCluster
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
apiVersion: v2
description: ONAP VNF SDK
name: vnfsdk
-version: 10.0.0
+version: 11.0.0
dependencies:
- name: common
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: certInitializer
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: postgres
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
- name: repositoryGenerator
- version: ~10.x-0
+ version: ~11.x-0
repository: '@local'
-Sphinx
+lfdocs-conf
+sphinx>=4.2.0 # BSD
+sphinx-rtd-theme>=1.0.0 # MIT
doc8
docutils
six
-lfdocs-conf
sphinxcontrib-redoc
sphinxcontrib-spelling
PyEnchant