Do not cache host resolution in DCAEGEN2 nginx

And fix DNS Designate proxy setup

Change-Id: I46c265ba8f66f81503b8cdc8c0f90f9e5956da86
Issue-ID: OOM-608
Signed-off-by: Alexis de Talhouët <adetalhouet89@gmail.com>

diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v2.sh b/kubernetes/config/docker/init/src/config/dcaegen2/heat/DCAE-openrc-v2.sh
similarity index 81%
rename from kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v2.sh
rename to kubernetes/config/docker/init/src/config/dcaegen2/heat/DCAE-openrc-v2.sh
index 3313ef6..108a3ce 100755 (executable)
--- a/kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v2.sh
+++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/DCAE-openrc-v2.sh
@@ -10,11 +10,11 @@
 # OpenStack API is version 2.0. For example, your cloud provider may implement
 # Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is
 # only for the Identity API served through keystone.
-export OS_AUTH_URL=OPENSTACK_KEYSTONE_IP_HERE/v2.0
+export OS_AUTH_URL=DCAE_OS_KEYSTONE_URL_HERE/v2.0
 # With the addition of Keystone we have standardized on the term **tenant**
 # as the entity that owns the resources.
-export OS_TENANT_ID=OPENSTACK_TENANT_ID_HERE
-export OS_TENANT_NAME="OPENSTACK_TENANT_NAME_HERE"
+export OS_TENANT_ID=DCAE_OS_TENANT_ID_HERE
+export OS_TENANT_NAME="DCAE_OS_TENANT_NAME_HERE"
 # unsetting v3 items in case set
 unset OS_PROJECT_ID
 unset OS_PROJECT_NAME
@@ -22,12 +22,12 @@ unset OS_USER_DOMAIN_NAME
 unset OS_INTERFACE
 # In addition to the owning entity (tenant), OpenStack stores the entity
 # performing the action as the **user**.
-export OS_USERNAME="OPENSTACK_USERNAME_HERE"
+export OS_USERNAME="DCAE_OS_USERNAME_HERE"
 # With Keystone you pass the keystone password.
-export OS_PASSWORD=OPENSTACK_PASSWORD_HERE
+export OS_PASSWORD=DCAE_OS_PASSWORD_HERE
 # If your configuration has multiple regions, we set that information here.
 # OS_REGION_NAME is optional and only valid in certain environments.
-export OS_REGION_NAME="OPENSTACK_REGION_HERE"
+export OS_REGION_NAME="DCAE_OS_REGION_HERE"
 # Don't leave a blank variable, unset it if it was empty
 if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi
 export OS_ENDPOINT_TYPE=publicURL

diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v3.sh b/kubernetes/config/docker/init/src/config/dcaegen2/heat/DCAE-openrc-v3.sh
similarity index 82%
rename from kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v3.sh
rename to kubernetes/config/docker/init/src/config/dcaegen2/heat/DCAE-openrc-v3.sh
index f8d0967..026f3f0 100755 (executable)
--- a/kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v3.sh
+++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/DCAE-openrc-v3.sh
@@ -11,12 +11,12 @@
 # OpenStack API is version 3. For example, your cloud provider may implement
 # Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is
 # only for the Identity API served through keystone.
-export OS_AUTH_URL=OPENSTACK_KEYSTONE_IP_HERE/v3
+export OS_AUTH_URL=DCAE_OS_KEYSTONE_URL_HERE/v3
 
 # With the addition of Keystone we have standardized on the term **project**
 # as the entity that owns the resources.
-export OS_PROJECT_ID=OPENSTACK_TENANT_ID_HERE
-export OS_PROJECT_NAME="OPENSTACK_TENANT_NAME_HERE"
+export OS_PROJECT_ID=DCAE_OS_TENANT_ID_HERE
+export OS_PROJECT_NAME="DCAE_OS_TENANT_NAME_HERE"
 export OS_USER_DOMAIN_NAME="Default"
 if [ -z "$OS_USER_DOMAIN_NAME" ]; then unset OS_USER_DOMAIN_NAME; fi
 
@@ -26,14 +26,14 @@ unset OS_TENANT_NAME
 
 # In addition to the owning entity (tenant), OpenStack stores the entity
 # performing the action as the **user**.
-export OS_USERNAME="OPENSTACK_USERNAME_HERE"
+export OS_USERNAME="DCAE_OS_USERNAME_HERE"
 
 # With Keystone you pass the keystone password.
-export OS_PASSWORD=OPENSTACK_PASSWORD_HERE
+export OS_PASSWORD=DCAE_OS_PASSWORD_HERE
 
 # If your configuration has multiple regions, we set that information here.
 # OS_REGION_NAME is optional and only valid in certain environments.
-export OS_REGION_NAME="OPENSTACK_REGION_HERE"
+export OS_REGION_NAME="DCAE_OS_REGION_HERE"
 # Don't leave a blank variable, unset it if it was empty
 if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi
 

diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/DNS-openrc-v2.sh b/kubernetes/config/docker/init/src/config/dcaegen2/heat/DNS-openrc-v2.sh
new file mode 100755 (executable)
index 0000000..9c9e3f0
--- /dev/null
+++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/DNS-openrc-v2.sh
@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+# To use an OpenStack cloud you need to authenticate against the Identity
+# service named keystone, which returns a **Token** and **Service Catalog**.
+# The catalog contains the endpoints for all services the user/tenant has
+# access to - such as Compute, Image Service, Identity, Object Storage, Block
+# Storage, and Networking (code-named nova, glance, keystone, swift,
+# cinder, and neutron).
+#
+# *NOTE*: Using the 2.0 *Identity API* does not necessarily mean any other
+# OpenStack API is version 2.0. For example, your cloud provider may implement
+# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is
+# only for the Identity API served through keystone.
+export OS_AUTH_URL=DNSAAS_KEYSTONE_URL_HERE/v2.0
+# With the addition of Keystone we have standardized on the term **tenant**
+# as the entity that owns the resources.
+export OS_TENANT_ID=DNSAAS_TENANT_ID_HERE
+export OS_TENANT_NAME="DNSAAS_TENANT_NAME_HERE"
+# unsetting v3 items in case set
+unset OS_PROJECT_ID
+unset OS_PROJECT_NAME
+unset OS_USER_DOMAIN_NAME
+unset OS_INTERFACE
+# In addition to the owning entity (tenant), OpenStack stores the entity
+# performing the action as the **user**.
+export OS_USERNAME="DNSAAS_USERNAME_HERE"
+# With Keystone you pass the keystone password.
+export OS_PASSWORD=DNSAAS_PASSWORD_HERE
+# If your configuration has multiple regions, we set that information here.
+# OS_REGION_NAME is optional and only valid in certain environments.
+export OS_REGION_NAME="DNSAAS_REGION_HERE"
+# Don't leave a blank variable, unset it if it was empty
+if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi
+export OS_ENDPOINT_TYPE=publicURL
+export OS_IDENTITY_API_VERSION=2
\ No newline at end of file

diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/DNS-openrc-v3.sh b/kubernetes/config/docker/init/src/config/dcaegen2/heat/DNS-openrc-v3.sh
new file mode 100755 (executable)
index 0000000..eebf835
--- /dev/null
+++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/DNS-openrc-v3.sh
@@ -0,0 +1,41 @@
+#!/usr/bin/env bash
+
+# To use an OpenStack cloud you need to authenticate against the Identity
+# service named keystone, which returns a **Token** and **Service Catalog**.
+# The catalog contains the endpoints for all services the user/tenant has
+# access to - such as Compute, Image Service, Identity, Object Storage, Block
+# Storage, and Networking (code-named nova, glance, keystone, swift,
+# cinder, and neutron).
+#
+# *NOTE*: Using the 3 *Identity API* does not necessarily mean any other
+# OpenStack API is version 3. For example, your cloud provider may implement
+# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is
+# only for the Identity API served through keystone.
+export OS_AUTH_URL=DNSAAS_KEYSTONE_URL_HERE/v3
+
+# With the addition of Keystone we have standardized on the term **project**
+# as the entity that owns the resources.
+export OS_PROJECT_ID=DNSAAS_TENANT_ID_HERE
+export OS_PROJECT_NAME="DNSAAS_TENANT_NAME_HERE"
+export OS_USER_DOMAIN_NAME="Default"
+if [ -z "$OS_USER_DOMAIN_NAME" ]; then unset OS_USER_DOMAIN_NAME; fi
+
+# unset v2.0 items in case set
+unset OS_TENANT_ID
+unset OS_TENANT_NAME
+
+# In addition to the owning entity (tenant), OpenStack stores the entity
+# performing the action as the **user**.
+export OS_USERNAME="DNSAAS_USERNAME_HERE"
+
+# With Keystone you pass the keystone password.
+export OS_PASSWORD=DNSAAS_PASSWORD_HERE
+
+# If your configuration has multiple regions, we set that information here.
+# OS_REGION_NAME is optional and only valid in certain environments.
+export OS_REGION_NAME="DNSAAS_REGION_HERE"
+# Don't leave a blank variable, unset it if it was empty
+if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi
+
+export OS_INTERFACE=public
+export OS_IDENTITY_API_VERSION=3
\ No newline at end of file

diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/entrypoint.sh b/kubernetes/config/docker/init/src/config/dcaegen2/heat/entrypoint.sh
index 85c5ee2..bbf47a9 100755 (executable)
--- a/kubernetes/config/docker/init/src/config/dcaegen2/heat/entrypoint.sh
+++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/entrypoint.sh
@@ -130,12 +130,12 @@ mv ./kubectl /usr/local/bin/kubectl
 # Get the Kubernetes Node IP hosting the DCAE NGINX pod
 NODE_IP=`kubectl get services dcaegen2 -o jsonpath='{.status.loadBalancer.ingress[0].ip}'`
 
-# # Source OpenStack parameters
-if [ "OPENSTACK_API_VERSION_HERE" = "v2.0" ]
+# Source OpenStack parameters to deploy DCAE
+if [ "DCAE_OS_API_VERSION_HERE" = "v2.0" ]
 then
-    source /opt/heat/OOM-openrc-v2.sh
+    source /opt/heat/DCAE-openrc-v2.sh
 else
-    source /opt/heat/OOM-openrc-v3.sh
+    source /opt/heat/DCAE-openrc-v3.sh
 fi
 
 # Create stasck if doens't exist
@@ -153,6 +153,14 @@ then
     sed -i -e "s/DCAE_CONTROLLER_IP_HERE/$DCAE_CONTROLLER_IP/g" /opt/robot/vm_properties.py;
 fi
 
+# Source OpenStack parameters for DNS Designate
+if [ "DNSAAS_API_VERSION_HERE" = "v2.0" ]
+then
+    source /opt/heat/DNS-openrc-v2.sh
+else
+    source /opt/heat/DNS-openrc-v3.sh
+fi
+
 configure_dns_designate
 
 monitor_nginx_node_ip
\ No newline at end of file

diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/onap_dcae.env b/kubernetes/config/docker/init/src/config/dcaegen2/heat/onap_dcae.env
index 363de40..6b7caad 100644 (file)
--- a/kubernetes/config/docker/init/src/config/dcaegen2/heat/onap_dcae.env
+++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/onap_dcae.env
@@ -6,19 +6,19 @@ parameters:
   #                                            #
   ##############################################
 
-  public_net_id: OPENSTACK_PUBLIC_NET_ID_HERE
+  public_net_id: DCAE_OS_PUBLIC_NET_ID_HERE
 
-  public_net_name: OPENSTACK_PUBLIC_NET_NAME_HERE
+  public_net_name: DCAE_OS_PUBLIC_NET_NAME_HERE
 
   ubuntu_1404_image: UBUNTU_14_IMAGE_NAME_HERE
 
   ubuntu_1604_image: UBUNTU_16_IMAGE_NAME_HERE
 
-  flavor_small: OPENSTACK_FLAVOUR_SMALL_HERE
+  flavor_small: OPENSTACK_FLAVOR_SMALL_HERE
 
-  flavor_medium: OPENSTACK_FLAVOUR_MEDIUM_HERE
+  flavor_medium: OPENSTACK_FLAVOR_MEDIUM_HERE
 
-  flavor_large: OPENSTACK_FLAVOUR_LARGE_HERE
+  flavor_large: OPENSTACK_FLAVOR_LARGE_HERE
 
   vm_base_name: DCAE_VM_BASE_NAME_HERE
 
@@ -36,17 +36,17 @@ parameters:
 
   artifacts_version: DEMO_ARTIFACTS_VERSION_HERE
 
-  openstack_tenant_id:  OPENSTACK_TENANT_ID_HERE
+  openstack_tenant_id:  DCAE_OS_TENANT_ID_HERE
 
-  openstack_tenant_name: OPENSTACK_TENANT_NAME_HERE
+  openstack_tenant_name: DCAE_OS_TENANT_NAME_HERE
 
-  openstack_username: OPENSTACK_USERNAME_HERE
+  openstack_username: DCAE_OS_USERNAME_HERE
 
-  openstack_api_key: OPENSTACK_PASSWORD_HERE
+  openstack_api_key: DCAE_OS_PASSWORD_HERE
 
-  openstack_region: OPENSTACK_REGION_HERE
+  openstack_region: DCAE_OS_REGION_HERE
 
-  keystone_url: OPENSTACK_KEYSTONE_IP_HERE
+  keystone_url: DCAE_OS_KEYSTONE_URL_HERE
 
   cloud_env: openstack
 
@@ -59,7 +59,7 @@ parameters:
   dns_list: DNS_LIST_HERE
   external_dns: EXTERNAL_DNS_HERE
   dns_forwarder: DNS_FORWARDER_HERE
-  oam_network_cidr: NETWORK_CIDR_WITH_ONAP_ROUTE_HERE
+  oam_network_cidr: DCAE_OS_OAM_NETWORK_CIDR_HERE
 
   ### Private IP addresses ###
 
@@ -85,7 +85,7 @@ parameters:
   dnsaas_tenant_name: DNSAAS_TENANT_NAME_HERE
   dnsaas_username: DNSAAS_USERNAME_HERE
   dnsaas_password: DNSAAS_PASSWORD_HERE
-  dcae_keystone_url: DCAE_KEYSTONE_URL_HERE
+  dcae_keystone_url: DCAE_FINAL_KEYSTONE_URL_HERE
   dcae_centos_7_image: OPENSTACK_CENTOS_7_IMAGE_HERE
   dcae_domain: DCAE_DOMAIN_HERE
   dcae_public_key: OPENSTACK_PUB_KEY_HERE

diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/aai-service.onap.org.conf b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/aai-service.onap.org.conf
index 9cfb221..4670f35 100644 (file)
--- a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/aai-service.onap.org.conf
+++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/aai-service.onap.org.conf
@@ -8,12 +8,17 @@ server {
 
     server_name *.aai.simpledemo.onap.org;
 
+    resolver KUBE_DNS_IP_HERE valid=1s;
+
+    set $backend https://aai-service.onap-aai.svc.cluster.local:8443;
+
     location / {
-        proxy_pass https://aai-service.onap-aai:8443/;
+        rewrite ^/(.*) /$1 break;
+        proxy_pass $backend;
         proxy_set_header Host $host;
         proxy_set_header X-Forwarded-Proto "https";
     }
 
     ssl_certificate /etc/certs/aai-service.onap.org.pem;
     ssl_certificate_key /etc/certs/aai-service.onap.org.key;
-}
+}
\ No newline at end of file

diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/dmaap.onap.org.conf b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/dmaap.onap.org.conf
index 1015a22..e9c38d5 100644 (file)
--- a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/dmaap.onap.org.conf
+++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/dmaap.onap.org.conf
@@ -8,8 +8,13 @@ server {
 
     server_name *.mr.simpledemo.onap.org;
 
+    resolver KUBE_DNS_IP_HERE valid=1s;
+
+    set $backend http://dmaap.onap-message-router.svc.cluster.local:3904;
+
     location / {
-        proxy_pass http://dmaap.onap-message-router:3904/;
+        rewrite ^/(.*) /$1 break;
+        proxy_pass $backend;
         proxy_set_header Host $host;
         proxy_set_header X-Forwarded-Proto "http";
     }

diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/open.onap.org.conf b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/open.onap.org.conf
index ed62a32..de4d043 100644 (file)
--- a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/open.onap.org.conf
+++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/open.onap.org.conf
@@ -8,10 +8,37 @@ server {
 
     server_name *.openo.simpledemo.onap.org;
 
+    resolver KUBE_DNS_IP_HERE valid=1s;
+
+    set $backend http://msb-iag.onap-msb.svc.cluster.local:80;
+
     location / {
-        proxy_pass http://msb-iag.onap-msb:80/;
+        rewrite ^/(.*) /$1 break;
+        proxy_pass $backend;
         proxy_set_header Host $host;
         proxy_set_header X-Forwarded-Proto "http";
     }
 
 }
+server {
+    listen 9005 ;
+    listen [::]:9005 ;
+
+    root /var/www/html;
+
+    index index.html index.htm index.nginx-debian.html;
+
+    server_name *.openo.simpledemo.onap.org;
+
+    resolver KUBE_DNS_IP_HERE valid=1s;
+
+    set $backend http://multicloud-windriver.onap-multicloud.svc.cluster.local:9005;
+
+    location / {
+        rewrite ^/(.*) /$1 break;
+        proxy_pass $backend;
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-Proto "http";
+    }
+
+}
\ No newline at end of file

diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/pdp.onap.org.conf b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/pdp.onap.org.conf
index 2bbff5c..72fe7be 100644 (file)
--- a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/pdp.onap.org.conf
+++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/pdp.onap.org.conf
@@ -8,8 +8,13 @@ server {
 
     server_name *.policy.simpledemo.onap.org;
 
+    resolver KUBE_DNS_IP_HERE valid=1s;
+
+    set $backend http://pdp.onap-policy.svc.cluster.local:8081;
+
     location / {
-        proxy_pass http://pdp.onap-policy:8081/;
+        rewrite ^/(.*) /$1 break;
+        proxy_pass $backend;
         proxy_set_header Host $host;
         proxy_set_header X-Forwarded-Proto "http";
     }

diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/sdc-be.onap.org.conf b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/sdc-be.onap.org.conf
index 7f15044..0be9355 100644 (file)
--- a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/sdc-be.onap.org.conf
+++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/sdc-be.onap.org.conf
@@ -8,8 +8,13 @@ server {
 
     server_name *.sdc.simpledemo.onap.org;
 
+    resolver KUBE_DNS_IP_HERE valid=1s;
+
+    set $backend https://sdc-be.onap-sdc.svc.cluster.local:8443;
+
     location / {
-        proxy_pass https://sdc-be.onap-sdc:8443/;
+        rewrite ^/(.*) /$1 break;
+        proxy_pass $backend;
         proxy_set_header Host $host;
         proxy_set_header X-Forwarded-Proto "https";
     }

diff --git a/kubernetes/dcaegen2/templates/nginx-service.yaml b/kubernetes/dcaegen2/templates/nginx-service.yaml
index 68fe058..21dbb04 100644 (file)
--- a/kubernetes/dcaegen2/templates/nginx-service.yaml
+++ b/kubernetes/dcaegen2/templates/nginx-service.yaml
@@ -28,6 +28,10 @@ spec:
       port: 80
       targetPort: 80
       nodePort: 30604
+    - name: multicloud-tinanium
+      port: 9005
+      targetPort: 9005
+      nodePort: 30605
   selector:
     app: nginx
   type: LoadBalancer

diff --git a/kubernetes/multicloud/values.yaml b/kubernetes/multicloud/values.yaml
index 2431d0a..27f1c2f 100644 (file)
--- a/kubernetes/multicloud/values.yaml
+++ b/kubernetes/multicloud/values.yaml
@@ -9,5 +9,7 @@ image:
   windriver: nexus3.onap.org:10001/onap/multicloud/openstack-windriver:v1.0.0
 
 # domain name of msb gateway
-msbgateway: msb-iag.onap-msb
+# It needs to be a FQDN because DCAE will have to
+# resolve this to be able to use the proxy DNS setup
+msbgateway: msb.api.simpledemo.onap.org
 msbPort: 80
\ No newline at end of file