Merge "[RESOURCES] Enable strimzi in sm-onap"

author Jack Lucas <jflos@sonoris.net>

Mon, 27 Jun 2022 15:17:20 +0000 (15:17 +0000)

committer Gerrit Code Review <gerrit@onap.org>

Mon, 27 Jun 2022 15:17:20 +0000 (15:17 +0000)
author Jack Lucas <jflos@sonoris.net>
Mon, 27 Jun 2022 15:17:20 +0000 (15:17 +0000)
committer Gerrit Code Review <gerrit@onap.org>
Mon, 27 Jun 2022 15:17:20 +0000 (15:17 +0000)
diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml

index f70deef..17fa320 100644 (file)
--- a/kubernetes/a1policymanagement/values.yaml
+++ b/kubernetes/a1policymanagement/values.yaml
@@ -63,7 +63,7 @@ certInitializer:
      echo "*** change ownership of certificates to targeted user"
      chown -R 1000 .
  
-image: onap/ccsdk-oran-a1policymanagementservice:1.3.0
+image: onap/ccsdk-oran-a1policymanagementservice:1.3.2
  userID: 1000 #Should match with image-defined user ID
  groupID: 999 #Should match with image-defined group ID
  pullPolicy: IfNotPresent
diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml

index b8adba8..a93c610 100644 (file)
--- a/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml
@@ -126,7 +126,9 @@ spec:
          args:
          - -c
          - |
-           bash docker-entrypoint.sh dataSnapshot.sh
+           {{- if include "common.onServiceMesh" . }}
+           echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
+           bash docker-entrypoint.sh dataSnapshot.sh;
             {{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }}
          env:
          - name: LOCAL_USER_ID
diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml

index 76a11fa..a934902 100644 (file)
--- a/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml
@@ -126,7 +126,9 @@ spec:
          args:
          - -c
          - |
-           bash docker-entrypoint.sh createDBSchema.sh
+           {{- if include "common.onServiceMesh" . }}
+           echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
+           bash docker-entrypoint.sh createDBSchema.sh;
             {{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }}
          env:
          - name: LOCAL_USER_ID
diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml

index d2d0809..10b8255 100644 (file)
--- a/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml
@@ -171,6 +171,8 @@ spec:
          args:
          - -c
          - |
+           {{- if include "common.onServiceMesh" . }}
+           echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
             bash docker-entrypoint.sh run_Migrations.sh -e UpdateAaiUriIndexMigration --commit --skipPreMigrationSnapShot --runDisabled RebuildAllEdges ;
             {{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }}
          env:
@@ -325,6 +327,8 @@ spec:
          args:
          - -c
          - |
+           {{- if include "common.onServiceMesh" . }}
+           echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
             bash docker-entrypoint.sh dataSnapshot.sh
             {{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }}
          env:
diff --git a/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties b/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties

index 09eb397..2d7cf7f 100644 (file)
--- a/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties
+++ b/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties
@@ -26,6 +26,9 @@ ml.distribution.PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go
  {{ else }}
  ml.distribution.ASDC_ADDRESS=sdc-be.{{.Release.Namespace}}:8080
  ml.distribution.ASDC_USE_HTTPS=false
+ml.distribution.KEYSTORE_PASSWORD=
+ml.distribution.KEYSTORE_FILE=
+ml.distribution.PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp
  {{ end }}
  ml.distribution.CONSUMER_GROUP=aai-ml-group
  ml.distribution.CONSUMER_ID=aai-ml
diff --git a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml

index 6e5ab8b..d23d9cf 100644 (file)
--- a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml
@@ -33,6 +33,8 @@ spec:
        app: {{ include "common.name" . }}
    template:
      metadata:
+      annotations:
+        sidecar.istio.io/rewriteAppHTTPProbers: "false"
        labels:
          app: {{ include "common.name" . }}
          release: {{ include "common.release" . }}
diff --git a/kubernetes/aai/templates/service.yaml b/kubernetes/aai/templates/service.yaml

index d93bfc9..750e1ba 100644 (file)
--- a/kubernetes/aai/templates/service.yaml
+++ b/kubernetes/aai/templates/service.yaml
@@ -35,4 +35,3 @@ spec:
    type: {{ .Values.service.type }}
    selector:
      app: {{ include "common.name" . }}
-  clusterIP: {{ .Values.service.aaiServiceClusterIp }}
diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml

index 62d1d2e..ebbf8b6 100644 (file)
--- a/kubernetes/aai/values.yaml
+++ b/kubernetes/aai/values.yaml
@@ -389,9 +389,6 @@ service:
    externalPort: 8443
    internalPort: 8443
    nodePort: 33
-  # POLICY hotfix - Note this must be temporary
-  # See https://jira.onap.org/browse/POLICY-510
-  aaiServiceClusterIp:
    externalPlainPort: 80
    internalPlainPort: 8080
    nodeport: 33
diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml

index 9257dc8..ddad8d7 100644 (file)
--- a/kubernetes/common/dgbuilder/values.yaml
+++ b/kubernetes/common/dgbuilder/values.yaml
@@ -69,7 +69,7 @@ secrets:
  # Application configuration defaults.
  #################################################################
  # application image
-image: onap/ccsdk-dgbuilder-image:1.3.1
+image: onap/ccsdk-dgbuilder-image:1.3.4
  pullPolicy: Always
  
  # flag to enable debugging - application support required
@@ -130,7 +130,7 @@ readiness:
  service:
    type: NodePort
    name: dgbuilder
-  portName: dgbuilder
+  portName: http
    externalPort: 3000
    internalPort: 3100
    nodePort: 28
diff --git a/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml b/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml

index ea805c1..a7278ba 100644 (file)
--- a/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml
+++ b/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml
@@ -111,6 +111,12 @@ spec:
                value: "yes"
              - name: ELASTICSEARCH_NODE_TYPE
                value: "data"
+            - name: network.bind_host
+              value: 127.0.0.1
+            - name: network.publish_host
+              valueFrom:
+                fieldRef:
+                  fieldPath: status.podIP
            ports: {{- include "common.containerPorts" . |indent 12 }}
            {{- if .Values.livenessProbe.enabled }}
            livenessProbe:
diff --git a/kubernetes/common/elasticsearch/components/data/values.yaml b/kubernetes/common/elasticsearch/components/data/values.yaml

index 1328a20..1dc9ab8 100644 (file)
--- a/kubernetes/common/elasticsearch/components/data/values.yaml
+++ b/kubernetes/common/elasticsearch/components/data/values.yaml
@@ -47,7 +47,7 @@ replicaCount: 0
  service:
    ## list of ports for "common.containerPorts"
    ports:
-  - name: http-transport
+  - name: tcp-transport
      port: 9300
  
  image: bitnami/elasticsearch:7.9.3
diff --git a/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml b/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml

index a35b4bf..85ea2bb 100644 (file)
--- a/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml
+++ b/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml
@@ -115,6 +115,12 @@ spec:
                value: {{ .Values.dedicatednode | quote }}
              - name: ELASTICSEARCH_NODE_TYPE
                value: "master"
+            - name: network.bind_host
+              value: 127.0.0.1
+            - name: network.publish_host
+              valueFrom:
+                fieldRef:
+                  fieldPath: status.podIP
            ports: {{- include "common.containerPorts" . |indent 12 }}
            {{- if .Values.livenessProbe.enabled }}
            livenessProbe:
diff --git a/kubernetes/common/elasticsearch/components/master/values.yaml b/kubernetes/common/elasticsearch/components/master/values.yaml

index 3380449..2eae0de 100644 (file)
--- a/kubernetes/common/elasticsearch/components/master/values.yaml
+++ b/kubernetes/common/elasticsearch/components/master/values.yaml
@@ -170,7 +170,7 @@ service:
    ## list of ports for "common.containerPorts"
    ## Elasticsearch transport port
    ports:
-    - name: http-transport
+    - name: tcp-transport
        port: 9300
    ## master-eligible service type
    ##
diff --git a/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml b/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml

index 22de4db..05e09cb 100644 (file)
--- a/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml
+++ b/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml
@@ -113,6 +113,12 @@ spec:
                value: "coordinating"
              - name: ELASTICSEARCH_PORT_NUMBER
                value: "9000"
+            - name: network.bind_host
+              value: 127.0.0.1
+            - name: network.publish_host
+              valueFrom:
+                fieldRef:
+                  fieldPath: status.podIP
            {{/*ports: {{- include "common.containerPorts" . | indent 12 -}} */}}
            {{- if .Values.livenessProbe.enabled }}
            livenessProbe:
diff --git a/kubernetes/common/elasticsearch/values.yaml b/kubernetes/common/elasticsearch/values.yaml

index a3f1564..6c46f32 100644 (file)
--- a/kubernetes/common/elasticsearch/values.yaml
+++ b/kubernetes/common/elasticsearch/values.yaml
@@ -148,7 +148,7 @@ nginx:
    service:
      name: nginx
      ports:
-    - name: elasticsearch
+    - name: http-es
        port: 8080
  ## Custom server block to be added to NGINX configuration
  ## PHP-FPM example server block:
@@ -230,7 +230,7 @@ service:
    ##
    type: ClusterIP
    headlessPorts:
-  - name: http-transport
+  - name: tcp-transport
      port: 9300
    headless:
      suffix: discovery
@@ -240,7 +240,7 @@ service:
    ## Elasticsearch tREST API port
    ##
    ports:
-  - name: elasticsearch
+  - name: http-es
      port: 9200
  
  
diff --git a/kubernetes/common/etcd-init/templates/job.yaml b/kubernetes/common/etcd-init/templates/job.yaml

index 69bcfaa..9d7dcc2 100644 (file)
--- a/kubernetes/common/etcd-init/templates/job.yaml
+++ b/kubernetes/common/etcd-init/templates/job.yaml
@@ -55,6 +55,8 @@ spec:
            - /bin/sh
            - -ec
            - |
+            {{- if include "common.onServiceMesh" . }}
+            echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
              # Create users
              export ETCDCTL_ENDPOINTS=http://${ETCD_HOST}:${ETCD_PORT}
              export ETCDCTL_API=3
@@ -89,6 +91,7 @@ spec:
            name: localtime
            readOnly: true
          resources: {{ include "common.resources" . | nindent 12 }}
+      {{ include "common.waitForJobContainer" . | indent 6 | trim }}
        {{- if .Values.nodeSelector }}
        nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }}
        {{- end -}}
diff --git a/kubernetes/common/etcd-init/values.yaml b/kubernetes/common/etcd-init/values.yaml

index c99c9f1..6ccfb3e 100644 (file)
--- a/kubernetes/common/etcd-init/values.yaml
+++ b/kubernetes/common/etcd-init/values.yaml
@@ -72,3 +72,7 @@ resources:
        cpu: 20m
        memory: 20Mi
    unlimited: {}
+
+wait_for_job_container:
+  containers:
+    - '{{ include "common.name" . }}'
diff --git a/kubernetes/common/mariadb-galera/templates/service.yaml b/kubernetes/common/mariadb-galera/templates/service.yaml

index 880bc55..9b4c05e 100644 (file)
--- a/kubernetes/common/mariadb-galera/templates/service.yaml
+++ b/kubernetes/common/mariadb-galera/templates/service.yaml
@@ -29,7 +29,7 @@ metadata:
  spec:
    selector:
      matchLabels:
-      app: {{ include "common.servicename" . }}
+      app.kubernetes.io/name: {{ include "common.servicename" . }}
    portLevelMtls:
      {{ .Values.service.internalPort }}:
        mode: DISABLE
diff --git a/kubernetes/common/network-name-gen/templates/deployment.yaml b/kubernetes/common/network-name-gen/templates/deployment.yaml

index 9bdf19c..97fece8 100644 (file)
--- a/kubernetes/common/network-name-gen/templates/deployment.yaml
+++ b/kubernetes/common/network-name-gen/templates/deployment.yaml
@@ -80,7 +80,11 @@ spec:
          - name: POL_BASIC_AUTH_PASSWORD
            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pol-basic-auth-secret" "key" "password") | indent 10}}
          - name: POL_URL
-          value: "{{ .Values.config.polUrl }}"
+          {{- if (include "common.needTLS" .) }}
+          value: "{{ .Values.config.polUrl.https }}"
+          {{- else }}
+          value: "{{ .Values.config.polUrl.http }}"
+          {{- end }}
          - name: POL_ENV
            value: "{{ .Values.config.polEnv }}"
          - name: POL_REQ_ID
@@ -90,7 +94,11 @@ spec:
          - name: AAI_CERT_PATH
            value: "{{ .Values.config.aaiCertPath }}"
          - name: AAI_URI
-          value: "{{ .Values.config.aaiUri }}"
+          {{- if (include "common.needTLS" .) }}
+          value: "{{ .Values.config.aaiUri.https }}"
+          {{- else }}
+          value: "{{ .Values.config.aaiUri.http }}"
+          {{- end }}
          - name: AAI_AUTH
            value: "{{ .Values.config.aaiAuth }}"
          - name: DISABLE_HOST_VERIFICATION
diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml

index 5f864a6..e5e2a7a 100644 (file)
--- a/kubernetes/common/network-name-gen/values.yaml
+++ b/kubernetes/common/network-name-gen/values.yaml
@@ -87,14 +87,18 @@ config:
    polClientAuth: cHl0aG9uOnRlc3Q=
    polBasicAuthUser: healthcheck
    polBasicAuthPassword: zb!XztG34
-  polUrl: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision
+  polUrl:
+    https: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision
+    http: http://policy-xacml-pdp:8080/policy/pdpx/v1/decision
    polEnv: TEST
    polReqId: xx
    disableHostVerification: true
    aaiCertPass: changeit
    aaiCertPath: /opt/etc/config/aai_keystore
    aaiAuth: QUFJOkFBSQ==
-  aaiUri: https://aai:8443/aai/v14/
+  aaiUri:
+    https: https://aai:8443/aai/v14/
+    http: http://aai:8080/aai/v14/
  
  # default number of instances
  replicaCount: 1
@@ -118,7 +122,7 @@ readiness:
  service:
    type: ClusterIP
    name: neng-serv
-  portName: neng-serv-port
+  portName: http
    internalPort: 8080
    externalPort: 8080
  
diff --git a/kubernetes/common/postgres-init/templates/job.yaml b/kubernetes/common/postgres-init/templates/job.yaml

index 01151bb..d9a7386 100644 (file)
--- a/kubernetes/common/postgres-init/templates/job.yaml
+++ b/kubernetes/common/postgres-init/templates/job.yaml
@@ -59,6 +59,8 @@ spec:
            }
            export PG_PASSWORD=`prepare_password $PG_PASSWORD_INPUT`;
            export PG_ROOT_PASSWORD=`prepare_password $PG_ROOT_PASSWORD_INPUT`;
+          {{- if include "common.onServiceMesh" . }}
+          echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
            cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done;
            psql "postgresql://postgres:$PG_ROOT_PASSWORD@$PG_HOST" < /config/setup.sql
          env:
@@ -98,6 +100,7 @@ spec:
            name: pgconf
          resources:
  {{ include "common.resources" . | indent 12 }}
+      {{ include "common.waitForJobContainer" . | indent 6 | trim }}
        {{- if .Values.nodeSelector }}
        nodeSelector:
  {{ toYaml .Values.nodeSelector | indent 10 }}
diff --git a/kubernetes/common/postgres-init/values.yaml b/kubernetes/common/postgres-init/values.yaml

index 7bcd8e2..d6d51f0 100644 (file)
--- a/kubernetes/common/postgres-init/values.yaml
+++ b/kubernetes/common/postgres-init/values.yaml
@@ -89,3 +89,7 @@ resources:
        cpu: 1
        memory: 2Gi
    unlimited: {}
+
+wait_for_job_container:
+  containers:
+    - '{{ include "common.name" . }}-update-config'
+\ No newline at end of file
diff --git a/kubernetes/contrib/components/ejbca/templates/deployment.yaml b/kubernetes/contrib/components/ejbca/templates/deployment.yaml

index 6bd5b25..a36dcac 100644 (file)
--- a/kubernetes/contrib/components/ejbca/templates/deployment.yaml
+++ b/kubernetes/contrib/components/ejbca/templates/deployment.yaml
@@ -22,6 +22,16 @@ spec:
    selector: {{- include "common.selectors" . | nindent 4 }}
    template:
      metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+      {{- if (include "common.onServiceMesh" . ) }}
+      annotations:
+      {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }}
+        linkerd.io/inject: disabled
+      {{- end }}
+      {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }}
+        sidecar.istio.io/rewriteAppHTTPProbers: "false"
+        proxy.istio.io/config: '{ "holdApplicationUntilProxyStarts": true }'
+      {{- end }}
+      {{- end }}
      spec:
        imagePullSecrets:
        - name: "{{ include "common.namespace" . }}-docker-registry-key"
@@ -51,7 +61,11 @@ spec:
          lifecycle:
            postStart:
              exec:
-              command: ["/bin/sh", "-c", "/opt/primekey/scripts/ejbca-config.sh"]
+              command:
+                - sh
+                - -c
+                - |
+                  sleep 60; /opt/primekey/scripts/ejbca-config.sh
          volumeMounts:
            - name: "{{ include "common.fullname" . }}-volume"
              mountPath: /opt/primekey/scripts/
diff --git a/kubernetes/contrib/components/ejbca/values.yaml b/kubernetes/contrib/components/ejbca/values.yaml

index 52e0e75..b777a7d 100644 (file)
--- a/kubernetes/contrib/components/ejbca/values.yaml
+++ b/kubernetes/contrib/components/ejbca/values.yaml
@@ -86,14 +86,14 @@ affinity: {}
  # probe configuration parameters
  liveness:
    path: /ejbca/publicweb/healthcheck/ejbcahealth
-  port: api
-  initialDelaySeconds: 30
+  port: 8443
+  initialDelaySeconds: 180
    periodSeconds: 30
  
  readiness:
    path: /ejbca/publicweb/healthcheck/ejbcahealth
-  port: api
-  initialDelaySeconds: 30
+  port: 8443
+  initialDelaySeconds: 180
    periodSeconds: 30
  
  service:
@@ -106,7 +106,7 @@ service:
        port_protocol: http
  
  # Resource Limit flavor -By Default using small
-flavor: small
+flavor: unlimited
  # Segregation for Different environment (Small and Large)
  resources:
    small:
diff --git a/kubernetes/cps/components/cps-core/templates/deployment.yaml b/kubernetes/cps/components/cps-core/templates/deployment.yaml

index 54e2cc6..a247f14 100644 (file)
--- a/kubernetes/cps/components/cps-core/templates/deployment.yaml
+++ b/kubernetes/cps/components/cps-core/templates/deployment.yaml
@@ -88,6 +88,12 @@ spec:
              path: {{ .Values.readiness.path }}
            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
            periodSeconds: {{ .Values.readiness.periodSeconds }}
+        startupProbe:
+          httpGet:
+            path: {{ .Values.startup.path }}
+            port: {{ .Values.startup.port }}
+          failureThreshold: {{ .Values.startup.failureThreshold }}
+          periodSeconds: {{ .Values.startup.periodSeconds }}
          env:
            - name: SPRING_PROFILES_ACTIVE
              value: {{ .Values.config.spring.profile }}
diff --git a/kubernetes/cps/components/cps-core/values.yaml b/kubernetes/cps/components/cps-core/values.yaml

index c548abb..5a10b2f 100644 (file)
--- a/kubernetes/cps/components/cps-core/values.yaml
+++ b/kubernetes/cps/components/cps-core/values.yaml
@@ -145,6 +145,12 @@ readiness:
    path: /manage/health
    port: *mgt_port
  
+startup:
+  failureThreshold: 5
+  periodSeconds: 60
+  path: /manage/health
+  port: *mgt_port
+
  ingress:
    enabled: true
    service:
diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml

index 7609ba6..9916021 100644 (file)
--- a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml
@@ -21,13 +21,6 @@ global:
    nodePortPrefix: 302
    nodePortPrefixExt: 304
  
-#################################################################
-# Filebeat configuration defaults.
-#################################################################
-filebeatConfig:
-  logstashServiceName: log-ls
-  logstashPort: 5044
-
  #################################################################
  # initContainer images.
  #################################################################
@@ -66,12 +59,8 @@ mongo:
  
  # log directory where logging sidecar should look for log files
  # if absent, no sidecar will be deployed
-#logDirectory: TBD  #/opt/app/VESCollector/logs #DONE
-
-# Following requires manual override until fix for DCAEGEN2-3087
-# is available to switch logDirectory setting to log.path
-log:
-  path: /opt/app/
+#log:
+#  path: TBD #/opt/app/VESCollector/logs #DONE
  logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
  
  # directory where TLS certs should be stored
diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml

index 5c50381..64d196d 100644 (file)
--- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
@@ -93,7 +93,7 @@ readiness:
  
  
  # application image
-image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.2
+image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.3
  
  # Resource Limit flavor -By Default using small
  flavor: small
diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml

index c497622..ce5e410 100644 (file)
--- a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml
+++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml
@@ -32,6 +32,16 @@ spec:
      metadata:
        labels:
          control-plane: controller-manager
+      {{- if (include "common.onServiceMesh" . | nindent 6 ) }}
+      annotations:
+      {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }}
+        linkerd.io/inject: disabled
+      {{- end }}
+      {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }}
+          traffic.sidecar.istio.io/excludeInboundPorts: "8080,8443"
+          traffic.sidecar.istio.io/includeInboundPorts: '*'
+      {{- end }}
+      {{- end }}
      spec:
        imagePullSecrets:
        - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml b/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml

index 8215ed9..5f80a7d 100644 (file)
--- a/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml
+++ b/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml
@@ -22,6 +22,16 @@ spec:
    selector: {{- include "common.selectors" . | nindent 4 }}
    template:
      metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+      {{- if (include "common.onServiceMesh" . ) }}
+      annotations:
+      {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }}
+        linkerd.io/inject: disabled
+      {{- end }}
+      {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }}
+          traffic.sidecar.istio.io/excludeInboundPorts: "8080,8443"
+          traffic.sidecar.istio.io/includeInboundPorts: '*'
+      {{- end }}
+      {{- end }}
      spec:
        imagePullSecrets:
        - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/sdnc/components/dmaap-listener/values.yaml b/kubernetes/sdnc/components/dmaap-listener/values.yaml

index 3d9fc6a..5094b6e 100644 (file)
--- a/kubernetes/sdnc/components/dmaap-listener/values.yaml
+++ b/kubernetes/sdnc/components/dmaap-listener/values.yaml
@@ -49,7 +49,7 @@ secrets:
  # Application configuration defaults.
  #################################################################
  # application image
-image: onap/sdnc-dmaap-listener-image:2.3.1
+image: onap/sdnc-dmaap-listener-image:2.3.2
  pullPolicy: Always
  
  # flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml

index 1db0ed7..c89f03b 100644 (file)
--- a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml
+++ b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml
@@ -49,7 +49,7 @@ secrets:
  # Application configuration defaults.
  #################################################################
  # application image
-image: onap/sdnc-ansible-server-image:2.3.1
+image: onap/sdnc-ansible-server-image:2.3.2
  pullPolicy: Always
  
  # flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/components/sdnc-web/values.yaml b/kubernetes/sdnc/components/sdnc-web/values.yaml

index 997d0a2..c066b5e 100644 (file)
--- a/kubernetes/sdnc/components/sdnc-web/values.yaml
+++ b/kubernetes/sdnc/components/sdnc-web/values.yaml
@@ -23,7 +23,7 @@ global:
  # Application configuration defaults.
  #################################################################
  # application image
-image: "onap/sdnc-web-image:2.3.1"
+image: "onap/sdnc-web-image:2.3.2"
  pullPolicy: Always
  
  config:
diff --git a/kubernetes/sdnc/components/ueb-listener/values.yaml b/kubernetes/sdnc/components/ueb-listener/values.yaml

index c74f652..4d3cce7 100644 (file)
--- a/kubernetes/sdnc/components/ueb-listener/values.yaml
+++ b/kubernetes/sdnc/components/ueb-listener/values.yaml
@@ -55,7 +55,7 @@ secrets:
  # Application configuration defaults.
  #################################################################
  # application image
-image: onap/sdnc-ueb-listener-image:2.3.1
+image: onap/sdnc-ueb-listener-image:2.3.2
  pullPolicy: Always
  
  # flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml

index b4c0dd5..9539d01 100644 (file)
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -210,7 +210,7 @@ certificates:
  # application images
  
  pullPolicy: Always
-image: onap/sdnc-image:2.3.1
+image: onap/sdnc-image:2.3.2
  
  # flag to enable debugging - application support required
  debugEnabled: false
diff --git a/kubernetes/so/Chart.yaml b/kubernetes/so/Chart.yaml

index d746647..0c47c3b 100755 (executable)
--- a/kubernetes/so/Chart.yaml
+++ b/kubernetes/so/Chart.yaml
@@ -28,6 +28,7 @@ dependencies:
    - name: certInitializer
      version: ~10.x-0
      repository: '@local'
+    condition: global.aafEnabled
    - name: readinessCheck
      version: ~10.x-0
      repository: '@local'
diff --git a/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml b/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml

index 4b46721..808c439 100644 (file)
--- a/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml
+++ b/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml
@@ -116,7 +116,7 @@ spec:
  
          ports:
          - containerPort: {{ index .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
            protocol: TCP
        serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
        volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-admin-cockpit/templates/service.yaml b/kubernetes/so/components/so-admin-cockpit/templates/service.yaml

index c443978..b23e5ab 100644 (file)
--- a/kubernetes/so/components/so-admin-cockpit/templates/service.yaml
+++ b/kubernetes/so/components/so-admin-cockpit/templates/service.yaml
@@ -39,14 +39,12 @@ spec:
      {{if and (eq .Values.service.type "NodePort") (.Values.global.aafEnabled) -}}
      - port: {{ .Values.service.internalPort }}
        nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- else -}}
      - port: {{ .Values.service.externalPort }}
        targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- end}}
    selector:
      app: {{ include "common.name" . }}
      release: {{ include "common.release" . }}
-
-
diff --git a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml

index 360936d..9feab4d 100755 (executable)
--- a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml
@@ -17,7 +17,11 @@ aai:
    auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}}
    dme2:
      timeout: '30000'
+  {{ if (include "common.needTLS" .) }}
    endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://aai.{{ include "common.namespace" . }}:8080
+  {{ end }}
    workflowAaiDistributionDelay: PT30S
    pnfEntryNotificationTimeout: P14D
  cds:
@@ -158,7 +162,11 @@ mso:
    oof:
      auth: {{ .Values.mso.oof.auth }}
      callbackEndpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
+    {{ if (include "common.needTLS" .) }}
      endpoint: https://oof-osdf.{{ include "common.namespace" . }}:8698
+    {{ else }}
+    endpoint: http://oof-osdf.{{ include "common.namespace" . }}:8698
+    {{ end }}
      timeout: PT30M
    workflow:
      CreateGenericVNFV1:
diff --git a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml

index 57a2b2c..2b8b827 100755 (executable)
--- a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml
@@ -87,7 +87,7 @@ spec:
  {{ include "so.helpers.livenessProbe" .| indent 8 }}
          ports:
          - containerPort: {{ index .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
            protocol: TCP
        # Filebeat sidecar container
        {{ include "common.log.sidecar" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-bpmn-infra/templates/service.yaml b/kubernetes/so/components/so-bpmn-infra/templates/service.yaml

index 6eb6f27..5b8dee0 100755 (executable)
--- a/kubernetes/so/components/so-bpmn-infra/templates/service.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/templates/service.yaml
@@ -29,11 +29,11 @@ spec:
      {{if eq .Values.service.type "NodePort" -}}
      - port: {{ .Values.service.internalPort }}
        nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- else -}}
      - port: {{ .Values.service.externalPort }}
        targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- end}}
    selector:
      app: {{ include "common.name" . }}
diff --git a/kubernetes/so/components/so-bpmn-infra/values.yaml b/kubernetes/so/components/so-bpmn-infra/values.yaml

index d5ff829..af185ae 100755 (executable)
--- a/kubernetes/so/components/so-bpmn-infra/values.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/values.yaml
@@ -123,7 +123,7 @@ service:
    type: ClusterIP
    internalPort: *containerPort
    externalPort: 8081
-  portName: so-bpmn-port
+  portName: http
  updateStrategy:
    type: RollingUpdate
    maxUnavailable: 1
diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml

index 30e5551..fa9d3a6 100755 (executable)
--- a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml
@@ -85,7 +85,7 @@ spec:
  {{ include "so.helpers.livenessProbe" .| indent 8 }}
          ports:
          - containerPort: {{ index .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
            protocol: TCP
        serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
        volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml

index 6eb6f27..5b8dee0 100755 (executable)
--- a/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml
@@ -29,11 +29,11 @@ spec:
      {{if eq .Values.service.type "NodePort" -}}
      - port: {{ .Values.service.internalPort }}
        nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- else -}}
      - port: {{ .Values.service.externalPort }}
        targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- end}}
    selector:
      app: {{ include "common.name" . }}
diff --git a/kubernetes/so/components/so-catalog-db-adapter/values.yaml b/kubernetes/so/components/so-catalog-db-adapter/values.yaml

index a5961ee..b436094 100755 (executable)
--- a/kubernetes/so/components/so-catalog-db-adapter/values.yaml
+++ b/kubernetes/so/components/so-catalog-db-adapter/values.yaml
@@ -87,7 +87,7 @@ service:
      type: ClusterIP
      internalPort: *containerPort
      externalPort: *containerPort
-    portName: so-catdb-port
+    portName: http
  updateStrategy:
      type: RollingUpdate
      maxUnavailable: 1
diff --git a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml

index c99465b..0c2f679 100755 (executable)
--- a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml
@@ -16,7 +16,11 @@
  
  aai:
    auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.server.aai.auth ) }}
+  {{ if (include "common.needTLS" .) }}
    endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://aai.{{ include "common.namespace" . }}:8080
+  {{ end }}
    enabled: {{ .Values.global.aai.enabled }}
  logging:
    path: logs
@@ -50,4 +54,3 @@ management:
        prometheus:
          enabled: true # Whether exporting of metrics to Prometheus is enabled.
          step: 1m # Step size (i.e. reporting frequency) to use.
-
diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml

index 5fc28e2..7c1cb1b 100644 (file)
--- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml
@@ -17,7 +17,11 @@
  aai:
    auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}}
    version: v19
+  {{ if (include "common.needTLS" .) }}
    endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://aai.{{ include "common.namespace" . }}:8080
+  {{ end }}
  spring:
    datasource:
      hikari:
@@ -54,7 +58,11 @@ so:
  etsi-catalog-manager:
    base:
    {{- if .Values.global.msbEnabled }}
+    {{ if (include "common.needTLS" .) }}
      endpoint: https://msb-iag:443/api
+    {{ else }}
+    endpoint: http://msb-iag:443/api
+    {{ end }}
    http:
      client:
        ssl:
diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml

index e6a1d7c..33b38ad 100755 (executable)
--- a/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml
@@ -16,7 +16,11 @@
  aai:
    auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}}
    version: v15
+  {{ if (include "common.needTLS" .) }}
    endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://aai.{{ include "common.namespace" . }}:8080
+  {{ end }}
  spring:
    security:
      usercredentials:
@@ -42,7 +46,11 @@ sdc:
    username: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.username "value2" .Values.sdc.username )}}
    password: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.password "value2" .Values.sdc.password )}}
    key: {{ .Values.sdc.key }}
+  {{ if (include "common.needTLS" .) }}
    endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://sdc-be.{{ include "common.namespace" . }}:8080
+  {{ end }}
  vnfmadapter:
    endpoint: http://so-etsi-sol003-adapter.{{ include "common.namespace" . }}:9092
  etsi-catalog-manager:
diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml

index 3272bfd..7751bf4 100755 (executable)
--- a/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml
@@ -76,7 +76,7 @@ spec:
            failureThreshold: {{ .Values.livenessProbe.failureThreshold}}
          ports:
          - containerPort: {{ .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
            protocol: TCP
        serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
        volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml

index 5772a89..96a2acd 100755 (executable)
--- a/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml
@@ -40,11 +40,11 @@ spec:
      {{if eq .Values.service.type "NodePort" -}}
      - port: {{ .Values.service.internalPort }}
        nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- else -}}
      - port: {{ .Values.service.externalPort }}
        targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- end}}
    selector:
      app: {{ include "common.name" . }}
diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml

index dd46da0..e1e2fc2 100755 (executable)
--- a/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml
@@ -45,7 +45,11 @@ mso:
    msb-port: 80
    adapters:
      requestDb:
+      {{ if (include "common.needTLS" .) }}
        endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+      {{ else }}
+      endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+      {{ end }}
        auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}}
  #Actuator
  management:
diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml

index 4f8f4d9..1abf218 100755 (executable)
--- a/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml
@@ -94,7 +94,7 @@ spec:
            failureThreshold: {{ .Values.livenessProbe.failureThreshold}}
          ports:
          - containerPort: {{ .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
            protocol: TCP
        serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
        volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml

index 2ecc66f..5b8dee0 100755 (executable)
--- a/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml
@@ -29,12 +29,12 @@ spec:
      {{if eq .Values.service.type "NodePort" -}}
      - port: {{ .Values.service.internalPort }}
        nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- else -}}
      - port: {{ .Values.service.externalPort }}
        targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- end}}
    selector:
      app: {{ include "common.name" . }}
-    release: {{ include "common.release" . }}
-\ No newline at end of file
+    release: {{ include "common.release" . }}
diff --git a/kubernetes/so/components/so-mariadb/templates/job.yaml b/kubernetes/so/components/so-mariadb/templates/job.yaml

index 2a84fac..d9c6009 100644 (file)
--- a/kubernetes/so/components/so-mariadb/templates/job.yaml
+++ b/kubernetes/so/components/so-mariadb/templates/job.yaml
@@ -53,13 +53,17 @@ spec:
          command:
          - /bin/bash
          - -c
-        - mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb nfvo > /var/data/mariadb/backup-`date +%s`.sql
+        - |
+          {{- if include "common.onServiceMesh" . }}
+          echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
+          mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb nfvo > /var/data/mariadb/backup-`date +%s`.sql
          volumeMounts:
          - mountPath: /etc/localtime
            name: localtime
            readOnly: true
          - name: backup-storage
            mountPath: /var/data/mariadb
+      {{ include "common.waitForJobContainer" . | indent 6 | trim }}
        serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
        volumes:
        - name: localtime
@@ -105,6 +109,8 @@ spec:
          - /bin/bash
          - -c
          - >
+          {{- if include "common.onServiceMesh" . }}
+          echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
            mysql() { /usr/bin/mysql  -h ${DB_HOST} -P ${DB_PORT} "$@"; };
            export -f mysql;
            mysql --user=root --password=${MYSQL_ROOT_PASSWORD} requestdb -e exit > /dev/null 2>&1 {{ if not .Values.global.migration.enabled }} && echo "Database already initialized!!!" && exit 0 {{ end }};
@@ -157,6 +163,7 @@ spec:
          {{- end }}
          resources:
  {{ include "common.resources" . | indent 12 }}
+      {{ include "common.waitForJobContainer" . | indent 6 | trim }}
        {{- if .Values.nodeSelector }}
        nodeSelector:
  {{ toYaml .Values.nodeSelector | indent 10 }}
diff --git a/kubernetes/so/components/so-mariadb/values.yaml b/kubernetes/so/components/so-mariadb/values.yaml

index 58e34b7..13dd086 100755 (executable)
--- a/kubernetes/so/components/so-mariadb/values.yaml
+++ b/kubernetes/so/components/so-mariadb/values.yaml
@@ -21,7 +21,7 @@ global:
    nodePortPrefix: 302
    nodePortPrefixExt: 304
    repository: nexus3.onap.org:10001
-  readinessImage: onap/oom/readiness:3.0.1
+  readinessImage: onap/oom/readiness:4.1.0
    ubuntuInitRepository: docker.io
    mariadbGalera:
      nameOverride: &mariadbName mariadb-galera
@@ -187,3 +187,7 @@ serviceAccount:
    nameOverride: so-mariadb
    roles:
      - read
+
+wait_for_job_container:
+  containers:
+    - '{{ include "common.name" . }}-config'
diff --git a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml

index 75db547..1d8a97c 100755 (executable)
--- a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml
@@ -15,7 +15,11 @@
  */}}
  aai:
    auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}}
+  {{ if (include "common.needTLS" .) }}
    endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://aai.{{ include "common.namespace" . }}:8080
+  {{ end }}
  logging:
    path: logs
  spring:
@@ -51,7 +55,11 @@ mso:
    msb-port: 80
    adapters:
      requestDb:
+      {{ if (include "common.needTLS" .) }}
        endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+      {{ else }}
+      endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+      {{ end }}
        auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}}
  #Actuator
  management:
diff --git a/kubernetes/so/components/so-nssmf-adapter/values.yaml b/kubernetes/so/components/so-nssmf-adapter/values.yaml

index 2489ddd..29f9f4e 100755 (executable)
--- a/kubernetes/so/components/so-nssmf-adapter/values.yaml
+++ b/kubernetes/so/components/so-nssmf-adapter/values.yaml
@@ -107,7 +107,7 @@ app: nssmf-adapter
  service:
    type: ClusterIP
    ports:
-    - name: api
+    - name: http
        port: *containerPort
  updateStrategy:
      type: RollingUpdate
diff --git a/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml

index 5013c34..8db5d26 100755 (executable)
--- a/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml
@@ -42,7 +42,11 @@ mso:
        endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
    oof:
      auth: ${OOF_LOGIN}:${OOF_PASSWORD}
+    {{ if (include "common.needTLS" .) }}
      endpoint: https://oof-osdf.{{ include "common.namespace" . }}:8698
+    {{ else }}
+    endpoint: http://oof-osdf.{{ include "common.namespace" . }}:8698
+    {{ end }}
  #Actuator
  management:
    endpoints:
diff --git a/kubernetes/so/components/so-oof-adapter/values.yaml b/kubernetes/so/components/so-oof-adapter/values.yaml

index 863e0e9..530c35a 100755 (executable)
--- a/kubernetes/so/components/so-oof-adapter/values.yaml
+++ b/kubernetes/so/components/so-oof-adapter/values.yaml
@@ -89,7 +89,7 @@ app: so-oof-adapter
  service:
      type: ClusterIP
      ports:
-      - name: api
+      - name: http
          port: *containerPort
  updateStrategy:
      type: RollingUpdate
diff --git a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml

index e332f98..487e931 100755 (executable)
--- a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml
@@ -15,7 +15,11 @@
  */}}
  aai:
    auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}}
+  {{ if (include "common.needTLS" .) }}
    endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://aai.{{ include "common.namespace" . }}:8080
+  {{ end }}
  server:
    port: {{ index .Values.containerPort }}
  spring:
diff --git a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml

index f370fbd..55493f7 100755 (executable)
--- a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml
@@ -87,7 +87,7 @@ spec:
  {{ include "so.helpers.livenessProbe" .| indent 8 }}
          ports:
          - containerPort: {{ index .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
            protocol: TCP
        # Filebeat sidecar container
        {{ include "common.log.sidecar" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-openstack-adapter/templates/service.yaml b/kubernetes/so/components/so-openstack-adapter/templates/service.yaml

index 6eb6f27..5b8dee0 100755 (executable)
--- a/kubernetes/so/components/so-openstack-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/templates/service.yaml
@@ -29,11 +29,11 @@ spec:
      {{if eq .Values.service.type "NodePort" -}}
      - port: {{ .Values.service.internalPort }}
        nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- else -}}
      - port: {{ .Values.service.externalPort }}
        targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- end}}
    selector:
      app: {{ include "common.name" . }}
diff --git a/kubernetes/so/components/so-openstack-adapter/values.yaml b/kubernetes/so/components/so-openstack-adapter/values.yaml

index 057f8a0..28338cf 100755 (executable)
--- a/kubernetes/so/components/so-openstack-adapter/values.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/values.yaml
@@ -95,7 +95,7 @@ service:
      type: ClusterIP
      internalPort: *containerPort
      externalPort: *containerPort
-    portName: so-optack-port
+    portName: http
  updateStrategy:
      type: RollingUpdate
      maxUnavailable: 1
diff --git a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml

index 30e5551..fa9d3a6 100755 (executable)
--- a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml
@@ -85,7 +85,7 @@ spec:
  {{ include "so.helpers.livenessProbe" .| indent 8 }}
          ports:
          - containerPort: {{ index .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
            protocol: TCP
        serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
        volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-request-db-adapter/templates/service.yaml b/kubernetes/so/components/so-request-db-adapter/templates/service.yaml

index 6eb6f27..5b8dee0 100755 (executable)
--- a/kubernetes/so/components/so-request-db-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-request-db-adapter/templates/service.yaml
@@ -29,11 +29,11 @@ spec:
      {{if eq .Values.service.type "NodePort" -}}
      - port: {{ .Values.service.internalPort }}
        nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- else -}}
      - port: {{ .Values.service.externalPort }}
        targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- end}}
    selector:
      app: {{ include "common.name" . }}
diff --git a/kubernetes/so/components/so-request-db-adapter/values.yaml b/kubernetes/so/components/so-request-db-adapter/values.yaml

index e932a0b..6bcd388 100755 (executable)
--- a/kubernetes/so/components/so-request-db-adapter/values.yaml
+++ b/kubernetes/so/components/so-request-db-adapter/values.yaml
@@ -83,7 +83,7 @@ service:
      type: ClusterIP
      internalPort: *containerPort
      externalPort: *containerPort
-    portName: so-reqdb-port
+    portName: http
  updateStrategy:
      type: RollingUpdate
      maxUnavailable: 1
diff --git a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml

index b20e33a..ffa66e9 100755 (executable)
--- a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml
@@ -63,19 +63,28 @@ mso:
        endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
        auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.requestDb.auth )}}
    aai:
+    {{ if (include "common.needTLS" .) }}
      endpoint: https://aai.{{ include "common.namespace" . }}:8443
+    {{ else }}
+    endpoint: http://aai.{{ include "common.namespace" . }}:8080
+    {{ end }}
    asdc-connections:
      asdc-controller1:
        user: mso
        consumerGroup: SO-OpenSource-Env11
        consumerId: SO-COpenSource-Env11
        environmentName: AUTO
+      {{ if (include "common.needTLS" .) }}
        asdcAddress: sdc-be.{{ include "common.namespace" . }}:8443
+      {{ else }}
+      asdcAddress: sdc-be.{{ include "common.namespace" . }}:8080
+      {{ end }}
        password: {{ index .Values "mso" "asdc-connections" "asdc-controller1" "password" }}
        pollingInterval: 60
        pollingTimeout: 60
        relevantArtifactTypes: HEAT,HEAT_ENV,HEAT_VOL
        useHttpsWithDmaap: false
+      useHttpsWithSdc: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
        activateServerTLSAuth: false
        keyStorePassword:
        keyStorePath:
diff --git a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml

index f370fbd..55493f7 100755 (executable)
--- a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml
+++ b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml
@@ -87,7 +87,7 @@ spec:
  {{ include "so.helpers.livenessProbe" .| indent 8 }}
          ports:
          - containerPort: {{ index .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
            protocol: TCP
        # Filebeat sidecar container
        {{ include "common.log.sidecar" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-sdc-controller/templates/service.yaml b/kubernetes/so/components/so-sdc-controller/templates/service.yaml

index 6eb6f27..5b8dee0 100755 (executable)
--- a/kubernetes/so/components/so-sdc-controller/templates/service.yaml
+++ b/kubernetes/so/components/so-sdc-controller/templates/service.yaml
@@ -29,11 +29,11 @@ spec:
      {{if eq .Values.service.type "NodePort" -}}
      - port: {{ .Values.service.internalPort }}
        nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- else -}}
      - port: {{ .Values.service.externalPort }}
        targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- end}}
    selector:
      app: {{ include "common.name" . }}
diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml

index 58e93f5..c0e3f50 100755 (executable)
--- a/kubernetes/so/components/so-sdc-controller/values.yaml
+++ b/kubernetes/so/components/so-sdc-controller/values.yaml
@@ -91,7 +91,7 @@ service:
      type: ClusterIP
      internalPort: *containerPort
      externalPort: *containerPort
-    portName: so-sdc-port
+    portName: http
  updateStrategy:
      type: RollingUpdate
      maxUnavailable: 1
diff --git a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml

index 01e0ab7..b95e0b5 100755 (executable)
--- a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml
@@ -91,7 +91,7 @@ spec:
  {{ include "so.helpers.livenessProbe" .| indent 8 }}
          ports:
          - containerPort: {{ index .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
            protocol: TCP
        # Filebeat sidecar container
        {{ include "common.log.sidecar" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml b/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml

index 6eb6f27..5b8dee0 100755 (executable)
--- a/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml
@@ -29,11 +29,11 @@ spec:
      {{if eq .Values.service.type "NodePort" -}}
      - port: {{ .Values.service.internalPort }}
        nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- else -}}
      - port: {{ .Values.service.externalPort }}
        targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- end}}
    selector:
      app: {{ include "common.name" . }}
diff --git a/kubernetes/so/components/so-sdnc-adapter/values.yaml b/kubernetes/so/components/so-sdnc-adapter/values.yaml

index cb9d02a..54fa88c 100755 (executable)
--- a/kubernetes/so/components/so-sdnc-adapter/values.yaml
+++ b/kubernetes/so/components/so-sdnc-adapter/values.yaml
@@ -110,7 +110,7 @@ service:
      type: ClusterIP
      internalPort: *containerPort
      externalPort: *containerPort
-    portName: so-sdnc-port
+    portName: http
  updateStrategy:
      type: RollingUpdate
      maxUnavailable: 1
diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml

index f46219c..8471540 100755 (executable)
--- a/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml
@@ -18,10 +18,18 @@ server:
    port: {{ include "common.getPort" (dict "global" . "name" "http") }}
  
  vevnfmadapter:
+  {{ if (include "common.needTLS" .) }}
    endpoint: https://msb-iag:30283/api/{{ include "common.servicename" . }}/v1
+  {{ else }}
+  endpoint: http://msb-iag:30283/api/{{ include "common.servicename" . }}/v1
+  {{ end }}
  
  aai:
+  {{ if (include "common.needTLS" .) }}
    endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://aai.{{ include "common.namespace" . }}:8080
+  {{ end }}
  
  dmaap:
    endpoint: http://message-router.{{ include "common.namespace" . }}:3904
diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml

index efb3fab..6933607 100755 (executable)
--- a/kubernetes/so/resources/config/overrides/override.yaml
+++ b/kubernetes/so/resources/config/overrides/override.yaml
@@ -1,5 +1,9 @@
  aai:
+  {{ if (include "common.needTLS" .) }}
    endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  {{ else }}
+  endpoint: http://aai.{{ include "common.namespace" . }}:8080
+  {{ end }}
    auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}}
  server:
      port: {{ index .Values.containerPort }}
@@ -45,13 +49,21 @@ mso:
      activate:
        instanceid: test
        userid: cs0008
-    endpoint: http://sdc-be.{{ include "common.namespace" . }}:8443
+    {{ if (include "common.needTLS" .) }}
+    endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443
+    {{ else }}
+    endpoint: http://sdc-be.{{ include "common.namespace" . }}:8080
+    {{ end }}
    tenant:
      isolation:
        retry:
          count: 3
    aai:
+    {{ if (include "common.needTLS" .) }}
      endpoint: https://aai.{{ include "common.namespace" . }}:8443
+    {{ else }}
+    endpoint: http://aai.{{ include "common.namespace" . }}:8080
+    {{ end }}
      auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}}
  
    extApi:
diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml

index 47701d8..99a5eff 100755 (executable)
--- a/kubernetes/so/templates/deployment.yaml
+++ b/kubernetes/so/templates/deployment.yaml
@@ -87,7 +87,7 @@ spec:
  {{ include "so.helpers.livenessProbe" .| indent 8 }}
          ports:
          - containerPort: {{ index .Values.containerPort }}
-          name: {{ .Values.service.portName }}
+          name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
            protocol: TCP
        # Filebeat sidecar container
        {{ include "common.log.sidecar" . | nindent 6 }}
diff --git a/kubernetes/so/templates/service.yaml b/kubernetes/so/templates/service.yaml

index 2849ede..5a83d56 100755 (executable)
--- a/kubernetes/so/templates/service.yaml
+++ b/kubernetes/so/templates/service.yaml
@@ -392,11 +392,11 @@ spec:
      {{if eq .Values.service.type "NodePort" -}}
      - port: {{ .Values.service.internalPort }}
        nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- else -}}
      - port: {{ .Values.service.externalPort }}
        targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
      {{- end}}
    selector:
      app: {{ include "common.name" . }}
diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml

index 1f454f6..553de8c 100755 (executable)
--- a/kubernetes/so/values.yaml
+++ b/kubernetes/so/values.yaml
@@ -213,7 +213,7 @@ service:
    nodePort: 77
    internalPort: *containerPort
    externalPort: *containerPort
-  portName: so-apih-port
+  portName: http
  updateStrategy:
    type: RollingUpdate
    maxUnavailable: 1
diff --git a/kubernetes/strimzi/templates/strimzi-kafka.yaml b/kubernetes/strimzi/templates/strimzi-kafka.yaml

index 58193e3..4e8779d 100644 (file)
--- a/kubernetes/strimzi/templates/strimzi-kafka.yaml
+++ b/kubernetes/strimzi/templates/strimzi-kafka.yaml
@@ -88,6 +88,7 @@ spec:
      replicas: {{ .Values.replicaCount }}
      config:
        ssl.hostnameVerification: false
+      ssl.quorum.hostnameVerification: false
        {{- if (include "common.onServiceMesh" .) }}
        sslQuorum: false
        {{- end }}
diff --git a/kubernetes/strimzi/values.yaml b/kubernetes/strimzi/values.yaml

index 9e63c2c..26b714a 100644 (file)
--- a/kubernetes/strimzi/values.yaml
+++ b/kubernetes/strimzi/values.yaml
@@ -23,7 +23,7 @@ global:
  #################################################################
  # Application configuration defaults.
  #################################################################
-replicaCount: 2
+replicaCount: 3
  kafkaInternalPort: 9092
  saslMechanism: scram-sha-512
  version: 3.0.0
author	Jack Lucas <jflos@sonoris.net>
	Mon, 27 Jun 2022 15:17:20 +0000 (15:17 +0000)
committer	Gerrit Code Review <gerrit@onap.org>
	Mon, 27 Jun 2022 15:17:20 +0000 (15:17 +0000)
kubernetes/a1policymanagement/values.yaml		patch \| blob \| history
kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml		patch \| blob \| history
kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml		patch \| blob \| history
kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml		patch \| blob \| history
kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties		patch \| blob \| history
kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml		patch \| blob \| history
kubernetes/aai/templates/service.yaml		patch \| blob \| history
kubernetes/aai/values.yaml		patch \| blob \| history
kubernetes/common/dgbuilder/values.yaml		patch \| blob \| history
kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml		patch \| blob \| history
kubernetes/common/elasticsearch/components/data/values.yaml		patch \| blob \| history
kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml		patch \| blob \| history
kubernetes/common/elasticsearch/components/master/values.yaml		patch \| blob \| history
kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml		patch \| blob \| history
kubernetes/common/elasticsearch/values.yaml		patch \| blob \| history
kubernetes/common/etcd-init/templates/job.yaml		patch \| blob \| history
kubernetes/common/etcd-init/values.yaml		patch \| blob \| history
kubernetes/common/mariadb-galera/templates/service.yaml		patch \| blob \| history
kubernetes/common/network-name-gen/templates/deployment.yaml		patch \| blob \| history
kubernetes/common/network-name-gen/values.yaml		patch \| blob \| history
kubernetes/common/postgres-init/templates/job.yaml		patch \| blob \| history
kubernetes/common/postgres-init/values.yaml		patch \| blob \| history
kubernetes/contrib/components/ejbca/templates/deployment.yaml		patch \| blob \| history
kubernetes/contrib/components/ejbca/values.yaml		patch \| blob \| history
kubernetes/cps/components/cps-core/templates/deployment.yaml		patch \| blob \| history
kubernetes/cps/components/cps-core/values.yaml		patch \| blob \| history
kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml		patch \| blob \| history
kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml		patch \| blob \| history
kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml		patch \| blob \| history
kubernetes/platform/components/oom-cert-service/templates/deployment.yaml		patch \| blob \| history
kubernetes/sdnc/components/dmaap-listener/values.yaml		patch \| blob \| history
kubernetes/sdnc/components/sdnc-ansible-server/values.yaml		patch \| blob \| history
kubernetes/sdnc/components/sdnc-web/values.yaml		patch \| blob \| history
kubernetes/sdnc/components/ueb-listener/values.yaml		patch \| blob \| history
kubernetes/sdnc/values.yaml		patch \| blob \| history
kubernetes/so/Chart.yaml		patch \| blob \| history
kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml		patch \| blob \| history
kubernetes/so/components/so-admin-cockpit/templates/service.yaml		patch \| blob \| history
kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml		patch \| blob \| history
kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml		patch \| blob \| history
kubernetes/so/components/so-bpmn-infra/templates/service.yaml		patch \| blob \| history
kubernetes/so/components/so-bpmn-infra/values.yaml		patch \| blob \| history
kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml		patch \| blob \| history
kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml		patch \| blob \| history
kubernetes/so/components/so-catalog-db-adapter/values.yaml		patch \| blob \| history
kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml		patch \| blob \| history
kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml		patch \| blob \| history
kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml		patch \| blob \| history
kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml		patch \| blob \| history
kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml		patch \| blob \| history
kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml		patch \| blob \| history
kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml		patch \| blob \| history
kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml		patch \| blob \| history
kubernetes/so/components/so-mariadb/templates/job.yaml		patch \| blob \| history
kubernetes/so/components/so-mariadb/values.yaml		patch \| blob \| history
kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml		patch \| blob \| history
kubernetes/so/components/so-nssmf-adapter/values.yaml		patch \| blob \| history
kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml		patch \| blob \| history
kubernetes/so/components/so-oof-adapter/values.yaml		patch \| blob \| history
kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml		patch \| blob \| history
kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml		patch \| blob \| history
kubernetes/so/components/so-openstack-adapter/templates/service.yaml		patch \| blob \| history
kubernetes/so/components/so-openstack-adapter/values.yaml		patch \| blob \| history
kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml		patch \| blob \| history
kubernetes/so/components/so-request-db-adapter/templates/service.yaml		patch \| blob \| history
kubernetes/so/components/so-request-db-adapter/values.yaml		patch \| blob \| history
kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml		patch \| blob \| history
kubernetes/so/components/so-sdc-controller/templates/deployment.yaml		patch \| blob \| history
kubernetes/so/components/so-sdc-controller/templates/service.yaml		patch \| blob \| history
kubernetes/so/components/so-sdc-controller/values.yaml		patch \| blob \| history
kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml		patch \| blob \| history
kubernetes/so/components/so-sdnc-adapter/templates/service.yaml		patch \| blob \| history
kubernetes/so/components/so-sdnc-adapter/values.yaml		patch \| blob \| history
kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml		patch \| blob \| history
kubernetes/so/resources/config/overrides/override.yaml		patch \| blob \| history
kubernetes/so/templates/deployment.yaml		patch \| blob \| history
kubernetes/so/templates/service.yaml		patch \| blob \| history
kubernetes/so/values.yaml		patch \| blob \| history
kubernetes/strimzi/templates/strimzi-kafka.yaml		patch \| blob \| history
kubernetes/strimzi/values.yaml		patch \| blob \| history