From: James MacNider Date: Wed, 10 Apr 2019 14:47:42 +0000 (+0000) Subject: Merge "Readiness check for the deployment/statefulsets" X-Git-Tag: 4.0.0-ONAP~247 X-Git-Url: https://gerrit.onap.org/r/gitweb?p=oom.git;a=commitdiff_plain;h=44742a297336c3dae6ac00450d19f53806d64dc1;hp=6a8304c51e129a7860d60ac562feac1f6056b5c3 Merge "Readiness check for the deployment/statefulsets" --- diff --git a/.gitignore b/.gitignore index a7fb5bfbe0..92ead3a11c 100644 --- a/.gitignore +++ b/.gitignore @@ -12,6 +12,7 @@ requirements.lock .classpath .factorypath .project +.pydevproject .settings/ # IntelliJ diff --git a/INFO.yaml b/INFO.yaml index 2bbcd419bb..9ec8bdf061 100644 --- a/INFO.yaml +++ b/INFO.yaml @@ -2,6 +2,7 @@ project: 'oom' project_creation_date: '2017-06-15' lifecycle_state: 'Incubation' +project_category: '' project_lead: &onap_releng_ptl name: 'Mike Elliott' email: 'mike.elliott@amdocs.com' @@ -13,45 +14,54 @@ issue_tracking: type: 'jira' url: 'https://jira.onap.org/projects/OOM' key: 'OOM' +mailing_list: + type: 'groups.io' + url: 'lists.onap.org' + tag: '<[sub-project_name]>' +realtime_discussion: '' meetings: - type: 'zoom' - agenda: 'https://wiki.onap.org/pages/viewpage.action?pageId=8228913' - url: 'https://wiki.onap.org/pages/viewpage.action?pageId=8228913' - server: 'n/a' - channel: 'n/a' - repeats: 'weekly' - time: '14:00 UTC' + agenda: 'https://wiki.onap.org/pages/viewpage.action?pageId=8228913' + url: 'https://wiki.onap.org/pages/viewpage.action?pageId=8228913' + server: 'n/a' + channel: 'n/a' + repeats: 'weekly' + time: '14:00 UTC' +repositories: + - 'oom' + - 'oom-offline-installer' + - 'oom-registrator' committers: - <<: *onap_releng_ptl - name: 'Alexis de Talhouët' - email: 'adetalhouet89@gmail.com' - company: 'Bell Canada' - id: 'adetalhouet' - timezone: 'Canada/Montreal' + email: 'adetalhouet89@gmail.com' + company: 'Bell Canada' + id: 'adetalhouet' + timezone: 'Canada/Montreal' - name: 'Borislav Glozman' - email: 'Borislav.Glozman@amdocs.com' - company: 'Amdocs' - id: 'BorislavG' - timezone: 'Israel/Raanana' + email: 'Borislav.Glozman@amdocs.com' + company: 'Amdocs' + id: 'BorislavG' + timezone: 'Israel/Raanana' - name: 'James MacNider' - email: 'James.MacNider@amdocs.com' - company: 'Amdocs' - id: 'jmac' - timezone: 'Canada/Ontario' + email: 'James.MacNider@amdocs.com' + company: 'Amdocs' + id: 'jmac' + timezone: 'Canada/Ontario' - name: 'Hong Guan' - email: 'hg4105@att.com' - company: 'ATT' - id: 'hg4105' - timezone: '' + email: 'hg4105@att.com' + company: 'ATT' + id: 'hg4105' + timezone: 'Not/Defined' - name: 'Jun (Nicolas) Hu' - email: 'jh245g@att.com' - company: 'ATT' - id: 'jh245g' - timezone: 'America/New York' + email: 'jh245g@att.com' + company: 'ATT' + id: 'jh245g' + timezone: 'America/New_York' - name: 'Xue Gao' - email: 'xg353y@intl.att.com' - company: 'ATT' - id: 'xuegao' - timezone: 'Belgium/Namur' + email: 'xg353y@intl.att.com' + company: 'ATT' + id: 'xuegao' + timezone: 'Belgium/Namur' tsc: approval: 'https://lists.onap.org/pipermail/onap-tsc' diff --git a/docs/oom_developer_guide.rst b/docs/oom_developer_guide.rst index 70e2a7253a..a2ccc1ba60 100644 --- a/docs/oom_developer_guide.rst +++ b/docs/oom_developer_guide.rst @@ -127,8 +127,9 @@ deployment by using the `-f` Helm option as follows:: > helm install local/onap -name development -f dev.yaml Note that there are one or more example deployment files in the -`onap/resources/environments/` directory. It is best practice to create a unique -deployment file for each environment used to ensure consistent behaviour. +`onap/resources/environments/` directory. It is best practice to create a +unique deployment file for each environment used to ensure consistent +behaviour. To aid in the long term supportability of ONAP, a set of common charts have been created (and will be expanded in subsequent releases of ONAP) that can be @@ -185,11 +186,11 @@ used by any of the ONAP components by including the common component in its The common section of charts consists of a set of templates that assist with parameter substitution (`_name.tpl` and `_namespace.tpl`) and a set of charts -for components used throughout ONAP. Initially `mysql` is in the common area but -this will expand to include other databases like `mariadb-galera`, `postgres`, -and `cassandra`. Other candidates for common components include `redis` and -`kafka`. When the common components are used by other charts they are -instantiated each time. In subsequent ONAP releases some of the common +for components used throughout ONAP. Initially `mysql` is in the common area +but this will expand to include other databases like `mariadb-galera`, +`postgres`, and `cassandra`. Other candidates for common components include +`redis` and`kafka`. When the common components are used by other charts they +are instantiated each time. In subsequent ONAP releases some of the common components could be a setup as services that are used by multiple ONAP components thus minimizing the deployment and operational costs. @@ -239,8 +240,8 @@ configuration files stored in the `config` directory. It is the responsibility of each ONAP component team to update these configuration files when changes are made to the project containers that impact configuration. -The following section describes how the hierarchical ONAP configuration system is -key to management of such a large system. +The following section describes how the hierarchical ONAP configuration system +is key to management of such a large system. Configuration Management ======================== @@ -461,7 +462,8 @@ describe the configuration and desired state of the ONAP components. Name Spaces ----------- -Within the namespaces are Kubernetes services that provide external connectivity to pods that host Docker containers. +Within the namespaces are Kubernetes services that provide external +connectivity to pods that host Docker containers. ONAP Components to Kubernetes Object Relationships -------------------------------------------------- @@ -639,7 +641,8 @@ OOM Networking with Kubernetes ------------------------------ - DNS -- Ports - Flattening the containers also expose port conflicts between the containers which need to be resolved. +- Ports - Flattening the containers also expose port conflicts between the + containers which need to be resolved. Node Ports ~~~~~~~~~~ @@ -937,14 +940,15 @@ More details can be found here `MSB installation cd oom/kubernetes **Step 2.** Install Helm Plugins required to deploy the ONAP Casablanca release:: - sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm + + > sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm **Step 3.** Customize the onap/values.yaml file to suit your deployment. You may want to selectively enable or disable ONAP components by changing the @@ -74,6 +75,7 @@ Use the following to monitor your deployment and determine when ONAP is ready fo > kubectl get pods --all-namespaces -o=wide Undeploying onap can be done using the following command:: + > helm undeploy dev --purge diff --git a/docs/oom_setup_kubernetes_rancher.rst b/docs/oom_setup_kubernetes_rancher.rst index 35ab88eb06..5159377386 100644 --- a/docs/oom_setup_kubernetes_rancher.rst +++ b/docs/oom_setup_kubernetes_rancher.rst @@ -72,7 +72,8 @@ new one to assign. Apply customization script for the Rancher VM --------------------------------------------- -Click :download:`openstack-rancher.sh ` to download the script. +Click :download:`openstack-rancher.sh ` to download the +script. .. literalinclude:: openstack-rancher.sh :language: bash @@ -134,8 +135,9 @@ The size of a Kubernetes host depends on the size of the ONAP deployment that will be installed. As of the Casablanca release a minimum 224GB will be needed to run a -full ONAP deployment (all components). It is recommended that more hosts are used -with fewer resources instead of only a few large hosts. For example 14 x 16GB hosts. +full ONAP deployment (all components). It is recommended that more hosts are +used with fewer resources instead of only a few large hosts. For example 14 x +16GB hosts. If a small subset of ONAP components are being deployed for testing purposes, then a single 16GB or 32GB host should suffice. @@ -216,7 +218,8 @@ node plays the role of NFS Master (indicated by the crown symbol). To properly set up an NFS share on Master and Slave nodes, the user can run the scripts below. -Click :download:`master_nfs_node.sh ` to download the script. +Click :download:`master_nfs_node.sh ` to download the +script. .. literalinclude:: master_nfs_node.sh :language: bash @@ -264,7 +267,8 @@ Add Kubernetes Environment to Rancher .. image:: Click_create.jpeg -6. Select the new named environment (ie. SB4) from the dropdown list (top left). +6. Select the new named environment (ie. SB4) from the dropdown list (top + left). Rancher is now waiting for a Kubernetes Host to be added. @@ -273,7 +277,8 @@ Rancher is now waiting for a Kubernetes Host to be added. Add Kubernetes Host ------------------- -1. If this is the first (or only) host being added - click on the "Add a host" link +1. If this is the first (or only) host being added - click on the "Add a host" + link .. image:: K8s-Assign_Floating_IP_for_external_access.jpeg @@ -285,7 +290,8 @@ otherwise select INFRASTRUCTURE→ Hosts and click on "Add Host" .. image:: otherwise_select_INFRASTRUCTURE_Hosts_and_click_on_Add_Host.jpg -2. Enter the management IP for the k8s VM (e.g. 10.0.0.4) that was just created. +2. Enter the management IP for the k8s VM (e.g. 10.0.0.4) that was just + created. 3. Click on “Copy to Clipboard” button @@ -469,5 +475,3 @@ documentation to get started: - :ref:`quick-start-label` - deploy ONAP on an existing cloud - :ref:`user-guide-label` - a guide for operators of an ONAP instance - - diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst index 99a9a474d1..f19924dd17 100644 --- a/docs/oom_user_guide.rst +++ b/docs/oom_user_guide.rst @@ -52,18 +52,22 @@ ONAP with a few simple commands. Pre-requisites -------------- -Your environment must have both the Kubernetes `kubectl` and Helm setup as a one time activity. +Your environment must have both the Kubernetes `kubectl` and Helm setup as a +one time activity. Install Kubectl ~~~~~~~~~~~~~~~ -Enter the following to install kubectl (on Ubuntu, there are slight differences on other O/Ss), the Kubernetes command line interface used to manage a Kubernetes cluster:: +Enter the following to install kubectl (on Ubuntu, there are slight differences +on other O/Ss), the Kubernetes command line interface used to manage a +Kubernetes cluster:: > curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.8.10/bin/linux/amd64/kubectl > chmod +x ./kubectl > sudo mv ./kubectl /usr/local/bin/kubectl > mkdir ~/.kube -Paste kubectl config from Rancher (see the :ref:`cloud-setup-guide-label` for alternative Kubernetes environment setups) into the `~/.kube/config` file. +Paste kubectl config from Rancher (see the :ref:`cloud-setup-guide-label` for +alternative Kubernetes environment setups) into the `~/.kube/config` file. Verify that the Kubernetes config is correct:: @@ -73,7 +77,8 @@ At this point you should see six Kubernetes pods running. Install Helm ~~~~~~~~~~~~ -Helm is used by OOM for package and configuration management. To install Helm, enter the following:: +Helm is used by OOM for package and configuration management. To install Helm, +enter the following:: > wget http://storage.googleapis.com/kubernetes-helm/helm-v2.9.1-linux-amd64.tar.gz > tar -zxvf helm-v2.9.1-linux-amd64.tar.gz @@ -89,7 +94,8 @@ Install the Helm Tiller application and initialize with:: Install the Helm Repo --------------------- -Once kubectl and Helm are setup, one needs to setup a local Helm server to server up the ONAP charts:: +Once kubectl and Helm are setup, one needs to setup a local Helm server to +server up the ONAP charts:: > helm install osn/onap @@ -117,7 +123,8 @@ To setup a local Helm server to server up the ONAP charts:: > helm init > helm serve & -Note the port number that is listed and use it in the Helm repo add as follows:: +Note the port number that is listed and use it in the Helm repo add as +follows:: > helm repo add local http://127.0.0.1:8879 @@ -149,7 +156,8 @@ Next, install Helm Plugins required to deploy the ONAP Casablanca release:: > cp -R helm/plugins/ ~/.helm -Once the repo is setup, installation of ONAP can be done with a single command:: +Once the repo is setup, installation of ONAP can be done with a single +command:: > helm deploy development local/onap --namespace onap @@ -361,8 +369,8 @@ blocks access to the ONAP Portal. To enable direct access to this Portal from a user's own environment (a laptop etc.) the portal application's port 8989 is exposed through a `Kubernetes LoadBalancer`_ object. -Typically, to be able to access the Kubernetes nodes publicly a public address is -assigned. In Openstack this is a floating IP address. +Typically, to be able to access the Kubernetes nodes publicly a public address +is assigned. In Openstack this is a floating IP address. When the `portal-app` chart is deployed a Kubernetes service is created that instantiates a load balancer. The LB chooses the private interface of one of @@ -408,10 +416,10 @@ https://portal.api.simpledemo.onap.org:30225/ONAPPORTAL/login.htm of the page .. note:: - Besides the ONAP Portal the Components can deliver additional user interfaces, + Besides the ONAP Portal the Components can deliver additional user interfaces, please check the Component specific documentation. -.. note:: +.. note:: | Alternatives Considered: @@ -451,7 +459,8 @@ to monitor the real-time health of an ONAP deployment: - a set of liveness probes which feed into the Kubernetes manager which are described in the Heal section. -Within ONAP, Consul is the monitoring system of choice and deployed by OOM in two parts: +Within ONAP, Consul is the monitoring system of choice and deployed by OOM in +two parts: - a three-way, centralized Consul server cluster is deployed as a highly available monitor of all of the ONAP components, and @@ -693,7 +702,8 @@ example:: > helm undeploy casablanca --dry-run -will display the outcome of deleting the 'casablanca' release from the deployment. +will display the outcome of deleting the 'casablanca' release from the +deployment. To completely delete a release and remove it from the internal store enter:: > helm undeploy casablanca --purge @@ -706,4 +716,4 @@ deployment enter:: will remove `so` as the configuration indicates it's no longer part of the deployment. This might be useful if a one wanted to replace just `so` by -installing a custom version. +installing a custom version. diff --git a/docs/release-notes.rst b/docs/release-notes.rst index 3e8a1be1b7..82e4fb1c2f 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -1,6 +1,8 @@ -.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. This work is licensed under a Creative Commons Attribution 4.0 International +.. License. .. http://creativecommons.org/licenses/by/4.0 -.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights reserved. +.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights +.. reserved. .. Links .. _release-notes-label: @@ -16,39 +18,57 @@ Version 3.0.0 Casablanca Release Summary ======= -The focus of this release was on incremental improvements in the following areas: -* Pluggable persistent storage with support for GlusterFS as the first storage class provisioner -* CPU and Memory limits in Helm Charts to improve Pod placement based on resource availablity in Kubernetes Cluster +The focus of this release was on incremental improvements in the following +areas: + +* Pluggable persistent storage with support for GlusterFS as the first storage + class provisioner + +* CPU and Memory limits in Helm Charts to improve Pod placement based on + resource availablity in Kubernetes Cluster + * Support of Node Selectors for Pod placement + * Common "shared" Helm Charts referencing common images + - mariadb-galera - postgres - cassandra - mysql - mongo + * Integration of ARK Backup and Restore solution -* Introduction of Helm deploy and undeploy plugins to better manage ONAP deployments + +* Introduction of Helm deploy and undeploy plugins to better manage ONAP + deployments **Security Notes** -OOM code has been formally scanned during build time using NexusIQ and no Critical vulnerability was found. +OOM code has been formally scanned during build time using NexusIQ and no +Critical vulnerability was found. Quick Links: - - `OOM project page `_ - - `Passing Badge information for OOM `_ + - `OOM project page `_ + + - `Passing Badge information for OOM `_ **Known Issues** -Problem: kubectl connections to pods (kubectl exec|logs) will fail after a while due to a known bug in Kubernetes (1.11.2) -Workaround: Restart of the kubelet daemons on the k8s hosts -Fix: Will be delivered in the next release via a new Kubernetes version (1.12) -- `K8S Bug Report `_ -- `OOM-1532 `_ -- `OOM-1516 `_ -- `OOM-1520 `_ + * **Problem**: kubectl connections to pods (kubectl exec|logs) will + fail after a while due to a known bug in Kubernetes (1.11.2) + + **Workaround**: Restart of the kubelet daemons on the k8s hosts + + **Fix**: Will be delivered in the next release via a new + Kubernetes version (1.12) + + - `K8S Bug Report `_ + - `OOM-1532 `_ + - `OOM-1516 `_ + - `OOM-1520 `_ Version 2.0.0 Beijing Release @@ -450,12 +470,13 @@ Sub-task **Security Notes** -OOM code has been formally scanned during build time using NexusIQ and no Critical vulnerability was found. +OOM code has been formally scanned during build time using NexusIQ and no +Critical vulnerability was found. Quick Links: - - `OOM project page `_ + - `OOM project page `_ - - `Passing Badge information for OOM `_ + - `Passing Badge information for OOM `_ Version: 1.1.0 -------------- @@ -464,34 +485,43 @@ Version: 1.1.0 **New Features** -The Amsterdam release is the first release of the ONAP Operations Manager (OOM). +The Amsterdam release is the first release of the ONAP Operations Manager +(OOM). The main goal of the Amsterdam release was to: - - Support Flexible Platform Deployment via Kubernetes of fully containerized ONAP components - on any type of environment. + - Support Flexible Platform Deployment via Kubernetes of fully + containerized ONAP components - on any type of environment. - Support State Management of ONAP platform components. - - Support full production ONAP deployment and any variation of component level deployment for development. + - Support full production ONAP deployment and any variation of component + level deployment for development. - Platform Operations Orchestration / Control Loop Actions. - Platform centralized logging with ELK stack. **Bug Fixes** - The full list of implemented user stories and epics is available on `JIRA `_ - This is the first release of OOM, the defects fixed in this release were raised during the course of the release. - Anything not closed is captured below under Known Issues. If you want to review the defects fixed in the Amsterdam release, refer to Jira link above. + The full list of implemented user stories and epics is available on + `JIRA `_ + This is the first release of OOM, the defects fixed in this release were + raised during the course of the release. + Anything not closed is captured below under Known Issues. If you want to + review the defects fixed in the Amsterdam release, refer to Jira link + above. **Known Issues** - `OOM-6 `_ Automated platform deployment on Docker/Kubernetes VFC, AAF, MSB minor issues. - Workaround: Manual configuration changes - however the reference vFirewall use case does not currently require these components. + Workaround: Manual configuration changes - however the reference + vFirewall use case does not currently require these components. - `OOM-10 `_ Platform configuration management. OOM ONAP Configuration Management - Handling of Secrets. - Workaround: Automated workaround to be able to pull from protected docker repositories. + Workaround: Automated workaround to be able to pull from protected + docker repositories. **Security Issues** diff --git a/kubernetes/LICENSE b/kubernetes/LICENSE index d1e69ec497..c493ac9d11 100644 --- a/kubernetes/LICENSE +++ b/kubernetes/LICENSE @@ -1,8 +1,8 @@ ============LICENSE_START========================================== =================================================================== - Copyright © 2017 Amdocs - Copyright © 2017 Bell Canada + Copyright © 2017-2019 Amdocs + Copyright © 2017-2019 Bell Canada All rights reserved. =================================================================== Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/kubernetes/aaf/Chart.yaml b/kubernetes/aaf/Chart.yaml index 6de2f28767..b7bfb7f59b 100644 --- a/kubernetes/aaf/Chart.yaml +++ b/kubernetes/aaf/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Application Authorization Framework name: aaf -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aaf/charts/aaf-cm/Chart.yaml b/kubernetes/aaf/charts/aaf-cm/Chart.yaml index 68c5ca2d70..3ece45da49 100644 --- a/kubernetes/aaf/charts/aaf-cm/Chart.yaml +++ b/kubernetes/aaf/charts/aaf-cm/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP AAF Certificate Manager name: aaf-cm -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aaf/charts/aaf-cs/Chart.yaml b/kubernetes/aaf/charts/aaf-cs/Chart.yaml index e3197f28e6..ff083ac95f 100644 --- a/kubernetes/aaf/charts/aaf-cs/Chart.yaml +++ b/kubernetes/aaf/charts/aaf-cs/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF cassandra name: aaf-cs -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aaf/charts/aaf-fs/Chart.yaml b/kubernetes/aaf/charts/aaf-fs/Chart.yaml index eada78b8e3..5c94aa8141 100644 --- a/kubernetes/aaf/charts/aaf-fs/Chart.yaml +++ b/kubernetes/aaf/charts/aaf-fs/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF File Server name: aaf-fs -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-gui/Chart.yaml b/kubernetes/aaf/charts/aaf-gui/Chart.yaml index 26d4a91422..3313c66999 100644 --- a/kubernetes/aaf/charts/aaf-gui/Chart.yaml +++ b/kubernetes/aaf/charts/aaf-gui/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF GUI name: aaf-gui -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-hello/Chart.yaml b/kubernetes/aaf/charts/aaf-hello/Chart.yaml index 734cf140ca..89f061b553 100644 --- a/kubernetes/aaf/charts/aaf-hello/Chart.yaml +++ b/kubernetes/aaf/charts/aaf-hello/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF Hello name: aaf-hello -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-locate/Chart.yaml b/kubernetes/aaf/charts/aaf-locate/Chart.yaml index 0f4bfd91ac..10c2b3e3aa 100644 --- a/kubernetes/aaf/charts/aaf-locate/Chart.yaml +++ b/kubernetes/aaf/charts/aaf-locate/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF Locate name: aaf-locate -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-oauth/Chart.yaml b/kubernetes/aaf/charts/aaf-oauth/Chart.yaml index a5878812a5..4ce29df626 100644 --- a/kubernetes/aaf/charts/aaf-oauth/Chart.yaml +++ b/kubernetes/aaf/charts/aaf-oauth/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF OAuth name: aaf-oauth -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/aaf/charts/aaf-service/Chart.yaml b/kubernetes/aaf/charts/aaf-service/Chart.yaml index 42a33948f8..80b2b8f7c7 100644 --- a/kubernetes/aaf/charts/aaf-service/Chart.yaml +++ b/kubernetes/aaf/charts/aaf-service/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF Service name: aaf-service -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aaf/charts/aaf-sms/Chart.yaml b/kubernetes/aaf/charts/aaf-sms/Chart.yaml index ad633c591d..9402b0033b 100644 --- a/kubernetes/aaf/charts/aaf-sms/Chart.yaml +++ b/kubernetes/aaf/charts/aaf-sms/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Secret Management Service name: aaf-sms -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml index d8f957e295..88079d2ed4 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Secret Management Service Quorum Client name: aaf-sms-quorumclient -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml index 44a5a6b37a..2c8a7a627a 100644 --- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml +++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Chart to launch Vault as SMS backend name: aaf-sms-vault appVersion: 0.9.5 -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aaf/charts/aaf-sms/values.yaml b/kubernetes/aaf/charts/aaf-sms/values.yaml index 8e7ea29300..28b46c24e1 100644 --- a/kubernetes/aaf/charts/aaf-sms/values.yaml +++ b/kubernetes/aaf/charts/aaf-sms/values.yaml @@ -67,11 +67,11 @@ readiness: periodSeconds: 30 service: - type: NodePort + type: ClusterIP name: aaf-sms portName: aaf-sms internalPort: 10443 - nodePort: 43 + externalPort: 10443 persistence: enabled: true diff --git a/kubernetes/aaf/charts/aaf-sshsm/Chart.yaml b/kubernetes/aaf/charts/aaf-sshsm/Chart.yaml index 78b10c5764..6ad7e7ff93 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/Chart.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Hardware Security Components name: aaf-sshsm -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml index 9e8b16af04..ce7488774e 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Trusted Platform Module Resource Manager name: aaf-sshsm-abrmd -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml index 3bb88466ef..14ddd7b2e9 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Trusted Platform Module Distribution Center name: aaf-sshsm-distcenter -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml index 3855b04f2c..6260cdd4ac 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Trusted Platform Module Test CA Service name: aaf-sshsm-testca -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aaf/charts/aaf-sshsm/requirements.yaml b/kubernetes/aaf/charts/aaf-sshsm/requirements.yaml index 3192c43776..7c18fbc982 100644 --- a/kubernetes/aaf/charts/aaf-sshsm/requirements.yaml +++ b/kubernetes/aaf/charts/aaf-sshsm/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/aaf/requirements.yaml b/kubernetes/aaf/requirements.yaml index 896eaf4baa..1d30dfd918 100644 --- a/kubernetes/aaf/requirements.yaml +++ b/kubernetes/aaf/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/aai/Chart.yaml b/kubernetes/aai/Chart.yaml index 48cc33b148..c4ad263008 100644 --- a/kubernetes/aai/Chart.yaml +++ b/kubernetes/aai/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Active and Available Inventory name: aai -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-babel/Chart.yaml b/kubernetes/aai/charts/aai-babel/Chart.yaml index d0311c189b..fe1a4ce241 100644 --- a/kubernetes/aai/charts/aai-babel/Chart.yaml +++ b/kubernetes/aai/charts/aai-babel/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Babel microservice name: aai-babel -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-babel/requirements.yaml b/kubernetes/aai/charts/aai-babel/requirements.yaml index 6566196ceb..78e822edf8 100644 --- a/kubernetes/aai/charts/aai-babel/requirements.yaml +++ b/kubernetes/aai/charts/aai-babel/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/aai/charts/aai-babel/resources/config/filter-types.properties b/kubernetes/aai/charts/aai-babel/resources/config/filter-types.properties deleted file mode 100644 index fcf139f644..0000000000 --- a/kubernetes/aai/charts/aai-babel/resources/config/filter-types.properties +++ /dev/null @@ -1 +0,0 @@ -AAI.instance-group-types=org.openecomp.groups.NetworkCollection,org.openecomp.groups.VfcInstanceGroup diff --git a/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json b/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json new file mode 100644 index 0000000000..a6fe82fb70 --- /dev/null +++ b/kubernetes/aai/charts/aai-babel/resources/config/tosca-mappings.json @@ -0,0 +1,181 @@ +{ + "instanceGroupTypes": [ + "org.openecomp.groups.NetworkCollection", + "org.openecomp.groups.VfcInstanceGroup", + "org.openecomp.groups.ResourceInstanceGroup" + ], + "widgetTypes": [ + { + "type": "SERVICE", + "name": "service-instance", + "deleteFlag": true, + "modelVersionId": "46b92144-923a-4d20-b85a-3cbd847668a9", + "modelInvariantId": "82194af1-3c2c-485a-8f44-420e22a9eaa4" + }, + { + "type": "VF", + "name": "generic-vnf", + "deleteFlag": true, + "modelVersionId": "93a6166f-b3d5-4f06-b4ba-aed48d009ad9", + "modelInvariantId": "acc6edd8-a8d4-4b93-afaa-0994068be14c" + }, + { + "type": "VFC", + "name": "vnfc", + "deleteFlag": true, + "modelVersionId": "5761e0a7-c6df-4d8a-9ebd-b8f445054dec", + "modelInvariantId": "96129eb9-f0de-4e05-8af2-73146473f766" + }, + { + "type": "VSERVER", + "name": "vserver", + "deleteFlag": true, + "modelVersionId": "8ecb2c5d-7176-4317-a255-26274edfdd53", + "modelInvariantId": "ff69d4e0-a8e8-4108-bdb0-dd63217e63c7" + }, + { + "type": "VOLUME", + "name": "volume", + "deleteFlag": true, + "modelVersionId": "0fbe2e8f-4d91-4415-a772-88387049b38d", + "modelInvariantId": "ddd739b4-2b25-46c4-affc-41a32af5cc42" + }, + { + "type": "FLAVOR", + "name": "flavor", + "deleteFlag": false, + "modelVersionId": "36200fb5-f251-4f5d-a520-7c5ad5c2cd4b", + "modelInvariantId": "bace8d1c-a261-4041-9e37-823117415d0f" + }, + { + "type": "TENANT", + "name": "tenant", + "deleteFlag": false, + "modelVersionId": "abcc54bc-bb74-49dc-9043-7f7171707545", + "modelInvariantId": "97c26c99-6870-44c1-8a07-1d900d3f4ce6" + }, + { + "type": "VOLUME_GROUP", + "name": "volume-group", + "deleteFlag": true, + "modelVersionId": "99d44c90-1f61-4418-b9a6-56586bf38c79", + "modelInvariantId": "fcec1b02-b2d0-4834-aef8-d71be04717dd" + }, + { + "type": "LINT", + "name": "l-interface", + "deleteFlag": true, + "modelVersionId": "a32613fd-18b9-459e-aab8-fffb3912966a", + "modelInvariantId": "cea0a982-8d55-4093-921e-418fbccf7060" + }, + { + "type": "L3_NET", + "name": "l3-network", + "deleteFlag": true, + "modelVersionId": "9111f20f-e680-4001-b83f-19a2fc23bfc1", + "modelInvariantId": "3d560d81-57d0-438b-a2a1-5334dba0651a" + }, + { + "type": "VFMODULE", + "name": "vf-module", + "deleteFlag": true, + "modelVersionId": "c00563ae-812b-4e62-8330-7c4d0f47088a", + "modelInvariantId": "ef86f9c5-2165-44f3-8fc3-96018b609ea5" + }, + { + "type": "IMAGE", + "name": "image", + "deleteFlag": false, + "modelVersionId": "f6a038c2-820c-42ba-8c2b-375e24e8f932", + "modelInvariantId": "3f4c7204-739b-4bbb-87a7-8a6856439c90" + }, + { + "type": "OAM_NETWORK", + "name": "oam-network", + "deleteFlag": true, + "modelVersionId": "f4fb34f3-fd6e-4a8f-a3fb-4ab61a343b79", + "modelInvariantId": "2851cf01-9c40-4064-87d4-6184a6fcff35" + }, + { + "type": "ALLOTTED_RESOURCE", + "name": "allotted-resource", + "deleteFlag": true, + "modelVersionId": "7ad0915f-25c0-4a70-b9bc-185a75f87564", + "modelInvariantId": "f6d6a23d-a1a9-48ff-8419-b6530da2d381" + }, + { + "type": "TUNNEL_XCONNECT", + "name": "tunnel-xconnect", + "deleteFlag": true, + "modelVersionId": "e7cb4ca8-e1a5-4487-a716-4ae0bcd8aef5", + "modelInvariantId": "50b9e2fa-005c-4bbe-b651-3251dece4cd8" + }, + { + "type": "CONFIGURATION", + "name": "configuration", + "deleteFlag": true, + "modelVersionId": "5a175add-57e4-4a5d-8b02-c36f1d69c52b", + "modelInvariantId": "166c050d-f69d-4305-943e-0bc58c3a26cf" + }, + { + "type": "CR", + "name": "cr", + "deleteFlag": true, + "modelVersionId": "3f908abc-3a15-40d0-b674-2a639e52884d", + "modelInvariantId": "8bac3599-9a1c-4b7f-80e5-c1838f744c23" + }, + { + "type": "INSTANCE_GROUP", + "name": "instance-group", + "deleteFlag": true, + "modelVersionId": "8e6ee9dc-9017-444a-83b3-219edb018128", + "modelInvariantId": "3bf1e610-45f7-4ad6-b833-ca4c5ee6a3fd" + } + ], + "widgetMappings": [ + { + "prefix": "org.openecomp.resource.vfc", + "type": "widget", + "widget": "VSERVER", + "deleteFlag": true + }, + { + "prefix": "org.openecomp.resource.cp", + "type": "widget", + "widget": "LINT", + "deleteFlag": true + }, + { + "prefix": "org.openecomp.cp", + "type": "widget", + "widget": "LINT", + "deleteFlag": true + }, + { + "prefix": "org.openecomp.resource.vl", + "widget": "L3_NET", + "deleteFlag": false + }, + { + "prefix": "org.openecomp.resource.vf", + "widget": "VF", + "deleteFlag": true + }, + { + "prefix": "org.openecomp.groups.vfmodule", + "widget": "VFMODULE", + "deleteFlag": true + }, + { + "prefix": "org.openecomp.groups.VfModule", + "widget": "VFMODULE", + "deleteFlag": true + }, + { + "prefix": "org.openecomp.resource.vfc.nodes.heat.cinder", + "type": "widget", + "widget": "VOLUME", + "deleteFlag": true + } + ] +} diff --git a/kubernetes/aai/charts/aai-babel/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-babel/resources/fproxy/config/logback-spring.xml index 3a35b76f7b..0637cfb84b 100644 --- a/kubernetes/aai/charts/aai-babel/resources/fproxy/config/logback-spring.xml +++ b/kubernetes/aai/charts/aai-babel/resources/fproxy/config/logback-spring.xml @@ -40,9 +40,6 @@ - - - - + \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-babel/resources/rproxy/config/logback-spring.xml index 289fe7512c..2cd95d4c69 100644 --- a/kubernetes/aai/charts/aai-babel/resources/rproxy/config/logback-spring.xml +++ b/kubernetes/aai/charts/aai-babel/resources/rproxy/config/logback-spring.xml @@ -34,15 +34,12 @@ - + - - - - + diff --git a/kubernetes/aai/charts/aai-babel/templates/configmap.yaml b/kubernetes/aai/charts/aai-babel/templates/configmap.yaml index e018794035..031fc06315 100644 --- a/kubernetes/aai/charts/aai-babel/templates/configmap.yaml +++ b/kubernetes/aai/charts/aai-babel/templates/configmap.yaml @@ -59,4 +59,12 @@ metadata: namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }} {{ end }} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-babel/templates/deployment.yaml b/kubernetes/aai/charts/aai-babel/templates/deployment.yaml index 5ac0792a2a..ea6e64aa58 100644 --- a/kubernetes/aai/charts/aai-babel/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-babel/templates/deployment.yaml @@ -84,9 +84,9 @@ spec: - mountPath: /opt/app/babel/config/artifact-generator.properties name: {{ include "common.fullname" . }}-config subPath: artifact-generator.properties - - mountPath: /opt/app/babel/config/filter-types.properties + - mountPath: /opt/app/babel/config/tosca-mappings.json name: {{ include "common.fullname" . }}-config - subPath: filter-types.properties + subPath: tosca-mappings.json - mountPath: /opt/app/babel/config/babel-auth.properties name: {{ include "common.fullname" . }}-config subPath: babel-auth.properties @@ -98,15 +98,15 @@ spec: name: {{ include "common.fullname" . }}-config subPath: logback.xml resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} +{{ include "common.resources" . }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} # side car containers - name: filebeat-onap @@ -148,15 +148,15 @@ spec: - name: {{ include "common.fullname" . }}-rproxy-log-config mountPath: /opt/app/rproxy/config/logback-spring.xml subPath: logback-spring.xml + - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + mountPath: /opt/app/rproxy/config/auth/uri-authorization.json + subPath: uri-authorization.json - name: {{ include "common.fullname" . }}-rproxy-auth-config mountPath: /opt/app/rproxy/config/auth/tomcat_keystore subPath: tomcat_keystore - name: {{ include "common.fullname" . }}-rproxy-auth-config mountPath: /opt/app/rproxy/config/auth/client-cert.p12 subPath: client-cert.p12 - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/uri-authorization.json - subPath: uri-authorization.json - name: {{ include "common.fullname" . }}-rproxy-auth-config mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks subPath: aaf_truststore.jks @@ -204,8 +204,8 @@ spec: items: - key: artifact-generator.properties path: artifact-generator.properties - - key: filter-types.properties - path: filter-types.properties + - key: tosca-mappings.json + path: tosca-mappings.json - key: babel-auth.properties path: babel-auth.properties - key: logback.xml @@ -227,6 +227,9 @@ spec: - name: {{ include "common.fullname" . }}-rproxy-log-config configMap: name: {{ include "common.fullname" . }}-rproxy-log-config + - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + configMap: + name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - name: {{ include "common.fullname" . }}-rproxy-auth-config secret: secretName: {{ include "common.fullname" . }}-rproxy-auth-config diff --git a/kubernetes/aai/charts/aai-babel/templates/secrets.yaml b/kubernetes/aai/charts/aai-babel/templates/secrets.yaml index 78a849be27..7c3b04ae01 100644 --- a/kubernetes/aai/charts/aai-babel/templates/secrets.yaml +++ b/kubernetes/aai/charts/aai-babel/templates/secrets.yaml @@ -18,6 +18,11 @@ kind: Secret metadata: name: {{ include "common.fullname" . }}-babel-secrets namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} type: Opaque data: {{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} @@ -44,6 +49,11 @@ kind: Secret metadata: name: {{ include "common.fullname" . }}-fproxy-auth-config namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} type: Opaque data: {{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }} @@ -53,6 +63,11 @@ kind: Secret metadata: name: {{ include "common.fullname" . }}-rproxy-auth-config namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} type: Opaque data: {{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }} @@ -62,6 +77,11 @@ kind: Secret metadata: name: {{ include "common.fullname" . }}-rproxy-security-config namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} type: Opaque data: {{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-babel/values.yaml b/kubernetes/aai/charts/aai-babel/values.yaml index 8c192e531e..60b7dd4086 100644 --- a/kubernetes/aai/charts/aai-babel/values.yaml +++ b/kubernetes/aai/charts/aai-babel/values.yaml @@ -17,7 +17,7 @@ # Global configuration defaults. ################################################################# global: - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingImage: beats/filebeat:5.5.0 ################################################################# @@ -25,7 +25,7 @@ global: ################################################################# # application image -image: onap/babel:1.3.2 +image: onap/babel:1.4-STAGING-latest flavor: small diff --git a/kubernetes/aai/charts/aai-cassandra/Chart.yaml b/kubernetes/aai/charts/aai-cassandra/Chart.yaml index 1de4ecf177..3987a111c0 100644 --- a/kubernetes/aai/charts/aai-cassandra/Chart.yaml +++ b/kubernetes/aai/charts/aai-cassandra/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP AAI Cassandra name: aai-cassandra -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-champ/Chart.yaml b/kubernetes/aai/charts/aai-champ/Chart.yaml index 5276f75fc7..a41a49ea07 100644 --- a/kubernetes/aai/charts/aai-champ/Chart.yaml +++ b/kubernetes/aai/charts/aai-champ/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP AAI Champ microservice name: aai-champ -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-champ/requirements.yaml b/kubernetes/aai/charts/aai-champ/requirements.yaml index 6566196ceb..78e822edf8 100644 --- a/kubernetes/aai/charts/aai-champ/requirements.yaml +++ b/kubernetes/aai/charts/aai-champ/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/tomcat_keystore deleted file mode 100644 index f3ac0701a2..0000000000 Binary files a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/tomcat_keystore and /dev/null differ diff --git a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-champ/resources/fproxy/config/logback-spring.xml index 4fae434edd..0ece55cfa1 100644 --- a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/logback-spring.xml +++ b/kubernetes/aai/charts/aai-champ/resources/fproxy/config/logback-spring.xml @@ -40,9 +40,6 @@ - - - - - + + \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/client-cert.p12 deleted file mode 100644 index dbf4fcacec..0000000000 Binary files a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/client-cert.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json index 2865e01cd6..ca34049ec2 100644 --- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json +++ b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json @@ -82,18 +82,18 @@ "permissions": [ "test\\.auth\\.access\\|services\\|GET,PUT", "\\|services\\|GET" - ] + ] }, { "uri": "\/services\/inventory\/.*", "permissions": [ - "org\\.access\\|\\*\\|\\*" - ] + "org\\.onap\\.aai\\.resources\\|\\*\\|.*" + ] }, { - "uri": "\/services\/champ-service\/.*", - "permissions": [ - "org\\.access\\|\\*\\|\\*" - ] - } + "uri": "\/services\/champ-service\/.*", + "permissions": [ + "org\\.onap\\.aai\\.resources\\|\\*\\|.*" + ] + } ] diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/cadi.properties b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/cadi.properties index 33daa73b67..1878a4de70 100644 --- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/cadi.properties +++ b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/cadi.properties @@ -9,13 +9,27 @@ #hostname=test.aic.cip.att.com cadi_loglevel=DEBUG -cadi_keyfile=/opt/app/rproxy/config/security/keyfile +# OAuth2 +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect + +cadi_latitude=37.78187 +cadi_longitude=-122.26147 + +# Locate URL (which AAF Env) +aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 + +# AAF URL +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 + +cadi_keyfile=/opt/app/rproxy/config/security/keyfile +cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12 +cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV +cadi_alias=aai@aai.onap.org cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 -# Configure AAF -aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}} aaf_env=DEV aaf_id=demo@people.osaaf.org diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/logback-spring.xml index fc04a978bb..735edb6032 100644 --- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/logback-spring.xml +++ b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/logback-spring.xml @@ -34,15 +34,12 @@ - + - - - - + \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/security/keyfile b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/security/keyfile deleted file mode 100644 index 6cd12fcfb4..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/security/keyfile +++ /dev/null @@ -1,27 +0,0 @@ -bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM -1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29 -xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK -BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm -6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99 -QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm -zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6 -x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf -8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz -FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz -UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r -banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv -6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG -yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB -xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB -lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq -ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE -fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v -1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5 -liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc -0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u -PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm -8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv -dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ --85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn -c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J -uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/templates/configmap.yaml b/kubernetes/aai/charts/aai-champ/templates/configmap.yaml index db77ae2c27..c3966e7801 100644 --- a/kubernetes/aai/charts/aai-champ/templates/configmap.yaml +++ b/kubernetes/aai/charts/aai-champ/templates/configmap.yaml @@ -84,4 +84,12 @@ metadata: namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }} {{ end }} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/templates/deployment.yaml b/kubernetes/aai/charts/aai-champ/templates/deployment.yaml index aa9157fe47..8e4d7f48cb 100644 --- a/kubernetes/aai/charts/aai-champ/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-champ/templates/deployment.yaml @@ -31,12 +31,6 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: - {{ if .Values.global.installSidecarSecurity }} - hostAliases: - - ip: {{ .Values.global.aaf.serverIp }} - hostnames: - - {{ .Values.global.aaf.serverHostname }} - {{ end }} initContainers: - command: - /root/ready.py @@ -114,15 +108,15 @@ spec: - mountPath: /var/log/onap name: {{ include "common.fullname" . }}-logs resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} +{{ include "common.resources" . }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} # side car containers - name: filebeat-onap @@ -163,18 +157,18 @@ spec: - name: {{ include "common.fullname" . }}-rproxy-log-config mountPath: /opt/app/rproxy/config/logback-spring.xml subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-rproxy-auth-config + - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + mountPath: /opt/app/rproxy/config/auth/uri-authorization.json + subPath: uri-authorization.json + - name: {{ include "common.fullname" . }}-rproxy-auth-certs mountPath: /opt/app/rproxy/config/auth/tomcat_keystore subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-rproxy-auth-config + - name: {{ include "common.fullname" . }}-rproxy-auth-certs mountPath: /opt/app/rproxy/config/auth/client-cert.p12 subPath: client-cert.p12 - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/uri-authorization.json - subPath: uri-authorization.json - #- name: {{ include "common.fullname" . }}-rproxy-auth-config - # mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks - # subPath: aaf_truststore.jks + - name: {{ include "common.fullname" . }}-rproxy-auth-certs + mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12 + subPath: org.onap.aai.p12 - name: {{ include "common.fullname" . }}-rproxy-security-config mountPath: /opt/app/rproxy/config/security/keyfile subPath: keyfile @@ -189,7 +183,9 @@ spec: - name: CONFIG_HOME value: "/opt/app/fproxy/config" - name: KEY_STORE_PASSWORD - value: {{ .Values.config.keyStorePassword }} + value: {{ .Values.config.keyStorePassword }} + - name: TRUST_STORE_PASSWORD + value: {{ .Values.config.trustStorePassword }} - name: spring_profiles_active value: {{ .Values.global.fproxy.activeSpringProfiles }} volumeMounts: @@ -199,10 +195,13 @@ spec: - name: {{ include "common.fullname" . }}-fproxy-log-config mountPath: /opt/app/fproxy/config/logback-spring.xml subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-fproxy-auth-config + - name: {{ include "common.fullname" . }}-fproxy-auth-certs mountPath: /opt/app/fproxy/config/auth/tomcat_keystore subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-fproxy-auth-config + - name: {{ include "common.fullname" . }}-fproxy-auth-certs + mountPath: /opt/app/fproxy/config/auth/fproxy_truststore + subPath: fproxy_truststore + - name: {{ include "common.fullname" . }}-fproxy-auth-certs mountPath: /opt/app/fproxy/config/auth/client-cert.p12 subPath: client-cert.p12 ports: @@ -248,21 +247,27 @@ spec: - name: {{ include "common.fullname" . }}-rproxy-log-config configMap: name: {{ include "common.fullname" . }}-rproxy-log-config + - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + configMap: + name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - name: {{ include "common.fullname" . }}-rproxy-auth-config secret: secretName: {{ include "common.fullname" . }}-rproxy-auth-config + - name: {{ include "common.fullname" . }}-rproxy-auth-certs + secret: + secretName: aai-rproxy-auth-certs - name: {{ include "common.fullname" . }}-rproxy-security-config secret: - secretName: {{ include "common.fullname" . }}-rproxy-security-config + secretName: aai-rproxy-security-config - name: {{ include "common.fullname" . }}-fproxy-config configMap: name: {{ include "common.fullname" . }}-fproxy-config - name: {{ include "common.fullname" . }}-fproxy-log-config configMap: name: {{ include "common.fullname" . }}-fproxy-log-config - - name: {{ include "common.fullname" . }}-fproxy-auth-config + - name: {{ include "common.fullname" . }}-fproxy-auth-certs secret: - secretName: {{ include "common.fullname" . }}-fproxy-auth-config + secretName: aai-fproxy-auth-certs {{ end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-champ/templates/secrets.yaml b/kubernetes/aai/charts/aai-champ/templates/secrets.yaml index a0a1519c26..fa1895645c 100644 --- a/kubernetes/aai/charts/aai-champ/templates/secrets.yaml +++ b/kubernetes/aai/charts/aai-champ/templates/secrets.yaml @@ -18,6 +18,11 @@ kind: Secret metadata: name: {{ include "common.fullname" . }}-champ namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} type: Opaque data: {{ tpl (.Files.Glob "resources/config/appconfig/auth/*").AsSecrets . | indent 2 }} @@ -41,28 +46,15 @@ data: --- apiVersion: v1 kind: Secret -metadata: - name: {{ include "common.fullname" . }}-fproxy-auth-config - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret metadata: name: {{ include "common.fullname" . }}-rproxy-auth-config namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} type: Opaque data: {{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-rproxy-security-config - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }} {{ end }} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/values.yaml b/kubernetes/aai/charts/aai-champ/values.yaml index b865b0050e..331786cf18 100644 --- a/kubernetes/aai/charts/aai-champ/values.yaml +++ b/kubernetes/aai/charts/aai-champ/values.yaml @@ -17,7 +17,7 @@ # Global configuration defaults. ################################################################# global: - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingImage: beats/filebeat:5.5.0 ################################################################# @@ -25,7 +25,7 @@ global: ################################################################# # application image -image: onap/champ:1.3.0 +image: onap/champ:1.4-STAGING-latest flavor: small @@ -33,6 +33,7 @@ flavor: small config: keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 # default number of instances replicaCount: 1 diff --git a/kubernetes/aai/charts/aai-data-router/Chart.yaml b/kubernetes/aai/charts/aai-data-router/Chart.yaml index da4de97ffd..47f9f312c7 100644 --- a/kubernetes/aai/charts/aai-data-router/Chart.yaml +++ b/kubernetes/aai/charts/aai-data-router/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAI Data-Router name: aai-data-router -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-data-router/templates/deployment.yaml b/kubernetes/aai/charts/aai-data-router/templates/deployment.yaml index a7ecbce96a..5c0d9b2f8d 100644 --- a/kubernetes/aai/charts/aai-data-router/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-data-router/templates/deployment.yaml @@ -35,6 +35,14 @@ spec: release: {{ .Release.Name }} name: {{ include "common.name" . }} spec: + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} initContainers: - command: - /bin/sh @@ -120,7 +128,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} # side car containers - name: filebeat-onap @@ -136,6 +144,8 @@ spec: name: {{ include "common.fullname" . }}-logs - mountPath: /usr/share/filebeat/data name: aai-filebeat + resources: +{{ include "common.resources" . }} volumes: - name: localtime hostPath: diff --git a/kubernetes/aai/charts/aai-data-router/templates/secret.yaml b/kubernetes/aai/charts/aai-data-router/templates/secret.yaml index 32a34823f6..6084ca3d4d 100644 --- a/kubernetes/aai/charts/aai-data-router/templates/secret.yaml +++ b/kubernetes/aai/charts/aai-data-router/templates/secret.yaml @@ -17,6 +17,11 @@ kind: Secret metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} type: Opaque data: {{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-elasticsearch/Chart.yaml b/kubernetes/aai/charts/aai-elasticsearch/Chart.yaml index 9b832249c1..fbc7abd0d9 100644 --- a/kubernetes/aai/charts/aai-elasticsearch/Chart.yaml +++ b/kubernetes/aai/charts/aai-elasticsearch/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAI elasticsearch name: aai-elasticsearch -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/bin/init_sg.sh b/kubernetes/aai/charts/aai-elasticsearch/resources/bin/init_sg.sh new file mode 100644 index 0000000000..e85936570e --- /dev/null +++ b/kubernetes/aai/charts/aai-elasticsearch/resources/bin/init_sg.sh @@ -0,0 +1,11 @@ +#!/bin/sh + +/usr/share/elasticsearch/plugins/search-guard-6/tools/sgadmin.sh \ + -cd /usr/share/elasticsearch/config/sg \ + -ks /usr/share/elasticsearch/config/sg/auth/{{ .Values.config.adminKeyStore }} \ + -ts /usr/share/elasticsearch/config/sg/auth/{{ .Values.config.trustStore }} \ + -kspass {{ .Values.config.adminKeyStorePassword }} \ + -tspass {{ .Values.config.trustStorePassword}} \ + -nhnv \ + -icl \ + -p {{ .Values.service.internalPort2 }} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/bin/run.sh b/kubernetes/aai/charts/aai-elasticsearch/resources/bin/run.sh new file mode 100644 index 0000000000..a612c74a1c --- /dev/null +++ b/kubernetes/aai/charts/aai-elasticsearch/resources/bin/run.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +# Wait for ES to start then initialize SearchGuard +/usr/local/bin/docker-entrypoint.sh eswrapper & +/usr/share/elasticsearch/bin/wait_until_started.sh +/usr/share/elasticsearch/bin/init_sg.sh + +wait \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/bin/wait_until_started.sh b/kubernetes/aai/charts/aai-elasticsearch/resources/bin/wait_until_started.sh new file mode 100644 index 0000000000..279253b43d --- /dev/null +++ b/kubernetes/aai/charts/aai-elasticsearch/resources/bin/wait_until_started.sh @@ -0,0 +1,9 @@ +#!/bin/sh +RET=1 + +while [[ RET -ne 0 ]]; do + echo "Waiting for Elasticsearch to become ready before running sgadmin..." + curl -XGET -k "https://localhost:{{ .Values.service.internalPort }}/" >/dev/null 2>&1 + RET=$? + sleep 5 +done \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/elasticsearch.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/elasticsearch.yml index 24b3c5aefc..87536e3faa 100644 --- a/kubernetes/aai/charts/aai-elasticsearch/resources/config/elasticsearch.yml +++ b/kubernetes/aai/charts/aai-elasticsearch/resources/config/elasticsearch.yml @@ -192,7 +192,7 @@ network.bind_host: 0.0.0.0 # Set a custom port for the node to node communication (9300 by default): -transport.tcp.port: {{ .Values.config.tcpPort }} +transport.tcp.port: {{ .Values.service.internalPort2 }} # Enable compression for all communication between nodes (disabled by default): transport.tcp.compress: false @@ -368,77 +368,29 @@ discovery.zen.ping.unicast.hosts: ["0.0.0.0"] ### SEARCH GUARD SSL # ### Configuration # ############################################################################################### -## Uncomment all lines below prefixed with #X# (globally remove #X#) for searchguard -## -############################################################################################### -### Transport layer SSL # -### # -############################################################################################### -### Enable or disable node-to-node ssl encryption (default: true) -#X#searchguard.ssl.transport.enable_openssl_if_available: true -#X#searchguard.ssl.transport.enabled: true -### JKS or PKCS12 (default: JKS) -#X#searchguard.ssl.transport.keystore_type: JKS -### Relative path to the keystore file (mandatory, this stores the server certificates), must be placed under the config/ dir -#X#searchguard.ssl.transport.keystore_filepath: /some/path -### Alias name (default: first alias which could be found) -###searchguard.ssl.transport.keystore_alias: localhost -### Keystore password (default: changeit) -#X#searchguard.ssl.transport.keystore_password: changeit -## -### JKS or PKCS12 (default: JKS) -#X#searchguard.ssl.transport.truststore_type: JKS -### Relative path to the truststore file (mandatory, this stores the client/root certificates), must be placed under the config/ dir -#X#searchguard.ssl.transport.truststore_filepath: truststore.jks -### Alias name (default: first alias which could be found) -###searchguard.ssl.transport.truststore_alias: my_alias -### Truststore password (default: changeit) -#X#searchguard.ssl.transport.truststore_password: changeit -### Enforce hostname verification (default: true) -###searchguard.ssl.transport.enforce_hostname_verification: true -### If hostname verification specify if hostname should be resolved (default: true) -###searchguard.ssl.transport.resolve_hostname: true -### Use native Open SSL instead of JDK SSL if available (default: true) -###searchguard.ssl.transport.enable_openssl_if_available: false -## -############################################################################################### -### HTTP/REST layer SSL # -### # -############################################################################################### -### Enable or disable rest layer security - https, (default: false) -#X#searchguard.ssl.http.enable_openssl_if_available: true -#X#searchguard.ssl.http.enabled: true -### JKS or PKCS12 (default: JKS) -#X#searchguard.ssl.http.keystore_type: JKS -### Relative path to the keystore file (this stores the server certificates), must be placed under the config/ dir -#X#searchguard.ssl.http.keystore_filepath: /keystore/path -### Alias name (default: first alias which could be found) -###searchguard.ssl.http.keystore_alias: my_alias -### Keystore password (default: changeit) -#X#searchguard.ssl.http.keystore_password: changeit -### Do the clients (typically the browser or the proxy) have to authenticate themself to the http server, default is OPTIONAL -### To enforce authentication use REQUIRE, to completely disable client certificates use NONE -###searchguard.ssl.http.clientauth_mode: REQUIRE -### JKS or PKCS12 (default: JKS) -#X#searchguard.ssl.http.truststore_type: JKS -### Relative path to the truststore file (this stores the client certificates), must be placed under the config/ dir -#X#searchguard.ssl.http.truststore_filepath: truststore.jks -### Alias name (default: first alias which could be found) -###searchguard.ssl.http.truststore_alias: my_alias -### Truststore password (default: changeit) -#X#searchguard.ssl.http.truststore_password: changeit -### Use native Open SSL instead of JDK SSL if available (default: true) -###searchguard.ssl.http.enable_openssl_if_available: false - -##################################################### -##### Security manager - Searchguard Configuration -##################################################### -#X#security.manager.enabled: false -#X#searchguard.authcz.admin_dn: - -##################################################### -##### X-Pack Configuration -##################################################### +######## Start Search Guard Demo Configuration ######## + +searchguard.enterprise_modules_enabled: false + +searchguard.ssl.transport.keystore_filepath: sg/auth/{{ .Values.config.nodeKeyStore }} +searchguard.ssl.transport.keystore_password: {{ .Values.config.nodeKeyStorePassword }} +searchguard.ssl.transport.truststore_filepath: sg/auth/{{ .Values.config.trustStore }} +searchguard.ssl.transport.truststore_password: {{ .Values.config.trustStorePassword }} +searchguard.ssl.transport.enforce_hostname_verification: false + +searchguard.ssl.http.enabled: true +searchguard.ssl.http.keystore_filepath: sg/auth/{{ .Values.config.nodeKeyStore }} +searchguard.ssl.http.keystore_password: {{ .Values.config.nodeKeyStorePassword }} +searchguard.ssl.http.truststore_filepath: sg/auth/{{ .Values.config.trustStore }} +searchguard.ssl.http.truststore_password: {{ .Values.config.trustStorePassword }} + +searchguard.nodes_dn: + - CN=esaai + +searchguard.authcz.admin_dn: + - CN=sgadmin + +# x-pack security conflicts with searchguard xpack.security.enabled: false xpack.ml.enabled: false xpack.monitoring.enabled: false diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/esaai-keystore.jks b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/esaai-keystore.jks new file mode 100644 index 0000000000..21ec9bba97 Binary files /dev/null and b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/esaai-keystore.jks differ diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/sgadmin-keystore.p12 b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/sgadmin-keystore.p12 new file mode 100644 index 0000000000..db7cbf401c Binary files /dev/null and b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/sgadmin-keystore.p12 differ diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/truststore.jks b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/truststore.jks new file mode 100644 index 0000000000..b3bd666652 Binary files /dev/null and b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/auth/truststore.jks differ diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_action_groups.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_action_groups.yml new file mode 100644 index 0000000000..be5901a559 --- /dev/null +++ b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_action_groups.yml @@ -0,0 +1,137 @@ +UNLIMITED: + readonly: true + permissions: + - "*" + +###### INDEX LEVEL ###### + +INDICES_ALL: + readonly: true + permissions: + - "indices:*" + +# for backward compatibility +ALL: + readonly: true + permissions: + - INDICES_ALL + +MANAGE: + readonly: true + permissions: + - "indices:monitor/*" + - "indices:admin/*" + +CREATE_INDEX: + readonly: true + permissions: + - "indices:admin/create" + - "indices:admin/mapping/put" + +MANAGE_ALIASES: + readonly: true + permissions: + - "indices:admin/aliases*" + +# for backward compatibility +MONITOR: + readonly: true + permissions: + - INDICES_MONITOR + +INDICES_MONITOR: + readonly: true + permissions: + - "indices:monitor/*" + +DATA_ACCESS: + readonly: true + permissions: + - "indices:data/*" + - CRUD + +WRITE: + readonly: true + permissions: + - "indices:data/write*" + - "indices:admin/mapping/put" + +READ: + readonly: true + permissions: + - "indices:data/read*" + - "indices:admin/mappings/fields/get*" + +DELETE: + readonly: true + permissions: + - "indices:data/write/delete*" + +CRUD: + readonly: true + permissions: + - READ + - WRITE + +SEARCH: + readonly: true + permissions: + - "indices:data/read/search*" + - "indices:data/read/msearch*" + - SUGGEST + +SUGGEST: + readonly: true + permissions: + - "indices:data/read/suggest*" + +INDEX: + readonly: true + permissions: + - "indices:data/write/index*" + - "indices:data/write/update*" + - "indices:admin/mapping/put" + - "indices:data/write/bulk*" + +GET: + readonly: true + permissions: + - "indices:data/read/get*" + - "indices:data/read/mget*" + +###### CLUSTER LEVEL ###### + +CLUSTER_ALL: + readonly: true + permissions: + - "cluster:*" + +CLUSTER_MONITOR: + readonly: true + permissions: + - "cluster:monitor/*" + +CLUSTER_COMPOSITE_OPS_RO: + readonly: true + permissions: + - "indices:data/read/mget" + - "indices:data/read/msearch" + - "indices:data/read/mtv" + - "indices:data/read/coordinate-msearch*" + - "indices:admin/aliases/exists*" + - "indices:admin/aliases/get*" + - "indices:data/read/scroll" + +CLUSTER_COMPOSITE_OPS: + readonly: true + permissions: + - "indices:data/write/bulk" + - "indices:admin/aliases*" + - "indices:data/write/reindex" + - CLUSTER_COMPOSITE_OPS_RO + +MANAGE_SNAPSHOTS: + readonly: true + permissions: + - "cluster:admin/snapshot/*" + - "cluster:admin/repository/*" \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml new file mode 100644 index 0000000000..9172b71e8d --- /dev/null +++ b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_config.yml @@ -0,0 +1,221 @@ +# This is the main Search Guard configuration file where authentication +# and authorization is defined. +# +# You need to configure at least one authentication domain in the authc of this file. +# An authentication domain is responsible for extracting the user credentials from +# the request and for validating them against an authentication backend like Active Directory for example. +# +# If more than one authentication domain is configured the first one which succeeds wins. +# If all authentication domains fail then the request is unauthenticated. +# In this case an exception is thrown and/or the HTTP status is set to 401. +# +# After authentication authorization (authz) will be applied. There can be zero or more authorizers which collect +# the roles from a given backend for the authenticated user. +# +# Both, authc and auth can be enabled/disabled separately for REST and TRANSPORT layer. Default is true for both. +# http_enabled: true +# transport_enabled: true +# +# 5.x Migration: "enabled: true/false" will also be respected currently but only to provide backward compatibility. +# +# For HTTP it is possible to allow anonymous authentication. If that is the case then the HTTP authenticators try to +# find user credentials in the HTTP request. If credentials are found then the user gets regularly authenticated. +# If none can be found the user will be authenticated as an "anonymous" user. This user has always the username "sg_anonymous" +# and one role named "sg_anonymous_backendrole". +# If you enable anonymous authentication all HTTP authenticators will not challenge. +# +# +# Note: If you define more than one HTTP authenticators make sure to put non-challenging authenticators like "proxy" or "clientcert" +# first and the challenging one last. +# Because it's not possible to challenge a client with two different authentication methods (for example +# Kerberos and Basic) only one can have the challenge flag set to true. You can cope with this situation +# by using pre-authentication, e.g. sending a HTTP Basic authentication header in the request. +# +# Default value of the challenge flag is true. +# +# +# HTTP +# basic (challenging) +# proxy (not challenging, needs xff) +# kerberos (challenging) +# clientcert (not challenging, needs https) +# jwt (not challenging) +# host (not challenging) #DEPRECATED, will be removed in a future version. +# host based authentication is configurable in sg_roles_mapping + +# Authc +# internal +# noop +# ldap + +# Authz +# ldap +# noop + +searchguard: + dynamic: + # Set filtered_alias_mode to 'disallow' to forbid more than 2 filtered aliases per index + # Set filtered_alias_mode to 'warn' to allow more than 2 filtered aliases per index but warns about it (default) + # Set filtered_alias_mode to 'nowarn' to allow more than 2 filtered aliases per index silently + #filtered_alias_mode: warn + #kibana: + # Kibana multitenancy + # see https://github.com/floragunncom/search-guard-docs/blob/master/multitenancy.md + # To make this work you need to install https://github.com/floragunncom/search-guard-module-kibana-multitenancy/wiki + #multitenancy_enabled: true + #server_username: kibanaserver + #index: '.kibana' + #do_not_fail_on_forbidden: false + http: + anonymous_auth_enabled: false + xff: + enabled: false + internalProxies: '192\.168\.0\.10|192\.168\.0\.11' # regex pattern + #internalProxies: '.*' # trust all internal proxies, regex pattern + remoteIpHeader: 'x-forwarded-for' + proxiesHeader: 'x-forwarded-by' + #trustedProxies: '.*' # trust all external proxies, regex pattern + ###### see https://docs.oracle.com/javase/7/docs/api/java/util/regex/Pattern.html for regex help + ###### more information about XFF https://en.wikipedia.org/wiki/X-Forwarded-For + ###### and here https://tools.ietf.org/html/rfc7239 + ###### and https://tomcat.apache.org/tomcat-8.0-doc/config/valve.html#Remote_IP_Valve + authc: + kerberos_auth_domain: + http_enabled: false + transport_enabled: false + order: 6 + http_authenticator: + type: kerberos + challenge: true + config: + # If true a lot of kerberos/security related debugging output will be logged to standard out + krb_debug: false + # If true then the realm will be stripped from the user name + strip_realm_from_principal: true + authentication_backend: + type: noop + basic_internal_auth_domain: + http_enabled: true + transport_enabled: true + order: 2 + http_authenticator: + type: basic + challenge: true + authentication_backend: + type: intern + proxy_auth_domain: + http_enabled: false + transport_enabled: false + order: 3 + http_authenticator: + type: proxy + challenge: false + config: + user_header: "x-proxy-user" + roles_header: "x-proxy-roles" + authentication_backend: + type: noop + jwt_auth_domain: + http_enabled: false + transport_enabled: false + order: 0 + http_authenticator: + type: jwt + challenge: false + config: + signing_key: "base64 encoded HMAC key or public RSA/ECDSA pem key" + jwt_header: "Authorization" + jwt_url_parameter: null + roles_key: null + subject_key: null + authentication_backend: + type: noop + clientcert_auth_domain: + http_enabled: true + transport_enabled: true + order: 1 + http_authenticator: + type: clientcert + config: + username_attribute: cn #optional, if omitted DN becomes username + challenge: false + authentication_backend: + type: noop + ldap: + http_enabled: false + transport_enabled: false + order: 5 + http_authenticator: + type: basic + challenge: false + authentication_backend: + # LDAP authentication backend (authenticate users against a LDAP or Active Directory) + type: ldap + config: + # enable ldaps + enable_ssl: false + # enable start tls, enable_ssl should be false + enable_start_tls: false + # send client certificate + enable_ssl_client_auth: false + # verify ldap hostname + verify_hostnames: true + hosts: + - localhost:8389 + bind_dn: null + password: null + userbase: 'ou=people,dc=example,dc=com' + # Filter to search for users (currently in the whole subtree beneath userbase) + # {0} is substituted with the username + usersearch: '(sAMAccountName={0})' + # Use this attribute from the user as username (if not set then DN is used) + username_attribute: null + authz: + roles_from_myldap: + http_enabled: false + transport_enabled: false + authorization_backend: + # LDAP authorization backend (gather roles from a LDAP or Active Directory, you have to configure the above LDAP authentication backend settings too) + type: ldap + config: + # enable ldaps + enable_ssl: false + # enable start tls, enable_ssl should be false + enable_start_tls: false + # send client certificate + enable_ssl_client_auth: false + # verify ldap hostname + verify_hostnames: true + hosts: + - localhost:8389 + bind_dn: null + password: null + rolebase: 'ou=groups,dc=example,dc=com' + # Filter to search for roles (currently in the whole subtree beneath rolebase) + # {0} is substituted with the DN of the user + # {1} is substituted with the username + # {2} is substituted with an attribute value from user's directory entry, of the authenticated user. Use userroleattribute to specify the name of the attribute + rolesearch: '(member={0})' + # Specify the name of the attribute which value should be substituted with {2} above + userroleattribute: null + # Roles as an attribute of the user entry + userrolename: disabled + #userrolename: memberOf + # The attribute in a role entry containing the name of that role, Default is "name". + # Can also be "dn" to use the full DN as rolename. + rolename: cn + # Resolve nested roles transitive (roles which are members of other roles and so on ...) + resolve_nested_roles: true + userbase: 'ou=people,dc=example,dc=com' + # Filter to search for users (currently in the whole subtree beneath userbase) + # {0} is substituted with the username + usersearch: '(uid={0})' + # Skip users matching a user name, a wildcard or a regex pattern + #skip_users: + # - 'cn=Michael Jackson,ou*people,o=TEST' + # - '/\S*/' + roles_from_another_ldap: + enabled: false + authorization_backend: + type: ldap + #config goes here ... diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_internal_users.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_internal_users.yml new file mode 100644 index 0000000000..942a7164aa --- /dev/null +++ b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_internal_users.yml @@ -0,0 +1,45 @@ +# This is the internal user database +# The hash value is a bcrypt hash and can be generated with plugin/tools/hash.sh + +#password is: admin +admin: + readonly: true + hash: $2a$12$VcCDgh2NDk07JGN0rjGbM.Ad41qVR/YFJcgHp0UGns5JDymv..TOG + roles: + - admin + attributes: + #no dots allowed in attribute names + attribute1: value1 + attribute2: value2 + attribute3: value3 + +#password is: logstash +logstash: + hash: $2a$12$u1ShR4l4uBS3Uv59Pa2y5.1uQuZBrZtmNfqB3iM/.jL0XoV9sghS2 + roles: + - logstash + +#password is: kibanaserver +kibanaserver: + readonly: true + hash: $2a$12$4AcgAt3xwOWadA5s5blL6ev39OXDNhmOesEoo33eZtrq2N0YrU3H. + +#password is: kibanaro +kibanaro: + hash: $2a$12$JJSXNfTowz7Uu5ttXfeYpeYE0arACvcwlPBStB1F.MI7f0U9Z4DGC + roles: + - kibanauser + - readall + +#password is: readall +readall: + hash: $2a$12$ae4ycwzwvLtZxwZ82RmiEunBbIPiAmGZduBAjKN0TXdwQFtCwARz2 + #password is: readall + roles: + - readall + +#password is: snapshotrestore +snapshotrestore: + hash: $2y$12$DpwmetHKwgYnorbgdvORCenv4NAK8cPUg8AI6pxLCuWf/ALc0.v7W + roles: + - snapshotrestore \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles.yml new file mode 100644 index 0000000000..c918e851f1 --- /dev/null +++ b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles.yml @@ -0,0 +1,262 @@ +# Allows everything, but no changes to searchguard configuration index +sg_all_access: + readonly: true + cluster: + - UNLIMITED + indices: + '*': + '*': + - UNLIMITED + tenants: + admin_tenant: RW + +# Read all, but no write permissions +sg_readall: + readonly: true + cluster: + - CLUSTER_COMPOSITE_OPS_RO + indices: + '*': + '*': + - READ + +# Read all and monitor, but no write permissions +sg_readall_and_monitor: + cluster: + - CLUSTER_MONITOR + - CLUSTER_COMPOSITE_OPS_RO + indices: + '*': + '*': + - READ + +# For users which use kibana, access to indices must be granted separately +sg_kibana_user: + readonly: true + cluster: + - INDICES_MONITOR + - CLUSTER_COMPOSITE_OPS + indices: + '?kibana': + '*': + - MANAGE + - INDEX + - READ + - DELETE + '?kibana-6': + '*': + - MANAGE + - INDEX + - READ + - DELETE + '?kibana_*': + '*': + - MANAGE + - INDEX + - READ + - DELETE + '?tasks': + '*': + - INDICES_ALL + '?management-beats': + '*': + - INDICES_ALL + '*': + '*': + - indices:data/read/field_caps* + - indices:data/read/xpack/rollup* + - indices:admin/mappings/get* + - indices:admin/get + +# For the kibana server +sg_kibana_server: + readonly: true + cluster: + - CLUSTER_MONITOR + - CLUSTER_COMPOSITE_OPS + - cluster:admin/xpack/monitoring* + - indices:admin/template* + - indices:data/read/scroll* + indices: + '?kibana': + '*': + - INDICES_ALL + '?kibana-6': + '*': + - INDICES_ALL + '?kibana_*': + '*': + - INDICES_ALL + '?reporting*': + '*': + - INDICES_ALL + '?monitoring*': + '*': + - INDICES_ALL + '?tasks': + '*': + - INDICES_ALL + '?management-beats*': + '*': + - INDICES_ALL + '*': + '*': + - "indices:admin/aliases*" + +# For logstash and beats +sg_logstash: + cluster: + - CLUSTER_MONITOR + - CLUSTER_COMPOSITE_OPS + - indices:admin/template/get + - indices:admin/template/put + indices: + 'logstash-*': + '*': + - CRUD + - CREATE_INDEX + '*beat*': + '*': + - CRUD + - CREATE_INDEX + +# Allows adding and modifying repositories and creating and restoring snapshots +sg_manage_snapshots: + cluster: + - MANAGE_SNAPSHOTS + indices: + '*': + '*': + - "indices:data/write/index" + - "indices:admin/create" + +# Allows each user to access own named index +sg_own_index: + cluster: + - CLUSTER_COMPOSITE_OPS + indices: + '${user_name}': + '*': + - INDICES_ALL + +### X-Pack COMPATIBILITY +sg_xp_monitoring: + readonly: true + cluster: + - cluster:monitor/xpack/info + - cluster:monitor/main + - cluster:admin/xpack/monitoring/bulk + indices: + '?monitor*': + '*': + - INDICES_ALL + +sg_xp_alerting: + readonly: true + cluster: + - indices:data/read/scroll + - cluster:admin/xpack/watcher* + - cluster:monitor/xpack/watcher* + indices: + '?watches*': + '*': + - INDICES_ALL + '?watcher-history-*': + '*': + - INDICES_ALL + '?triggered_watches': + '*': + - INDICES_ALL + '*': + '*': + - READ + - indices:admin/aliases/get + +sg_xp_machine_learning: + readonly: true + cluster: + - cluster:admin/persistent* + - cluster:internal/xpack/ml* + - indices:data/read/scroll* + - cluster:admin/xpack/ml* + - cluster:monitor/xpack/ml* + indices: + '*': + '*': + - READ + - indices:admin/get* + '?ml-*': + '*': + - "*" + +### LEGACY ROLES, FOR COMPATIBILITY ONLY +### WILL BE REMOVED IN SG7, DO NOT USE ANYMORE + +sg_readonly_and_monitor: + cluster: + - CLUSTER_MONITOR + - CLUSTER_COMPOSITE_OPS_RO + indices: + '*': + '*': + - READ + +# Make xpack monitoring work +sg_monitor: + cluster: + - cluster:admin/xpack/monitoring/* + - cluster:admin/ingest/pipeline/put + - cluster:admin/ingest/pipeline/get + - indices:admin/template/get + - indices:admin/template/put + - CLUSTER_MONITOR + - CLUSTER_COMPOSITE_OPS + indices: + '?monitor*': + '*': + - INDICES_ALL + '?marvel*': + '*': + - INDICES_ALL + '?kibana*': + '*': + - READ + '*': + '*': + - indices:data/read/field_caps + +# Make xpack alerting work +sg_alerting: + cluster: + - indices:data/read/scroll + - cluster:admin/xpack/watcher/watch/put + - cluster:admin/xpack/watcher* + - CLUSTER_MONITOR + - CLUSTER_COMPOSITE_OPS + indices: + '?kibana*': + '*': + - READ + '?watches*': + '*': + - INDICES_ALL + '?watcher-history-*': + '*': + - INDICES_ALL + '?triggered_watches': + '*': + - INDICES_ALL + '*': + '*': + - READ + + +sg_role_test: + cluster: + - indices:admin/template/get + - indices:admin/template/put + - CLUSTER_COMPOSITE_OPS + indices: + '*': + '*': + - UNLIMITED diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml new file mode 100644 index 0000000000..970e02763b --- /dev/null +++ b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml @@ -0,0 +1,38 @@ +# In this file users, backendroles and hosts can be mapped to Search Guard roles. +# Permissions for Search Guard roles are configured in sg_roles.yml + +sg_all_access: + readonly: true + backendroles: + - admin + +sg_logstash: + backendroles: + - logstash + +sg_kibana_server: + readonly: true + users: + - kibanaserver + +sg_kibana_user: + backendroles: + - kibanauser + +sg_readall: + readonly: true + backendroles: + - readall + +sg_manage_snapshots: + readonly: true + backendroles: + - snapshotrestore + +sg_own_index: + users: + - '*' + +sg_role_test: + users: + - test diff --git a/kubernetes/aai/charts/aai-elasticsearch/templates/configmap.yaml b/kubernetes/aai/charts/aai-elasticsearch/templates/configmap.yaml index c60b8f2da8..4be124fc0f 100644 --- a/kubernetes/aai/charts/aai-elasticsearch/templates/configmap.yaml +++ b/kubernetes/aai/charts/aai-elasticsearch/templates/configmap.yaml @@ -1,5 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Copyright © 2018 Amdocs, Bell Canada, AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,11 +12,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -#{{ if not .Values.disableAaiElasticsearch }} apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-es-config namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -26,4 +24,29 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} -#{{ end }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-sg-scripts + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/bin/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-sg-config + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/sg/*").AsConfig . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-elasticsearch/templates/deployment.yaml b/kubernetes/aai/charts/aai-elasticsearch/templates/deployment.yaml index 586d64f9ab..785693a9ba 100644 --- a/kubernetes/aai/charts/aai-elasticsearch/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-elasticsearch/templates/deployment.yaml @@ -34,6 +34,7 @@ spec: release: {{ .Release.Name }} name: {{ include "common.name" . }} spec: + hostname: {{ include "common.name" . }} initContainers: - command: - /bin/sh @@ -53,18 +54,18 @@ spec: securityContext: privileged: true image: {{ .Values.global.dockerhubRepository | default .Values.dockerhubRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} name: init-sysctl volumeMounts: - name: elasticsearch-data mountPath: /logroot/ - hostname: {{ include "common.name" . }} containers: - name: {{ include "common.name" . }} - image: {{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} ports: - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.internalPort2 }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{- if eq .Values.liveness.enabled true }} @@ -92,6 +93,19 @@ spec: - name: elasticsearch-config subPath: log4j2.properties mountPath: /usr/share/elasticsearch/config/log4j2.properties + - name: searchguard-scripts + subPath: run.sh + mountPath: /usr/share/elasticsearch/bin/run.sh + - name: searchguard-scripts + subPath: wait_until_started.sh + mountPath: /usr/share/elasticsearch/bin/wait_until_started.sh + - name: searchguard-scripts + subPath: init_sg.sh + mountPath: /usr/share/elasticsearch/bin/init_sg.sh + - name: searchguard-config + mountPath: /usr/share/elasticsearch/config/sg + - name: searchguard-auth-config + mountPath: /usr/share/elasticsearch/config/sg/auth - name: elasticsearch-data mountPath: /usr/share/elasticsearch/data resources: @@ -111,9 +125,20 @@ spec: path: /etc/localtime - name: elasticsearch-config configMap: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-es-config + - name: searchguard-scripts + configMap: + name: {{ include "common.fullname" . }}-sg-scripts + defaultMode: 0754 + - name: searchguard-config + configMap: + name: {{ include "common.fullname" . }}-sg-config + - name: searchguard-auth-config + secret: + secretName: {{ include "common.fullname" . }}-sg-auth - name: elasticsearch-data hostPath: path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + restartPolicy: {{ .Values.restartPolicy }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/templates/configmap.yaml b/kubernetes/aai/charts/aai-elasticsearch/templates/secrets.yaml similarity index 76% rename from kubernetes/vvp/charts/vvp-em-uwsgi/templates/configmap.yaml rename to kubernetes/aai/charts/aai-elasticsearch/templates/secrets.yaml index 1163973c28..34b272f086 100644 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/templates/configmap.yaml +++ b/kubernetes/aai/charts/aai-elasticsearch/templates/secrets.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright © 2018 Amdocs, Bell Canada, AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,9 +13,10 @@ # limitations under the License. apiVersion: v1 -kind: ConfigMap +kind: Secret metadata: - name: {{ include "common.fullname" . }}-settings + name: {{ include "common.fullname" . }}-sg-auth namespace: {{ include "common.namespace" . }} +type: Opaque data: -{{ tpl (.Files.Glob "resources/config/em/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/sg/auth/*").AsSecrets . | indent 2 }} \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-elasticsearch/templates/service.yaml b/kubernetes/aai/charts/aai-elasticsearch/templates/service.yaml index b1de5a73cb..d1199125d2 100644 --- a/kubernetes/aai/charts/aai-elasticsearch/templates/service.yaml +++ b/kubernetes/aai/charts/aai-elasticsearch/templates/service.yaml @@ -25,14 +25,19 @@ metadata: spec: type: {{ .Values.service.type }} ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + - port: {{ .Values.service.internalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.portName2 }} + {{- else -}} + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + - port: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName2 }} + {{- end}} selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} diff --git a/kubernetes/aai/charts/aai-elasticsearch/values.yaml b/kubernetes/aai/charts/aai-elasticsearch/values.yaml index 5ce8f8016b..ea82c99f8b 100644 --- a/kubernetes/aai/charts/aai-elasticsearch/values.yaml +++ b/kubernetes/aai/charts/aai-elasticsearch/values.yaml @@ -19,16 +19,21 @@ global: # global defaults nodePortPrefix: 302 # application image -loggingRepository: docker.elastic.co -image: elasticsearch/elasticsearch:6.1.2 +image: onap/elasticsearch-sg:1.4-STAGING-latest pullPolicy: Always +restartPolicy: Always flavor: small # application configuration config: tcpPort: 8443 - + nodeKeyStore: esaai-keystore.jks + nodeKeyStorePassword: b87b46d3da7d3d4aadfe + adminKeyStore: sgadmin-keystore.p12 + adminKeyStorePassword: 341274302a70ad691e12 + trustStore: truststore.jks + trustStorePassword: b200926e9da205487f63 # default number of instances replicaCount: 1 @@ -54,6 +59,8 @@ service: name: aai-elasticsearch portName: aai-elasticsearch internalPort: 9200 + portName2: aai-elasticsearch-tcp + internalPort2: 8443 ingress: enabled: false diff --git a/kubernetes/aai/charts/aai-gizmo/Chart.yaml b/kubernetes/aai/charts/aai-gizmo/Chart.yaml index 19ba3f63b6..98dba95bf1 100644 --- a/kubernetes/aai/charts/aai-gizmo/Chart.yaml +++ b/kubernetes/aai/charts/aai-gizmo/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Gizmo service name: aai-gizmo -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore deleted file mode 100644 index 9eec841aa2..0000000000 Binary files a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore and /dev/null differ diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml index 3a35b76f7b..2e6237912f 100644 --- a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml +++ b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml @@ -39,10 +39,7 @@ - - - - - + + \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12 deleted file mode 100644 index dbf4fcacec..0000000000 Binary files a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12 and /dev/null differ diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore deleted file mode 100644 index 99129c145f..0000000000 Binary files a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore and /dev/null differ diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json index e468b3d7bd..54d5de2721 100644 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json +++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json @@ -82,18 +82,18 @@ "permissions": [ "test\\.auth\\.access\\|services\\|GET,PUT", "\\|services\\|GET" - ] + ] }, { "uri": "\/services\/inventory\/.*", "permissions": [ - "org\\.access\\|\\*\\|\\*" - ] + "org\\.onap\\.aai\\.resources\\|\\*\\|.*" + ] }, { "uri": "\/services\/gizmo\/.*", "permissions": [ - "org\\.access\\|\\*\\|\\*" - ] + "org\\.onap\\.aai\\.resources\\|\\*\\|.*" + ] } ] diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties index a82e38caf6..51ac56a88d 100644 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties +++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties @@ -9,17 +9,31 @@ #hostname=test.aic.cip.att.com cadi_loglevel=DEBUG -cadi_keyfile=/opt/app/rproxy/config/security/keyfile +# OAuth2 +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect + +cadi_latitude=37.78187 +cadi_longitude=-122.26147 + +# Locate URL (which AAF Env) +aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 + +# AAF URL +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 + +cadi_keyfile=/opt/app/rproxy/config/security/keyfile +cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12 +cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV +cadi_alias=aai@aai.onap.org cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 -# Configure AAF -aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}} aaf_env=DEV aaf_id=demo@people.osaaf.org aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz # This is a colon separated list of client cert issuers -cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA +cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml index 289fe7512c..7659e28850 100644 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml +++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml @@ -34,15 +34,12 @@ - + - - - - - + + diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile deleted file mode 100644 index 6cd12fcfb4..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile +++ /dev/null @@ -1,27 +0,0 @@ -bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM -1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29 -xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK -BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm -6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99 -QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm -zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6 -x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf -8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz -FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz -UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r -banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv -6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG -yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB -xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB -lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq -ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE -fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v -1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5 -liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc -0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u -PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm -8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv -dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ --85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn -c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J -uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml b/kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml index a25dcbc806..2a4a1b51f7 100644 --- a/kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml +++ b/kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml @@ -98,5 +98,13 @@ metadata: namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }} {{ end }} diff --git a/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml b/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml index 0a30388279..0f491d8872 100644 --- a/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml @@ -32,11 +32,6 @@ spec: release: {{ .Release.Name }} spec: {{ if .Values.global.installSidecarSecurity }} - hostAliases: - - ip: {{ .Values.global.aaf.serverIp }} - hostnames: - - {{ .Values.global.aaf.serverHostname }} - initContainers: - name: {{ .Values.global.tproxyConfig.name }} image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}" @@ -57,12 +52,14 @@ spec: tcpSocket: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: tcpSocket: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: CONFIG_HOME @@ -105,15 +102,15 @@ spec: name: {{ include "common.fullname" . }}-logback-config subPath: logback.xml resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} +{{ include "common.resources" . }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} - name: filebeat-onap image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" @@ -154,18 +151,18 @@ spec: - name: {{ include "common.fullname" . }}-rproxy-log-config mountPath: /opt/app/rproxy/config/logback-spring.xml subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-rproxy-auth-config + - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + mountPath: /opt/app/rproxy/config/auth/uri-authorization.json + subPath: uri-authorization.json + - name: {{ include "common.fullname" . }}-rproxy-auth-certs mountPath: /opt/app/rproxy/config/auth/tomcat_keystore subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-rproxy-auth-config + - name: {{ include "common.fullname" . }}-rproxy-auth-certs mountPath: /opt/app/rproxy/config/auth/client-cert.p12 subPath: client-cert.p12 - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/uri-authorization.json - subPath: uri-authorization.json - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks - subPath: aaf_truststore.jks + - name: {{ include "common.fullname" . }}-rproxy-auth-certs + mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12 + subPath: org.onap.aai.p12 - name: {{ include "common.fullname" . }}-rproxy-security-config mountPath: /opt/app/rproxy/config/security/keyfile subPath: keyfile @@ -181,6 +178,8 @@ spec: value: "/opt/app/fproxy/config" - name: KEY_STORE_PASSWORD value: {{ .Values.config.keyStorePassword }} + - name: TRUST_STORE_PASSWORD + value: {{ .Values.config.trustStorePassword }} - name: spring_profiles_active value: {{ .Values.global.fproxy.activeSpringProfiles }} volumeMounts: @@ -190,10 +189,13 @@ spec: - name: {{ include "common.fullname" . }}-fproxy-log-config mountPath: /opt/app/fproxy/config/logback-spring.xml subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-fproxy-auth-config + - name: {{ include "common.fullname" . }}-fproxy-auth-certs mountPath: /opt/app/fproxy/config/auth/tomcat_keystore subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-fproxy-auth-config + - name: {{ include "common.fullname" . }}-fproxy-auth-certs + mountPath: /opt/app/fproxy/config/auth/fproxy_truststore + subPath: fproxy_truststore + - name: {{ include "common.fullname" . }}-fproxy-auth-certs mountPath: /opt/app/fproxy/config/auth/client-cert.p12 subPath: client-cert.p12 ports: @@ -242,21 +244,27 @@ spec: - name: {{ include "common.fullname" . }}-rproxy-log-config configMap: name: {{ include "common.fullname" . }}-rproxy-log-config + - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + configMap: + name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - name: {{ include "common.fullname" . }}-rproxy-auth-config secret: secretName: {{ include "common.fullname" . }}-rproxy-auth-config + - name: {{ include "common.fullname" . }}-rproxy-auth-certs + secret: + secretName: aai-rproxy-auth-certs - name: {{ include "common.fullname" . }}-rproxy-security-config secret: - secretName: {{ include "common.fullname" . }}-rproxy-security-config + secretName: aai-rproxy-security-config - name: {{ include "common.fullname" . }}-fproxy-config configMap: name: {{ include "common.fullname" . }}-fproxy-config - name: {{ include "common.fullname" . }}-fproxy-log-config configMap: name: {{ include "common.fullname" . }}-fproxy-log-config - - name: {{ include "common.fullname" . }}-fproxy-auth-config + - name: {{ include "common.fullname" . }}-fproxy-auth-certs secret: - secretName: {{ include "common.fullname" . }}-fproxy-auth-config + secretName: aai-fproxy-auth-certs {{ end }} imagePullSecrets: diff --git a/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml b/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml index 7db76055d1..96c3424476 100644 --- a/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml +++ b/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml @@ -45,28 +45,10 @@ data: --- apiVersion: v1 kind: Secret -metadata: - name: {{ include "common.fullname" . }}-fproxy-auth-config - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret metadata: name: {{ include "common.fullname" . }}-rproxy-auth-config namespace: {{ include "common.namespace" . }} type: Opaque data: {{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-rproxy-security-config - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }} {{ end }} diff --git a/kubernetes/aai/charts/aai-gizmo/values.yaml b/kubernetes/aai/charts/aai-gizmo/values.yaml index 599bc5548f..9fbe8529c9 100644 --- a/kubernetes/aai/charts/aai-gizmo/values.yaml +++ b/kubernetes/aai/charts/aai-gizmo/values.yaml @@ -29,6 +29,7 @@ flavor: small config: keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 # default number of instances replicaCount: 1 @@ -39,14 +40,16 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 60 + timeoutSeconds: 10 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 60 + timeoutSeconds: 10 periodSeconds: 10 service: diff --git a/kubernetes/aai/charts/aai-graphadmin/Chart.yaml b/kubernetes/aai/charts/aai-graphadmin/Chart.yaml index a052da8046..7772ab0753 100644 --- a/kubernetes/aai/charts/aai-graphadmin/Chart.yaml +++ b/kubernetes/aai/charts/aai-graphadmin/Chart.yaml @@ -20,4 +20,4 @@ apiVersion: v1 description: ONAP AAI GraphAdmin name: aai-graphadmin -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-graphadmin/resources/config/application.properties b/kubernetes/aai/charts/aai-graphadmin/resources/config/application.properties index 81a9c7b27d..c23c5fa19f 100644 --- a/kubernetes/aai/charts/aai-graphadmin/resources/config/application.properties +++ b/kubernetes/aai/charts/aai-graphadmin/resources/config/application.properties @@ -45,9 +45,9 @@ server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties server.port=8449 server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 -server.ssl.key-store=${server.local.startpath}etc/auth/{{ .Values.global.config.keystore.filename }} +server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) -server.ssl.trust-store=${server.local.startpath}etc/auth/{{ .Values.global.config.truststore.filename }} +server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) server.ssl.client-auth=want server.ssl.key-store-type=JKS @@ -86,3 +86,14 @@ schema.version.edge.label.start={{ .Values.global.config.schema.version.edge.lab # Specifies the version that the application should default to schema.version.api.default={{ .Values.global.config.schema.version.api.default }} +schema.translator.list={{ .Values.global.config.schema.translator.list }} +schema.service.base.url=https://aai-schema-service.{{ include "common.namespace" . }}:8452/aai/schema-service/v1/ +schema.service.nodes.endpoint=nodes?version= +schema.service.edges.endpoint=edgerules?version= +schema.service.versions.endpoint=versions +schema.service.client={{ .Values.global.config.schema.service.client }} + +schema.service.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} +schema.service.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} +schema.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) +schema.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) diff --git a/kubernetes/aai/charts/aai-graphadmin/resources/config/logback.xml b/kubernetes/aai/charts/aai-graphadmin/resources/config/logback.xml index 787fc64b6f..e5e6ab5bf3 100644 --- a/kubernetes/aai/charts/aai-graphadmin/resources/config/logback.xml +++ b/kubernetes/aai/charts/aai-graphadmin/resources/config/logback.xml @@ -3,7 +3,7 @@ ============LICENSE_START======================================================= org.onap.aai ================================================================================ - Copyright 2018 AT&T Intellectual Property. All rights reserved. + Copyright 2019 AT&T Intellectual Property. All rights reserved. ================================================================================ Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -20,689 +20,595 @@ --> - + - + - + - - - - - - - - + + + + + + + + - + - - - - %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx} - - - - - - ${logDirectory}/rest/sane.log - - ${logDirectory}/rest/sane.log.%d{yyyy-MM-dd} - - - %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n - - - - - - 1000 - true - - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/rest/metrics.log - - ${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd} - - - - ${eelfMetricLogPattern} - - - - 1000 - true - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/rest/debug.log - - ${logDirectory}/rest/debug.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - 1000 - true - - - - - - WARN - - ${logDirectory}/rest/error.log - - ${logDirectory}/rest/error.log.%d{yyyy-MM-dd} - - - - ${"eelfErrorLogPattern"} - - - - - 1000 - true - - - - - ${logDirectory}/rest/audit.log - - ${logDirectory}/rest/audit.log.%d{yyyy-MM-dd} - - - - ${eelfAuditLogPattern} - - - - - 1000 - true - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/rest/translog.log - - ${logDirectory}/rest/translog.log.%d{yyyy-MM-dd} - - - - ${eelfTransLogPattern} - - - - - 1000 - true - - - - - - WARN - - ${logDirectory}/dmaapAAIEventConsumer/error.log - - ${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd} - - - - ${"eelfErrorLogPattern"} - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/dmaapAAIEventConsumer/debug.log - - ${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/dmaapAAIEventConsumer/metrics.log - - ${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd} - - - - ${eelfMetricLogPattern} - - - - - WARN - - ${logDirectory}/external/external.log - - ${logDirectory}/external/external.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - - - WARN - - ${logDirectory}/dataGrooming/error.log - - ${logDirectory}/dataGrooming/error.log.%d{yyyy-MM-dd} - - - ${eelfErrorLogPattern} - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/dataGrooming/debug.log - - ${logDirectory}/dataGrooming/debug.log.%d{yyyy-MM-dd} - - - ${eelfLogPattern} - - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/dataGrooming/metrics.log - - ${logDirectory}/dataGrooming/metrics.log.%d{yyyy-MM-dd} - - - ${eelfMetricLogPattern} - - - - - - - - - WARN - - ${logDirectory}/dataSnapshot/error.log - - ${logDirectory}/dataSnapshot/error.log.%d{yyyy-MM-dd} - - - ${eelfErrorLogPattern} - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/dataSnapshot/debug.log - - ${logDirectory}/dataSnapshot/debug.log.%d{yyyy-MM-dd} - - - ${eelfLogPattern} - - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/dataSnapshot/metrics.log - - ${logDirectory}/dataSnapshot/metrics.log.%d{yyyy-MM-dd} - - - ${eelfMetricLogPattern} - - - - - - - - - WARN - - ${logDirectory}/createDBSchema/error.log - - ${logDirectory}/createDBSchema/error.log.%d{yyyy-MM-dd} - - - ${"eelfErrorLogPattern"} - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/createDBSchema/debug.log - - ${logDirectory}/createDBSchema/debug.log.%d{yyyy-MM-dd} - - - ${eelfLogPattern} - - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/createDBSchema/metrics.log - - ${logDirectory}/createDBSchema/metrics.log.%d{yyyy-MM-dd} - - - ${eelfMetricLogPattern} - - - - - - - - WARN - - ${logDirectory}/misc/error.log - - ${logDirectory}/misc/error.log.%d{yyyy-MM-dd} - - - ${"eelfErrorLogPattern"} - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/misc/debug.log - - ${logDirectory}/misc/debug.log.%d{yyyy-MM-dd} - - - ${eelfLogPattern} - - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/misc/metrics.log - - ${logDirectory}/misc/metrics.log.%d{yyyy-MM-dd} - - - ${eelfMetricLogPattern} - - - - - - - - WARN - - ${logDirectory}/pullInvData/error.log - - ${logDirectory}/pullInvData/error.log.%d{yyyy-MM-dd} - - - ${"eelfErrorLogPattern"} - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/pullInvData/debug.log - - ${logDirectory}/pullInvData/debug.log.%d{yyyy-MM-dd} - - - ${eelfLogPattern} - - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/pullInvData/metrics.log - - ${logDirectory}/pullInvData/metrics.log.%d{yyyy-MM-dd} - - - ${eelfMetricLogPattern} - - - - - - - WARN - - ${logDirectory}/dataExport/error.log - - ${logDirectory}/dataExport/error.log.%d{yyyy-MM-dd} - - - ${eelfErrorLogPattern} - - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/dataExport/debug.log - - ${logDirectory}/dataExport/debug.log.%d{yyyy-MM-dd} - - - ${eelfLogPattern} - - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/dataExport/metrics.log - - ${logDirectory}/dataExport/metrics.log.%d{yyyy-MM-dd} - - - ${eelfMetricLogPattern} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${logDirectory}/perf-audit/Audit-${lrmRVer}-${lrmRO}-${Pid}.log - - - ${logDirectory}/perf-audit/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip - - 1 - 9 - - - 5MB - - - eelfAuditLogPattern - - - - - ${logDirectory}/perf-audit/Perform-${lrmRVer}-${lrmRO}-${Pid}.log - - - ${logDirectory}/perf-audit/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip - - 1 - 9 - - - 5MB - - - "%d [%thread] %-5level %logger{1024} - %msg%n" - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - {{ if .Values.global.config.logback.console.enabled }} - - {{ end }} - + + + + %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx} + + + + + + ${logDirectory}/rest/sane.log + + ${logDirectory}/rest/sane.log.%d{yyyy-MM-dd} + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + + + + 1000 + true + + + + + + INFO + ACCEPT + DENY + + ${logDirectory}/rest/metrics.log + + ${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd} + + + + ${eelfMetricLogPattern} + + + + 1000 + true + + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/rest/debug.log + + ${logDirectory}/rest/debug.log.%d{yyyy-MM-dd} + + + + ${eelfLogPattern} + + + + + 1000 + true + + + + + + WARN + + ${logDirectory}/rest/error.log + + ${logDirectory}/rest/error.log.%d{yyyy-MM-dd} + + + + ${"eelfErrorLogPattern"} + + + + + 1000 + true + + + + + ${logDirectory}/rest/audit.log + + ${logDirectory}/rest/audit.log.%d{yyyy-MM-dd} + + + + ${eelfAuditLogPattern} + + + + + 1000 + true + + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/rest/translog.log + + ${logDirectory}/rest/translog.log.%d{yyyy-MM-dd} + + + + ${eelfTransLogPattern} + + + + + 1000 + true + + + + + + WARN + + ${logDirectory}/dmaapAAIEventConsumer/error.log + + ${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd} + + + + ${"eelfErrorLogPattern"} + + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/dmaapAAIEventConsumer/debug.log + + ${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd} + + + + ${eelfLogPattern} + + + + + INFO + ACCEPT + DENY + + ${logDirectory}/dmaapAAIEventConsumer/metrics.log + + ${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd} + + + + ${eelfMetricLogPattern} + + + + + WARN + + ${logDirectory}/external/external.log + + ${logDirectory}/external/external.log.%d{yyyy-MM-dd} + + + + ${eelfLogPattern} + + + + + + + WARN + + ${logDirectory}/dataGrooming/error.log + + ${logDirectory}/dataGrooming/error.log.%d{yyyy-MM-dd} + + + ${eelfErrorLogPattern} + + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/dataGrooming/debug.log + + ${logDirectory}/dataGrooming/debug.log.%d{yyyy-MM-dd} + + + ${eelfLogPattern} + + + + + + INFO + ACCEPT + DENY + + ${logDirectory}/dataGrooming/metrics.log + + ${logDirectory}/dataGrooming/metrics.log.%d{yyyy-MM-dd} + + + ${eelfMetricLogPattern} + + + + + + + + + WARN + + ${logDirectory}/dataSnapshot/error.log + + ${logDirectory}/dataSnapshot/error.log.%d{yyyy-MM-dd} + + + ${eelfErrorLogPattern} + + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/dataSnapshot/debug.log + + ${logDirectory}/dataSnapshot/debug.log.%d{yyyy-MM-dd} + + + ${eelfLogPattern} + + + + + + INFO + ACCEPT + DENY + + ${logDirectory}/dataSnapshot/metrics.log + + ${logDirectory}/dataSnapshot/metrics.log.%d{yyyy-MM-dd} + + + ${eelfMetricLogPattern} + + + + + + + + + WARN + + ${logDirectory}/createDBSchema/error.log + + ${logDirectory}/createDBSchema/error.log.%d{yyyy-MM-dd} + + + ${"eelfErrorLogPattern"} + + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/createDBSchema/debug.log + + ${logDirectory}/createDBSchema/debug.log.%d{yyyy-MM-dd} + + + ${eelfLogPattern} + + + + + + INFO + ACCEPT + DENY + + ${logDirectory}/createDBSchema/metrics.log + + ${logDirectory}/createDBSchema/metrics.log.%d{yyyy-MM-dd} + + + ${eelfMetricLogPattern} + + + + + + + + WARN + + ${logDirectory}/misc/error.log + + ${logDirectory}/misc/error.log.%d{yyyy-MM-dd} + + + ${"eelfErrorLogPattern"} + + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/misc/debug.log + + ${logDirectory}/misc/debug.log.%d{yyyy-MM-dd} + + + ${eelfLogPattern} + + + + + + INFO + ACCEPT + DENY + + ${logDirectory}/misc/metrics.log + + ${logDirectory}/misc/metrics.log.%d{yyyy-MM-dd} + + + ${eelfMetricLogPattern} + + + + + + + + WARN + + ${logDirectory}/pullInvData/error.log + + ${logDirectory}/pullInvData/error.log.%d{yyyy-MM-dd} + + + ${"eelfErrorLogPattern"} + + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/pullInvData/debug.log + + ${logDirectory}/pullInvData/debug.log.%d{yyyy-MM-dd} + + + ${eelfLogPattern} + + + + + + INFO + ACCEPT + DENY + + ${logDirectory}/pullInvData/metrics.log + + ${logDirectory}/pullInvData/metrics.log.%d{yyyy-MM-dd} + + + ${eelfMetricLogPattern} + + + + + + + WARN + + ${logDirectory}/dataExport/error.log + + ${logDirectory}/dataExport/error.log.%d{yyyy-MM-dd} + + + ${eelfErrorLogPattern} + + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/dataExport/debug.log + + ${logDirectory}/dataExport/debug.log.%d{yyyy-MM-dd} + + + ${eelfLogPattern} + + + + + + INFO + ACCEPT + DENY + + ${logDirectory}/dataExport/metrics.log + + ${logDirectory}/dataExport/metrics.log.%d{yyyy-MM-dd} + + + ${eelfMetricLogPattern} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + {{ if .Values.global.config.logback.console.enabled }} + + {{ end }} + diff --git a/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml b/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml index 869eac0cc7..b595ac81bf 100644 --- a/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml @@ -55,6 +55,8 @@ spec: args: - --container-name - aai-cassandra + - --container-name + - aai-schema-service {{ end }} env: - name: NAMESPACE @@ -72,9 +74,9 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} env: - name: LOCAL_USER_ID - value: {{ .Values.config.userId | quote }} + value: {{ .Values.global.config.userId | quote }} - name: LOCAL_GROUP_ID - value: {{ .Values.config.groupId | quote }} + value: {{ .Values.global.config.groupId | quote }} volumeMounts: - mountPath: /etc/localtime name: localtime @@ -126,7 +128,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} @@ -183,7 +185,7 @@ spec: name: {{ include "common.fullname" . }}-realm-configmap - name: {{ include "common.fullname" . }}-auth-truststore-sec secret: - secretName: aai-auth-truststore-secret + secretName: aai-common-truststore items: {{ range $job := .Values.global.config.auth.files }} - key: {{ . }} diff --git a/kubernetes/aai/charts/aai-graphadmin/templates/job.yaml b/kubernetes/aai/charts/aai-graphadmin/templates/job.yaml index cdcf2b1d9f..a62202ba32 100644 --- a/kubernetes/aai/charts/aai-graphadmin/templates/job.yaml +++ b/kubernetes/aai/charts/aai-graphadmin/templates/job.yaml @@ -49,8 +49,6 @@ spec: app: {{ include "common.name" . }}-job release: {{ .Release.Name }} name: {{ include "common.name" . }} - annotations: - checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} spec: initContainers: - command: @@ -58,6 +56,8 @@ spec: args: - --container-name - aai-cassandra + - --container-name + - aai-schema-service env: - name: NAMESPACE valueFrom: @@ -93,7 +93,7 @@ spec: - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties name: {{ include "common.fullname" . }}-aaiconfig-conf subPath: aaiconfig.properties - - mountPath: /opt/aai/logroot/AAI-RES + - mountPath: /opt/aai/logroot/AAI-GA name: {{ include "common.fullname" . }}-logs - mountPath: /opt/app/aai-graphadmin/resources/logback.xml name: {{ include "common.fullname" . }}-log-conf @@ -111,7 +111,7 @@ spec: subPath: {{ . }} {{ end }} resources: -{{ include "common.resources" . | indent 10 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} @@ -128,7 +128,8 @@ spec: configMap: name: aai-filebeat - name: {{ include "common.fullname" . }}-logs - emptyDir: {} + hostPath: + path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}-create-db-schema - name: {{ include "common.fullname" . }}-filebeat emptyDir: {} - name: {{ include "common.fullname" . }}-log-conf @@ -154,7 +155,7 @@ spec: name: {{ include "common.fullname" . }}-realm-configmap - name: {{ include "common.fullname" . }}-auth-truststore-sec secret: - secretName: aai-auth-truststore-secret + secretName: aai-common-truststore items: {{ range $job := .Values.global.config.auth.files }} - key: {{ . }} diff --git a/kubernetes/aai/charts/aai-graphadmin/values.yaml b/kubernetes/aai/charts/aai-graphadmin/values.yaml index b6192c391b..bdd6033bc3 100644 --- a/kubernetes/aai/charts/aai-graphadmin/values.yaml +++ b/kubernetes/aai/charts/aai-graphadmin/values.yaml @@ -23,12 +23,12 @@ global: # global defaults nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 # application image repository: nexus3.onap.org:10001 -image: onap/aai-graphadmin:1.0.1 +image: onap/aai-graphadmin:1.1-STAGING-latest pullPolicy: Always restartPolicy: Always flavor: small @@ -107,6 +107,10 @@ service: ingress: enabled: false +persistence: + mountPath: /dockerdata-nfs + mountSubPath: aai/aai-graphadmin + resources: small: limits: diff --git a/kubernetes/aai/charts/aai-modelloader/Chart.yaml b/kubernetes/aai/charts/aai-modelloader/Chart.yaml index e2b0027337..908e11b29b 100644 --- a/kubernetes/aai/charts/aai-modelloader/Chart.yaml +++ b/kubernetes/aai/charts/aai-modelloader/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAI modelloader name: aai-modelloader -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-modelloader/templates/deployment.yaml b/kubernetes/aai/charts/aai-modelloader/templates/deployment.yaml index 3a81168caf..f34693fd44 100644 --- a/kubernetes/aai/charts/aai-modelloader/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-modelloader/templates/deployment.yaml @@ -35,6 +35,14 @@ spec: release: {{ .Release.Name }} name: {{ include "common.name" . }} spec: + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -60,7 +68,7 @@ spec: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} # side car containers - name: filebeat-onap @@ -74,6 +82,8 @@ spec: name: {{ include "common.fullname" . }}-logs - mountPath: /usr/share/filebeat/data name: aai-filebeat + resources: +{{ include "common.resources" . }} volumes: - name: localtime hostPath: diff --git a/kubernetes/aai/charts/aai-modelloader/templates/secret.yaml b/kubernetes/aai/charts/aai-modelloader/templates/secret.yaml index 32a34823f6..6084ca3d4d 100644 --- a/kubernetes/aai/charts/aai-modelloader/templates/secret.yaml +++ b/kubernetes/aai/charts/aai-modelloader/templates/secret.yaml @@ -17,6 +17,11 @@ kind: Secret metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} type: Opaque data: {{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-resources/Chart.yaml b/kubernetes/aai/charts/aai-resources/Chart.yaml index 2954c7f077..12464b5a49 100644 --- a/kubernetes/aai/charts/aai-resources/Chart.yaml +++ b/kubernetes/aai/charts/aai-resources/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP AAI resources name: aai-resources -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile index 3416d4a737..87219388f7 100644 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile +++ b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile @@ -1,27 +1,27 @@ -2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf -jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm -4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe -moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf -GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT -74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh -iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb -p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt -3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW -hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7 -RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX -xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk -8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q -ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i -5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe -GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE -_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k -zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf -S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU -LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw -hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W -nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP -bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN -JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk -Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y -J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP -mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF \ No newline at end of file +yf1wUdfxbhVQQq5UF8hzWB_01VVrRIkC8BaLT7NMTrmv30RsMj3lvlaX3_CnVC1emYgmiUfWnT7k +brk0m-URJAKM8Pm6PrnOyKlx3U7NS8HVcFdKpVm_bx0CFsA3eY2NGe-D0gd35V1MohCbABZ8G2a6 +AgE7QmToHCwclXW_goK5P7lmJX1HaMVAIydMreP1m9sSR4UboRlvkH6VsMM1H1Y9ZhhXF--RkWAM +EcIspNTQE4ef3ZvYtSzuWssGZP8Hjo4XJlXz1uCSkyczw0IR19n-lspF9S0cIMro6QqvJsyjyjRo +UdYgxdwmQ_st4P43TZ8YEBQyE8r7VUoh_EqUx9ldilxGA0kBOQcTdtd805Kf98grXiQXeT-8UD1L +02aLzbz8Md7f8foGS1oGLfoImdjYCzOOZs3qHmKSb6YoHY8VcBCxIEfCznYl8wLYLRsSZ0tV4SAM +qCM_KHOM0HOZrNfSSAW5ZVZb67U9NI9SLFRV8gkmqxMspfjSLJCyHhq0D6RMECSpeAeVgoh6SWDw +mBSXunY5ZWVzdUyEezjCcl3NqTahrlfMSV5xkfUmSNFe_WW9rIXF0vD6MHAEW62yA1OA8WoMUqp2 +VKkUzWGVGAdMvbU52D6hqmGXER44kxAHVgEwPdhQhqgk4BpjR2v9ozQ6E_xNGkSRnriNB-H6BSN0 +vZa0pNJfvmBCjwGeoyRbCJrN1grLoDHQ3_6g-IwsD3NugKp6SHxUgfiPAUMGz-J2ZdbAlU0SNQgM +8gn6_cOaXvhqHBwh9SfT4jXyuCJru0zw3pyOjuw6fLMezvJDPvFfIgWllzc2IQ7_bufMZgCr2yAe +O-nBzsXK8aqItzCti53sZLSM1YC6OuRaiIt2i0yTVa7koFYSFhyELqEco5cFKMs0c6SrgIxnRrBT +x0RPXIyLdiRr76uP2wxL8KDfJ1vbCKi1xkZRchvQfm3ssgpzXVz8lnZ-HxacEhhAfGdDV56ZgRhu +5UVQd2RdP9JVpnXRJPhVwlQeQlrIXWHp01efBPRMTZQd2lpaNqn5v5chzpi9bbM3P3-BLxnN2NID +dv1E9Ox7MH-m3IQT9yFUi-UrDxAId4dnpgeCvyxhfnc1HJ9B71x9wmryC9PJWiKs3K-T_eC9pR4o +eN5PUZZ7arwdMUmzqKPNAtyMqaJCWfD3GZ1KsC8OV5Ze0DRQZPeT3IHg2BUC1NGj2SdjcwaGP_zl +uytFZWN7kQjnI4brorkO_jzjf7SEPCO7Vy2Z2vikIv7O8bSWZWDGYCcxUoYigFYcjZFirRYr3Yvl +YZU-F_qh6ZvrVxStSpz6iYDAzPW9v4ZyLSHyWe5H2AN89uRdnvag1769KpjsmGVYbn5jabgCJFs8 +EL7rxymrXri5cKsGH8XC1E0a-kP6vvhdHJhx5eFsFmKJaWh3RCJ8_I5CSzSRsK8JvE1Z6nGFn_SI +dpeNjf66lbm4y68loUh5Q4BDce3YaCT1gHmluBzXnv1vFzuvJ2jcVyq-nUDjdTqvM9okW8Prmt7l +ttQ3MVZI4rd-tXJfV4lxaI6wF4LIwiMJmY2tiCHoJ5nbLfHvMG7G5K1NAbizPltQxURPiMPZeCDZ +15SXI9vdCR-FyQikzp1hUUMMqz231-6BDDTKMOXpicQRQ0CHpEfxY4Rq3mu0QmRi-EIs6JAzfuLi +ba7fbfHnkhl3GWkj0CVZD8uDbzJceSTHICqVt-3qECUSG3ZfsuebWAEWED_xQoXyAL7kK8fMOPwl +m6qEk4z7boiJSrcQ2ZIdyPs2bZNvlv4wYg0F3BhFf2HeCYwR3BKXQGlDXGOAD5GuRpHHBch9JfVa +iUbvCEF23mee633C_K4zCaaVR9UqXMefzqFxSsobMp3heo3eIcQzLhe2SL2xpI9TbsvN2N4c9UMk +_TnQBHiYBgPxtB_j8bnVu7C__lTTpPKYLpUPxgWEIzljZzbkF37QQ1XtAc2EzcOi2FT4qsjlNgPw +PbL6ZihWEYZrZUilTSLzzjcQDLzoaF6BL2LOOS-Uju-B7COhcSMc0JLYOob6RDBE9T6HUMuZ diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 index 023e2eaac6..5737e48796 100644 Binary files a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 and b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 differ diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props index 78e4e71dc6..59593a501a 100644 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props +++ b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props @@ -2,13 +2,13 @@ # Properties Generated by AT&T Certificate Manager # @copyright 2016, AT&T ############################################################ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US cadi_keyfile=/opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile cadi_keystore=/opt/app/aai-resources/resources/aaf/org.onap.aai.p12 -cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV -#cadi_key_password=enc: +cadi_keystore_password=enc:nF3D1h00vVoLZkCnFtTCJAiH6maEiA3933rI3ctap9Ggjlm2SMg_dxk6ui9iiDwr +#cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL cadi_alias=aai@aai.onap.org cadi_truststore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -cadi_truststore_password=enc:s77wlnZFoQ08NhnU3OSeWO6uKgRwC6sAK-wTvVubNz2 +cadi_truststore_password=enc:8BxmWFFRI9wcf2jVixnfdK2GPI4veaXofZ65fcYThHv cadi_loglevel=INFO cadi_bath_convert=/opt/app/aai-resources/resources/aaf/bath_config.csv diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaiconfig.properties b/kubernetes/aai/charts/aai-resources/resources/config/aaiconfig.properties index 4b5ab07395..f2e7caaa29 100644 --- a/kubernetes/aai/charts/aai-resources/resources/config/aaiconfig.properties +++ b/kubernetes/aai/charts/aai-resources/resources/config/aaiconfig.properties @@ -69,7 +69,7 @@ aai.logging.trace.logresponse=false aai.transaction.logging=true aai.transaction.logging.get=false -aai.transaction.logging.post=false +aai.transaction.logging.post=true aai.realtime.clients={{ .Values.global.config.realtime.clients }} diff --git a/kubernetes/aai/charts/aai-resources/resources/config/application.properties b/kubernetes/aai/charts/aai-resources/resources/config/application.properties index c8648e499e..7237c56536 100644 --- a/kubernetes/aai/charts/aai-resources/resources/config/application.properties +++ b/kubernetes/aai/charts/aai-resources/resources/config/application.properties @@ -40,9 +40,9 @@ server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties server.port=8447 server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 -server.ssl.key-store=${server.local.startpath}etc/auth/{{ .Values.global.config.keystore.filename }} +server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) -server.ssl.trust-store=${server.local.startpath}etc/auth/{{ .Values.global.config.truststore.filename }} +server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) server.ssl.client-auth=want server.ssl.key-store-type=JKS @@ -81,3 +81,14 @@ schema.version.edge.label.start={{ .Values.global.config.schema.version.edge.lab # Specifies the version that the application should default to schema.version.api.default={{ .Values.global.config.schema.version.api.default }} +schema.translator.list={{ .Values.global.config.schema.translator.list }} +schema.service.base.url=https://aai-schema-service.{{ include "common.namespace" . }}:8452/aai/schema-service/v1/ +schema.service.nodes.endpoint=nodes?version= +schema.service.edges.endpoint=edgerules?version= +schema.service.versions.endpoint=versions +schema.service.client={{ .Values.global.config.schema.service.client }} + +schema.service.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} +schema.service.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} +schema.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) +schema.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) diff --git a/kubernetes/aai/charts/aai-resources/resources/config/logback.xml b/kubernetes/aai/charts/aai-resources/resources/config/logback.xml index 9a7216cfde..0afc6f9c20 100644 --- a/kubernetes/aai/charts/aai-resources/resources/config/logback.xml +++ b/kubernetes/aai/charts/aai-resources/resources/config/logback.xml @@ -1,356 +1,267 @@ - - - - - - - - - - - - - - - - - - - %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx} - - - - - ${logDirectory}/rest/sane.log - - ${logDirectory}/rest/sane.log.%d{yyyy-MM-dd} - - - %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n - - - - - 1000 - true - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/rest/metrics.log - - ${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd} - - - - ${eelfMetricLogPattern} - - - - 1000 - true - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/rest/debug.log - - ${logDirectory}/rest/debug.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - 1000 - true - - - - - WARN - - ${logDirectory}/rest/error.log - - ${logDirectory}/rest/error.log.%d{yyyy-MM-dd} - - - - ${eelfErrorLogPattern} - - - - 1000 - true - - - - ${logDirectory}/rest/audit.log - - ${logDirectory}/rest/audit.log.%d{yyyy-MM-dd} - - - - ${eelfAuditLogPattern} - - - - 1000 - true - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/rest/translog.log - - ${logDirectory}/rest/translog.log.%d{yyyy-MM-dd} - - - - ${eelfTransLogPattern} - - - - 1000 - true - - - - - WARN - - ${logDirectory}/dmaapAAIEventConsumer/error.log - - ${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/dmaapAAIEventConsumer/debug.log - - ${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/dmaapAAIEventConsumer/metrics.log - - ${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd} - - - - ${eelfMetricLogPattern} - - - - - WARN - - ${logDirectory}/external/external.log - - ${logDirectory}/external/external.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${logDirectory}/perf-audit/Audit-${lrmRVer}-${lrmRO}-${Pid}.log - - - ${logDirectory}/perf-audit/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip - - 1 - 9 - - - 5MB - - - "%d [%thread] %-5level %logger{1024} - %msg%n" - - - - - ${logDirectory}/perf-audit/Perform-${lrmRVer}-${lrmRO}-${Pid}.log - - - ${logDirectory}/perf-audit/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip - - 1 - 9 - - - 5MB - - - "%d [%thread] %-5level %logger{1024} - %msg%n" - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - {{ if .Values.global.config.logback.console.enabled }} - - {{ end }} - + + + + + + + + + + + + + + + + + + + %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx} + + + + + ${logDirectory}/rest/sane.log + + ${logDirectory}/rest/sane.log.%d{yyyy-MM-dd} + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + + + 1000 + true + + + + + INFO + ACCEPT + DENY + + ${logDirectory}/rest/metrics.log + + ${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd} + + + + ${eelfMetricLogPattern} + + + + 1000 + true + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/rest/debug.log + + ${logDirectory}/rest/debug.log.%d{yyyy-MM-dd} + + + + ${eelfLogPattern} + + + + 1000 + true + + + + + WARN + + ${logDirectory}/rest/error.log + + ${logDirectory}/rest/error.log.%d{yyyy-MM-dd} + + + + ${eelfErrorLogPattern} + + + + 1000 + true + + + + ${logDirectory}/rest/audit.log + + ${logDirectory}/rest/audit.log.%d{yyyy-MM-dd} + + + + ${eelfAuditLogPattern} + + + + 1000 + true + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/rest/translog.log + + ${logDirectory}/rest/translog.log.%d{yyyy-MM-dd} + + + + ${eelfTransLogPattern} + + + + 1000 + true + + + + + WARN + + ${logDirectory}/dmaapAAIEventConsumer/error.log + + ${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd} + + + + ${eelfLogPattern} + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/dmaapAAIEventConsumer/debug.log + + ${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd} + + + + ${eelfLogPattern} + + + + + INFO + ACCEPT + DENY + + ${logDirectory}/dmaapAAIEventConsumer/metrics.log + + ${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd} + + + + ${eelfMetricLogPattern} + + + + + WARN + + ${logDirectory}/external/external.log + + ${logDirectory}/external/external.log.%d{yyyy-MM-dd} + + + + ${eelfLogPattern} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + {{ if .Values.global.config.logback.console.enabled }} + + {{ end }} + diff --git a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/logback-spring.xml index 4fae434edd..9a08348b0d 100644 --- a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/logback-spring.xml +++ b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/logback-spring.xml @@ -40,9 +40,6 @@ - - - - + \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-resources/resources/rproxy/config/logback-spring.xml index 57bc4e268f..799fd8689b 100644 --- a/kubernetes/aai/charts/aai-resources/resources/rproxy/config/logback-spring.xml +++ b/kubernetes/aai/charts/aai-resources/resources/rproxy/config/logback-spring.xml @@ -34,15 +34,12 @@ - + - - - - + diff --git a/kubernetes/aai/charts/aai-resources/templates/configmap.yaml b/kubernetes/aai/charts/aai-resources/templates/configmap.yaml index b5a7fc562f..0f40d04dae 100644 --- a/kubernetes/aai/charts/aai-resources/templates/configmap.yaml +++ b/kubernetes/aai/charts/aai-resources/templates/configmap.yaml @@ -203,6 +203,14 @@ data: {{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }} --- apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }} +--- +apiVersion: v1 kind: Secret metadata: name: {{ include "common.fullname" . }}-rproxy-auth-config diff --git a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml index cac8f4b89f..9fe4c17cc9 100644 --- a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml @@ -81,6 +81,28 @@ spec: "visualRange": "1", "path": "/aai/v14/cloud-infrastructure" }, + { + "serviceName": "_aai-cloudInfrastructure", + "version": "v15", + "url": "/aai/v15/cloud-infrastructure", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/cloud-infrastructure" + }, + { + "serviceName": "_aai-cloudInfrastructure", + "version": "v16", + "url": "/aai/v16/cloud-infrastructure", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/cloud-infrastructure" + }, { "serviceName": "_aai-business", "version": "v11", @@ -125,6 +147,28 @@ spec: "visualRange": "1", "path": "/aai/v14/business" }, + { + "serviceName": "_aai-business", + "version": "v15", + "url": "/aai/v15/business", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/business" + }, + { + "serviceName": "_aai-business", + "version": "v16", + "url": "/aai/v16/business", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/business" + }, { "serviceName": "_aai-actions", "version": "v11", @@ -169,6 +213,28 @@ spec: "visualRange": "1", "path": "/aai/v14/actions" }, + { + "serviceName": "_aai-actions", + "version": "v15", + "url": "/aai/v15/actions", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/actions" + }, + { + "serviceName": "_aai-actions", + "version": "v16", + "url": "/aai/v16/actions", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/actions" + }, { "serviceName": "_aai-service-design-and-creation", "version": "v11", @@ -212,6 +278,28 @@ spec: "lb_policy":"ip_hash", "visualRange": "1", "path": "/aai/v14/service-design-and-creation" + }, + { + "serviceName": "_aai-service-design-and-creation", + "version": "v15", + "url": "/aai/v15/service-design-and-creation", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/service-design-and-creation" + }, + { + "serviceName": "_aai-service-design-and-creation", + "version": "v16", + "url": "/aai/v16/service-design-and-creation", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/service-design-and-creation" }, { "serviceName": "_aai-network", @@ -257,6 +345,28 @@ spec: "visualRange": "1", "path": "/aai/v14/network" }, + { + "serviceName": "_aai-network", + "version": "v15", + "url": "/aai/v15/network", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/network" + }, + { + "serviceName": "_aai-network", + "version": "v16", + "url": "/aai/v16/network", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/network" + }, { "serviceName": "_aai-externalSystem", "version": "v11", @@ -301,6 +411,28 @@ spec: "visualRange": "1", "path": "/aai/v14/external-system" }, + { + "serviceName": "_aai-externalSystem", + "version": "v15", + "url": "/aai/v15/external-system", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/external-system" + }, + { + "serviceName": "_aai-externalSystem", + "version": "v16", + "url": "/aai/v16/external-system", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/external-system" + }, { "serviceName": "aai-cloudInfrastructure", "version": "v11", @@ -341,6 +473,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-cloudInfrastructure", + "version": "v15", + "url": "/aai/v15/cloud-infrastructure", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-cloudInfrastructure", + "version": "v16", + "url": "/aai/v16/cloud-infrastructure", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-business", "version": "v11", @@ -381,6 +533,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-business", + "version": "v15", + "url": "/aai/v15/business", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-business", + "version": "v16", + "url": "/aai/v16/business", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-actions", "version": "v11", @@ -421,6 +593,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-actions", + "version": "v15", + "url": "/aai/v15/actions", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-actions", + "version": "v16", + "url": "/aai/v16/actions", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-service-design-and-creation", "version": "v11", @@ -461,6 +653,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-service-design-and-creation", + "version": "v15", + "url": "/aai/v15/service-design-and-creation", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-service-design-and-creation", + "version": "v16", + "url": "/aai/v16/service-design-and-creation", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-network", "version": "v11", @@ -501,6 +713,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-network", + "version": "v15", + "url": "/aai/v15/network", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-network", + "version": "v16", + "url": "/aai/v16/network", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-externalSystem", "version": "v11", @@ -540,6 +772,26 @@ spec: "enable_ssl": true, "lb_policy":"ip_hash", "visualRange": "1" + }, + { + "serviceName": "aai-externalSystem", + "version": "v15", + "url": "/aai/v15/external-system", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-externalSystem", + "version": "v16", + "url": "/aai/v16/external-system", + "protocol": "REST", + "port": "8447", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" } ]' spec: @@ -563,6 +815,8 @@ spec: args: - --container-name - aai-cassandra + - --container-name + - aai-schema-service {{ end }} env: - name: NAMESPACE @@ -670,7 +924,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} @@ -692,6 +946,8 @@ spec: name: {{ include "common.fullname" . }}-logs - mountPath: /usr/share/filebeat/data name: {{ include "common.fullname" . }}-filebeat + resources: +{{ include "common.resources" . }} {{ if .Values.global.installSidecarSecurity }} - name: {{ .Values.global.rproxy.name }} image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}" @@ -719,15 +975,15 @@ spec: - name: {{ include "common.fullname" . }}-rproxy-log-config mountPath: /opt/app/rproxy/config/logback-spring.xml subPath: logback-spring.xml + - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + mountPath: /opt/app/rproxy/config/auth/uri-authorization.json + subPath: uri-authorization.json - name: {{ include "common.fullname" . }}-rproxy-auth-config mountPath: /opt/app/rproxy/config/auth/tomcat_keystore subPath: tomcat_keystore - name: {{ include "common.fullname" . }}-rproxy-auth-config mountPath: /opt/app/rproxy/config/auth/client-cert.p12 subPath: client-cert.p12 - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/uri-authorization.json - subPath: uri-authorization.json - name: {{ include "common.fullname" . }}-rproxy-auth-config mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks subPath: aaf_truststore.jks @@ -815,7 +1071,7 @@ spec: name: {{ include "common.fullname" . }}-realm-configmap - name: {{ include "common.fullname" . }}-auth-truststore-sec secret: - secretName: aai-auth-truststore-secret + secretName: aai-common-truststore items: {{ range $job := .Values.global.config.auth.files }} - key: {{ . }} @@ -831,6 +1087,9 @@ spec: - name: {{ include "common.fullname" . }}-rproxy-log-config configMap: name: {{ include "common.fullname" . }}-rproxy-log-config + - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config + configMap: + name: {{ include "common.fullname" . }}-rproxy-uri-auth-config - name: {{ include "common.fullname" . }}-rproxy-auth-config secret: secretName: {{ include "common.fullname" . }}-rproxy-auth-config diff --git a/kubernetes/aai/charts/aai-resources/values.yaml b/kubernetes/aai/charts/aai-resources/values.yaml index e0a1156461..66a57d6389 100644 --- a/kubernetes/aai/charts/aai-resources/values.yaml +++ b/kubernetes/aai/charts/aai-resources/values.yaml @@ -18,11 +18,11 @@ global: # global defaults nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 # application image repository: nexus3.onap.org:10001 -image: onap/aai-resources:1.3.4 +image: onap/aai-resources:1.4-STAGING-latest pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/charts/aai-schema-service/.helmignore b/kubernetes/aai/charts/aai-schema-service/.helmignore new file mode 100644 index 0000000000..daebc7da77 --- /dev/null +++ b/kubernetes/aai/charts/aai-schema-service/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/dmaap/charts/dmaap-data-router/Chart.yaml b/kubernetes/aai/charts/aai-schema-service/Chart.yaml similarity index 83% rename from kubernetes/dmaap/charts/dmaap-data-router/Chart.yaml rename to kubernetes/aai/charts/aai-schema-service/Chart.yaml index 07de3beccf..af462f03fa 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/Chart.yaml +++ b/kubernetes/aai/charts/aai-schema-service/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,7 +12,8 @@ # See the License for the specific language governing permissions and # limitations under the License. + apiVersion: v1 -description: ONAP DMaaP Data Router -name: dmaap-data-router -version: 1.0 +description: ONAP AAI Schema Service +name: aai-schema-service +version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-schema-service/config/aaiconfig.properties b/kubernetes/aai/charts/aai-schema-service/config/aaiconfig.properties new file mode 100644 index 0000000000..2172d715de --- /dev/null +++ b/kubernetes/aai/charts/aai-schema-service/config/aaiconfig.properties @@ -0,0 +1,43 @@ +# +# ============LICENSE_START======================================================= +# org.onap.aai +# ================================================================================ +# Copyright © 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +aai.server.url.base=https://aai.{{ include "common.namespace" . }}:8443/aai/ +aai.server.url=https://aai.{{ include "common.namespace" . }}:8443/aai/{{ .Values.global.config.schema.version.api.default }}/ +aai.global.callback.url=https://aai.{{ include "common.namespace" . }}:8443/aai/ + +{{ if .Values.global.config.basic.auth.enabled }} +aai.tools.enableBasicAuth=true +aai.tools.username={{ .Values.global.config.basic.auth.username }} +aai.tools.password={{ .Values.global.config.basic.auth.passwd }} +{{ end }} + +aai.truststore.filename={{ .Values.global.config.truststore.filename }} +aai.truststore.passwd.x={{ .Values.global.config.truststore.passwd }} +aai.keystore.filename={{ .Values.global.config.keystore.filename }} +aai.keystore.passwd.x={{ .Values.global.config.keystore.passwd }} + +aai.default.api.version={{ .Values.global.config.schema.version.api.default }} + +aai.logging.trace.enabled=true +aai.logging.trace.logrequest=false +aai.logging.trace.logresponse=false + +aai.transaction.logging=true +aai.transaction.logging.get=false +aai.transaction.logging.post=false diff --git a/kubernetes/aai/charts/aai-schema-service/config/application.properties b/kubernetes/aai/charts/aai-schema-service/config/application.properties new file mode 100644 index 0000000000..7b9312ff15 --- /dev/null +++ b/kubernetes/aai/charts/aai-schema-service/config/application.properties @@ -0,0 +1,70 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# The following info parameters are being referenced by ajsc6 +info.build.artifact=aai-schema-service +info.build.name=schema-service +info.build.description=Schema Service Microservice +info.build.version=1.1.0 + +spring.application.name=aai-schema-service +spring.jersey.type=filter + +server.contextPath=/ +spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration + +spring.profiles.active={{ .Values.global.config.profiles.active }} +spring.jersey.application-path=${schema.uri.base.path} +server.tomcat.max-threads=200 +server.tomcat.min-Spare-Threads=25 +server.tomcat.max-idle-time=60000 + +server.local.startpath=aai-schema-service/src/main/resources/ +server.basic.auth.location=${server.local.startpath}/etc/auth/realm.properties + +server.port=8452 +server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 +server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} +server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) +server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} +server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) +server.ssl.client-auth=want +server.ssl.key-store-type=JKS + +schema.configuration.location=N/A +schema.source.name={{ .Values.global.config.schema.source.name }} +schema.nodes.location=${server.local.startpath}/schema/${schema.source.name}/oxm/ +schema.edges.location=${server.local.startpath}/schema/${schema.source.name}/dbedgerules/ +schema.query.location=${server.local.startpath}/schema/${schema.source.name}/query/ + +schema.ingest.file=${server.local.startpath}/application.properties + +# Schema Version Related Attributes +schema.uri.base.path={{ .Values.global.config.schema.uri.base.path }}/schema-service +# Lists all of the versions in the schema +schema.version.list={{ .Values.global.config.schema.version.list }} +# Specifies from which version should the depth parameter to default to zero +schema.version.depth.start={{ .Values.global.config.schema.version.depth }} +# Specifies from which version should the related link be displayed in response payload +schema.version.related.link.start={{ .Values.global.config.schema.version.related.link }} + +# Specifies from which version should the client see only the uri excluding host info +# Before this version server base will also be included +schema.version.app.root.start={{ .Values.global.config.schema.version.app.root }} +# Specifies from which version should the namespace be changed +schema.version.namespace.change.start={{ .Values.global.config.schema.version.namespace.change }} +# Specifies from which version should the client start seeing the edge label in payload +schema.version.edge.label.start={{ .Values.global.config.schema.version.edge.label }} +# Specifies the version that the application should default to +schema.version.api.default={{ .Values.global.config.schema.version.api.default }} diff --git a/kubernetes/aai/charts/aai-schema-service/config/localhost-access-logback.xml b/kubernetes/aai/charts/aai-schema-service/config/localhost-access-logback.xml new file mode 100644 index 0000000000..447f2390b1 --- /dev/null +++ b/kubernetes/aai/charts/aai-schema-service/config/localhost-access-logback.xml @@ -0,0 +1,58 @@ + + + + + ${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log + + ${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd} + + + + %a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D + + + + + + diff --git a/kubernetes/aai/charts/aai-schema-service/config/logback.xml b/kubernetes/aai/charts/aai-schema-service/config/logback.xml new file mode 100644 index 0000000000..f10546ac69 --- /dev/null +++ b/kubernetes/aai/charts/aai-schema-service/config/logback.xml @@ -0,0 +1,237 @@ + + + + + + + + + + + + + + + + + + + %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx} + + + + + ${logDirectory}/rest/sane.log + + ${logDirectory}/rest/sane.log.%d{yyyy-MM-dd} + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + + + 1000 + true + + + + + INFO + ACCEPT + DENY + + ${logDirectory}/rest/metrics.log + + ${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd} + + + + ${eelfMetricLogPattern} + + + + 1000 + true + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/rest/debug.log + + ${logDirectory}/rest/debug.log.%d{yyyy-MM-dd} + + + + ${eelfLogPattern} + + + + 1000 + true + + + + + WARN + + ${logDirectory}/rest/error.log + + ${logDirectory}/rest/error.log.%d{yyyy-MM-dd} + + + + ${eelfErrorLogPattern} + + + + 1000 + true + + + + ${logDirectory}/rest/audit.log + + ${logDirectory}/rest/audit.log.%d{yyyy-MM-dd} + + + + ${eelfAuditLogPattern} + + + + 1000 + true + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/rest/translog.log + + ${logDirectory}/rest/translog.log.%d{yyyy-MM-dd} + + + + ${eelfTransLogPattern} + + + + 1000 + true + + + + + WARN + + ${logDirectory}/dmaapAAIEventConsumer/error.log + + ${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd} + + + + ${eelfLogPattern} + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/dmaapAAIEventConsumer/debug.log + + ${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd} + + + + ${eelfLogPattern} + + + + + INFO + ACCEPT + DENY + + ${logDirectory}/dmaapAAIEventConsumer/metrics.log + + ${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd} + + + + ${eelfMetricLogPattern} + + + + + WARN + + ${logDirectory}/external/external.log + + ${logDirectory}/external/external.log.%d{yyyy-MM-dd} + + + + ${eelfLogPattern} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + {{ if .Values.global.config.logback.console.enabled }} + + {{ end }} + + diff --git a/kubernetes/aai/charts/aai-schema-service/config/realm.properties b/kubernetes/aai/charts/aai-schema-service/config/realm.properties new file mode 100644 index 0000000000..988bb2411b --- /dev/null +++ b/kubernetes/aai/charts/aai-schema-service/config/realm.properties @@ -0,0 +1,22 @@ +AAI:OBF:1gfr1ev31gg7,admin +MSO:OBF:1jzx1lz31k01,admin +SDNC:OBF:1itr1i0l1i151isv,admin +DCAE:OBF:1g8u1f9d1f991g8w,admin +POLICY:OBF:1mk61i171ima1im41i0j1mko,admin +ASDC:OBF:1f991j0u1j001f9d,admin +VID:OBF:1jm91i0v1jl9,admin +APPC:OBF:1f991ksf1ksf1f9d,admin +ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin +AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin +OOF:OBF:1img1ke71ily,admin +aai@aai.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin +so@so.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin +sdnc@sdnc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin +dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin +policy@policy.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin +sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin +vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin +appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin +oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin +pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin +vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin diff --git a/kubernetes/aai/charts/aai-schema-service/templates/configmap.yaml b/kubernetes/aai/charts/aai-schema-service/templates/configmap.yaml new file mode 100644 index 0000000000..91a831a557 --- /dev/null +++ b/kubernetes/aai/charts/aai-schema-service/templates/configmap.yaml @@ -0,0 +1,78 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "config/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-localhost-access-log-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "config/localhost-access-logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-aaiconfig-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "config/aaiconfig.properties").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-springapp-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "config/application.properties").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-realm-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "config/realm.properties").AsConfig . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-schema-service/templates/deployment.yaml b/kubernetes/aai/charts/aai-schema-service/templates/deployment.yaml new file mode 100644 index 0000000000..bd9a85fec2 --- /dev/null +++ b/kubernetes/aai/charts/aai-schema-service/templates/deployment.yaml @@ -0,0 +1,155 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: LOCAL_USER_ID + value: {{ .Values.global.config.userId | quote }} + - name: LOCAL_GROUP_ID + value: {{ .Values.global.config.groupId | quote }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/aai-schema-service/resources/etc/appprops/aaiconfig.properties + name: aaiconfig-conf + subPath: aaiconfig.properties + - mountPath: /opt/aai/logroot/AAI-SCHEMA-SERVICE + name: {{ include "common.fullname" . }}-logs + - mountPath: /opt/app/aai-schema-service/resources/logback.xml + name: {{ include "common.fullname" . }}-log-conf + subPath: logback.xml + - mountPath: /opt/app/aai-schema-service/resources/localhost-access-logback.xml + name: localhost-access-log-conf + subPath: localhost-access-logback.xml + - mountPath: /opt/app/aai-schema-service/resources/etc/auth/realm.properties + name: realm-conf + subPath: realm.properties + - mountPath: /opt/app/aai-schema-service/resources/application.properties + name: springapp-conf + subPath: application.properties + {{ $global := . }} + {{ range $job := .Values.global.config.auth.files }} + - mountPath: /opt/app/aai-schema-service/resources/etc/auth/{{ . }} + name: auth-truststore-sec + subPath: {{ . }} + {{ end }} + ports: + - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.internalPort2 }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + + # side car containers + - name: filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + name: filebeat-conf + - mountPath: /var/log/onap + name: {{ include "common.fullname" . }}-logs + - mountPath: /usr/share/filebeat/data + name: {{ include "common.fullname" . }}-filebeat + volumes: + - name: aai-common-aai-auth-mount + secret: + secretName: aai-common-aai-auth + - name: localtime + hostPath: + path: /etc/localtime + - name: filebeat-conf + configMap: + name: aai-filebeat + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + - name: {{ include "common.fullname" . }}-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: localhost-access-log-conf + configMap: + name: {{ include "common.fullname" . }}-localhost-access-log-configmap + - name: springapp-conf + configMap: + name: {{ include "common.fullname" . }}-springapp-configmap + - name: aaiconfig-conf + configMap: + name: {{ include "common.fullname" . }}-aaiconfig-configmap + - name: realm-conf + configMap: + name: {{ include "common.fullname" . }}-realm-configmap + - name: auth-truststore-sec + secret: + secretName: aai-common-truststore + items: + {{ range $job := .Values.global.config.auth.files }} + - key: {{ . }} + path: {{ . }} + {{ end }} + restartPolicy: {{ .Values.restartPolicy }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/service.yaml b/kubernetes/aai/charts/aai-schema-service/templates/service.yaml similarity index 51% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/service.yaml rename to kubernetes/aai/charts/aai-schema-service/templates/service.yaml index 53fed469f9..d1199125d2 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/service.yaml +++ b/kubernetes/aai/charts/aai-schema-service/templates/service.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 Amdocs, Bell Canada, AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ apiVersion: v1 kind: Service metadata: - name: {{.Values.global.config.mariadb.name}} + name: {{ include "common.servicename" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -23,16 +23,22 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: - type: {{.Values.global.config.mariadb.servicetype}} + type: {{ .Values.service.type }} ports: - {{if eq .Values.global.config.mariadb.servicetype "NodePort" -}} - - port: {{.Values.global.config.mariadb.internalPort}} - nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} - {{- else -}} - - port: {{.Values.global.config.mariadb.externalPort}} - targetPort: {{.Values.global.config.mariadb.internalPort}} - {{- end}} - name: {{.Values.global.config.mariadb.name}} + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + - port: {{ .Values.service.internalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.portName2 }} + {{- else -}} + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + - port: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName2 }} + {{- end}} selector: app: {{ include "common.name" . }} - release: {{ .Release.Name }} \ No newline at end of file + release: {{ .Release.Name }} + clusterIP: None diff --git a/kubernetes/aai/charts/aai-schema-service/values.yaml b/kubernetes/aai/charts/aai-schema-service/values.yaml new file mode 100644 index 0000000000..cb8ac55803 --- /dev/null +++ b/kubernetes/aai/charts/aai-schema-service/values.yaml @@ -0,0 +1,90 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Default values for resources. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +global: # global defaults + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.2 + +# application image +repository: nexus3.onap.org:10001 +image: onap/aai-schema-service:1.0-STAGING-latest +pullPolicy: Always +restartPolicy: Always +flavor: small +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 60 + periodSeconds: 60 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: false + +readiness: + initialDelaySeconds: 60 + periodSeconds: 10 + +service: + type: ClusterIP + portName: aai-schema-service-8452 + internalPort: 8452 + portName2: aai-schema-service-5005 + internalPort2: 5005 + +ingress: + enabled: false + + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi +resources: + small: + limits: + cpu: 2 + memory: 4Gi + requests: + cpu: 1 + memory: 3Gi + large: + limits: + cpu: 4 + memory: 8Gi + requests: + cpu: 2 + memory: 4Gi + unlimited: {} diff --git a/kubernetes/aai/charts/aai-search-data/Chart.yaml b/kubernetes/aai/charts/aai-search-data/Chart.yaml index f0f24db189..9cf35239a0 100644 --- a/kubernetes/aai/charts/aai-search-data/Chart.yaml +++ b/kubernetes/aai/charts/aai-search-data/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAI search-data name: aai-search-data -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-search-data/resources/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-search-data/resources/config/auth/tomcat_keystore index 9eec841aa2..842afebdf9 100644 Binary files a/kubernetes/aai/charts/aai-search-data/resources/config/auth/tomcat_keystore and b/kubernetes/aai/charts/aai-search-data/resources/config/auth/tomcat_keystore differ diff --git a/kubernetes/aai/charts/aai-search-data/resources/config/elastic-search.properties b/kubernetes/aai/charts/aai-search-data/resources/config/elastic-search.properties index 809b22b074..6232c149bc 100644 --- a/kubernetes/aai/charts/aai-search-data/resources/config/elastic-search.properties +++ b/kubernetes/aai/charts/aai-search-data/resources/config/elastic-search.properties @@ -17,3 +17,9 @@ es.cluster-name=ES_AAI es.ip-address=aai-elasticsearch.{{.Release.Namespace}} es.http-port={{ .Values.config.elasticsearchHttpPort }} +es.uri-scheme=https +es.auth-user=admin +es.auth-password=OBF:1u2a1toa1w8v1tok1u30 +es.trust-store=auth/tomcat_keystore +es.trust-store-password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + diff --git a/kubernetes/aai/charts/aai-search-data/templates/deployment.yaml b/kubernetes/aai/charts/aai-search-data/templates/deployment.yaml index e68a205319..1d39d4e1d9 100644 --- a/kubernetes/aai/charts/aai-search-data/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-search-data/templates/deployment.yaml @@ -93,7 +93,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} diff --git a/kubernetes/aai/charts/aai-search-data/templates/secret.yaml b/kubernetes/aai/charts/aai-search-data/templates/secret.yaml index 77b3ce2d2c..ee32e19218 100644 --- a/kubernetes/aai/charts/aai-search-data/templates/secret.yaml +++ b/kubernetes/aai/charts/aai-search-data/templates/secret.yaml @@ -17,6 +17,11 @@ kind: Secret metadata: name: {{ include "common.fullname" . }}-keystone namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} type: Opaque data: {{ tpl (.Files.Glob "resources/config/auth/tomcat_keystore").AsSecrets . | indent 2 }} @@ -26,5 +31,10 @@ kind: Secret metadata: name: {{ include "common.fullname" . }}-policy namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/auth/search_policy.json").AsSecrets . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-search-data/values.yaml b/kubernetes/aai/charts/aai-search-data/values.yaml index 6795fae485..2a999b8a0c 100644 --- a/kubernetes/aai/charts/aai-search-data/values.yaml +++ b/kubernetes/aai/charts/aai-search-data/values.yaml @@ -18,7 +18,7 @@ global: # global defaults nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 # application image diff --git a/kubernetes/aai/charts/aai-sparky-be/Chart.yaml b/kubernetes/aai/charts/aai-sparky-be/Chart.yaml index 5ba96af086..e10a0b917e 100644 --- a/kubernetes/aai/charts/aai-sparky-be/Chart.yaml +++ b/kubernetes/aai/charts/aai-sparky-be/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAI sparky-be name: aai-sparky-be -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-schema-prod.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-schema-prod.properties index 98c7abd59c..c7f6bbc1d3 100644 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-schema-prod.properties +++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-schema-prod.properties @@ -13,3 +13,16 @@ # limitations under the License. oxm.schemaNodeDir=/opt/app/sparky/onap/oxm +#schemaServiceTranslator is used to define whether to retreive the oxm from schema service microservice or read from the disk, possible values are schema-service/config +oxm.schemaServiceTranslatorList=config +# The end point for onap is https://:/onap/schema-service/v1/ +oxm.schemaServiceBaseUrl=https:///aai/schema-service/v1/ +oxm.schemaServiceKeystore=file:${CONFIG_HOME}/auth/aai-client-cert.p12 +oxm.schemaServiceTruststore=file:${CONFIG_HOME}/auth/tomcat_keystore +oxm.schemaServiceKeystorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o +oxm.schemaServiceTruststorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o + + + +# Schema Service need this variable for the time being +spring.applicationName=sparky diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/application.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/application.properties index da4812c646..108f9ef7b5 100644 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/application.properties +++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/application.properties @@ -24,8 +24,12 @@ spring.mvc.favicon.enabled=false spring.profiles.active=camel,ssl,fe-prod,oxm-schema-prod,oxm-default,resources,sync,portal +portal.cadiFileLocation={{.Values.config.cadiFileLocation}} +portal.cadiFileLocation={{.Values.config.cadiFileLocation}} searchservice.hostname={{.Values.global.searchData.serviceName}} searchservice.port=9509 searchservice.client-cert=client-cert-onap.p12 searchservice.client-cert-password=1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 searchservice.truststore=tomcat_keystore + +schema.ingest.file=${CONFIG_HOME}/schemaIngest.properties diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties new file mode 100644 index 0000000000..67268e33e2 --- /dev/null +++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties @@ -0,0 +1 @@ +cipher.enc.key=AGLDdG4D04BKm2IxIWEr8o==! diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties index aa16b1b3ce..546955f98a 100644 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties +++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties @@ -18,7 +18,7 @@ ################################################################################ # Java class that implements the ECOMP role and user mgt API -portal.api.impl.class = org.onap.aai.sparky.security.portal.PortalRestAPIServiceImpl +portal.api.impl.class = org.onap.aai.sparky.security.portal.PortalRestAPICentralServiceImpl # Instance of ECOMP Portal where the app has been on-boarded # use insecure http for dev purposes to avoid self-signed certificate @@ -35,4 +35,13 @@ csp_gate_keeper_prod_key = PROD # Toggles use of UEB ueb_listeners_enable = false # IDs application withing UEB flow -ueb_app_key = qFKles9N8gDTV0Zc +ueb_app_key = ueb_key_7 +# Use this tag if the app is centralized +role_access_centralized=remote + +# Connection and Read timeout values +ext_req_connection_timeout=15000 +ext_req_read_timeout=20000 + +#Add AAF namespace if the app is centralized +auth_namespace={{.Values.config.aafNamespace}} diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/cadi.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/cadi.properties new file mode 100644 index 0000000000..41a49a0ed7 --- /dev/null +++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/cadi.properties @@ -0,0 +1,45 @@ +# Configure AAF +aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 +aaf_url=<%=https://AAF_LOCATE_URL/AAF_NS.service:2.0 + +#aaf_url=https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=2.0/envContext=TEST/routeOffer=BAU_SE +# AAF Environment Designation + +#if you are running aaf service from a docker image you have to use aaf service IP and port number +aaf_id={{.Values.config.aafUsername}} +#Encrypt the password using AAF Jar +aaf_password={{.Values.config.aafPassword}} +# Sample CADI Properties, from CADI 1.4.2 +#hostname=org.onap.aai.orr +csp_domain=PROD +# Add Absolute path to Keyfile +cadi_keyfile={{.Values.config.cadiKeyFile}} + +# This is required to accept Certificate Authentication from Certman certificates. +# can be TEST, IST or PROD +aaf_env=DEV + +# DEBUG prints off all the properties. Use to get started. +cadi_loglevel=DEBUG + +# Add Absolute path to truststore2018.jks +cadi_truststore={{.Values.config.cadiTrustStore}} +# Note: This is the ONLY password that doesn't have to be encrypted. All Java's TrustStores are this passcode by default, because they are public certs +cadi_truststore_password={{.Values.config.cadiTrustStorePassword}} + +# how to turn on SSL Logging +#javax.net.debug=ssl + +# Use "maps.bing.com" to get Lat and Long for an Address +AFT_LATITUDE=32.780140 +AFT_LONGITUDE=-96.800451 +AFT_ENVIRONMENT=AFTUAT +AFT_DME2_CLIENT_IGNORE_SSL_CONFIG=true +DME2.DEBUG=true +AFT_DME2_HTTP_EXCHANGE_TRACE_ON=true + +cadi_latitude=32.780140 +cadi_longitude=-96.800451 + +aaf_root_ns=com.att.aaf +aaf_api_version=2.0 diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/keyFile b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/keyFile new file mode 100644 index 0000000000..921ce6714a --- /dev/null +++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/keyFile @@ -0,0 +1,27 @@ +77E_fh-8gTjeg8egAo-JgNkXYm1FGEBPMo44vKPgKyGCJj9Dn0xJqIBct2Ko35X4_HSU3wPq3I2q +YHIvJCjmzXTVu2zvu4rIGTlwycTtLGDkgPyhOYFytv4GgazbpSs9331MPUeVVrdpkDCQmjtHSB4m +DThhfEe2lkbZ35ljX3sVSf3JDy4ngRot0ktQwnnY4vxFdgVUl7LzVinXWgFLoqMyXmKh_bGw9aUH +VMgqFsF_YmqLZY5ZARAraeywktvrU5kXYh5SnfXoJy7XIk0TBjHKqO-1mW-TcIgS3_v6GIGkZnpq +e1FyE8cS21gTPFlc1KDoWUZE2yoEsQKJc4RFWfjid_mE6nckxym1TOsEn3G2_TlkZvliN_QMDB_c +RuFLDB9HCChm4YYHpSn-RBqtJFz29bMTHQX8VNVfZ_Zhh-4dWOlEfpSzJvAqm_boo-8y8YDGIusx +mvKyPXEKVCuBOljHaKhYg0d43nAXIFsssKpjmtQizA2L_TP1Mo_lDFIlCsPcRlHKTvzkTstEAhRj +JnepzA--olBMwBkPxjm1Y5XQBGZH72i_o4Hr7_NqHb9sP486I2Nd1-owjHkhacGrLO1oORnuBUxp +_SnaXYywe9tTz3BcfFupXSoDv4Sj7g9B53yPIWmjGggigidql3SNJsui6qOtwDHOejzEDFm23Lj7 +fXD6sb52U_ul9ahi4CoLTzpvMsPRYOqyRCk8K8FVBauZbG5D42oaFPn0S0rCSHOCU1TXbRdTF-Cs +I2R0pEHNgb33yx6vtInaTSYIQ5cxa3XDA_50AQearV5SuYSlp8dK0BkpVCKgvSQdTn-2WiaV_hvO +KzG7D2adT1kYY6TjYMXIaUiJ33y1XSNDG0s6r4NG5dNE6Jj7thdpnV-AAZoi0uZh1_bsHKLVmHRr +NCXAc6DZm1D4N9y5lOJwUprUlJisZXLFTQThGMRY5dtiY_eK9Xjj4FQygXXhuhFXHz2-e4YApORv +lXDcT29IZuuI1j26bxdNdhNr1wZsqqievBN6l6OQMiP21eIrxAUu1BEmiVOrfOzaEjxldDN2gFum +4-zf9gsQT9UT8KEuOje64wVeHr09JpWuddV9HOAMvqc6mKTWmvUv_QiLgtK_b39QccMrOfOA1usM +biRJ9wuTYIr584Q9CjHEcm5e2YufcbF-IDZ4IDui8gNXyYJuusTYdspeKzrtiLKfgI56ZWA3it9G +SOkN18YyUmhk7HFkx9qEifb4UEbUQPb0dyXBRotf-91c5CPkct-36uV4sZBA_AR1tX3-aRKKB_SQ +B0zaG-eaEdEqKv-ZYHqk23ZxiEsCX3ZdY7VSMWztE3_D5n8UgEl4et5LVfnjvU-arVVO93WUbXk0 +zi2QrOwytOZ0StAvFdF1nVwWllPg4EYcn8qLJIaaBRvLMlpHixtwRhltwJeMmJl3ExImOxNhVbhF +6LxVXW6JK8JfMIwb_TE4EShDBjemq76BojQOwrO4OAyPG7B5iUtefdY-Zu1EtjXPhrUgljI_A1tg +5_2WNjNTCT7Bvig3saFsIRi3cvgIcMAF2H7kJYw3UDvCFnx4LIom2u6vSeyatPxEOhRfpP0KvgEU +koM9DFJW7VWQ11mB_DcU2NoYHdFKFy_cM62kIvoRwZTADGryEtkLSWEDT8MLpVrGXP2RjSZ3HHqC +vVpVqQHC2VIqNKi2uHtYCiTEfj81Z0rCrnH3hYIRoOSe5W6m17xyb0RloG0G44uK0oNCfDYLwK0L +TJaBdWSIBYI__ISsKx8o8r-3XLtbwQPPhv4-LpGwJYd7sIcqnpTYAyNGSrbEM4ECzHCH9Hwf9Duy +cAQGWqXIbTV9i8ryw8OhcCZPTf3noPZyhzzdegiv6KNT-BBbxsgtDehtP-jvpd9eAhjlfUV_hoFJ +rBUVMFrIOEDnnItVqBDmnavRdhn6N9ObVjVMv_4inhkvtpBCEVxtVQT2kFuBmZvPu_uHHbXi7_g8 +SVs3AjJ2ya3pZraK6gH3IOYoGtTAH3rKl7XdTMjqWnUCbhepuJqeEOF-DhpsEW7Oo0Lqzbjg \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/portal-authentication.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/portal-authentication.properties index ac09f9b2c2..97b5399f54 100644 --- a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/portal-authentication.properties +++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/portal-authentication.properties @@ -26,3 +26,6 @@ password={{.Values.config.portalPassword}} # prevent the portal interface's login processing from searching for a user # specific cookie, and will instead allow passage if a valid session cookie is discovered. onap_enabled={{.Values.config.portalOnapEnabled}} +onap.user_id_cookie_name={{.Values.config.portalCookieName}} +cookie_decryptor_classname={{.Values.config.cookieDecryptorClass}} +app_roles={{.Values.config.portalAppRoles}} diff --git a/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml index ac9cf77fbb..ee18d9b24c 100644 --- a/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml @@ -137,7 +137,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} @@ -159,6 +159,8 @@ spec: name: {{ include "common.fullname" . }}-logs - mountPath: /usr/share/filebeat/data name: aai-sparky-filebeat + resources: +{{ include "common.resources" . }} volumes: - name: localtime diff --git a/kubernetes/aai/charts/aai-sparky-be/templates/secret.yaml b/kubernetes/aai/charts/aai-sparky-be/templates/secret.yaml index 32a34823f6..6084ca3d4d 100644 --- a/kubernetes/aai/charts/aai-sparky-be/templates/secret.yaml +++ b/kubernetes/aai/charts/aai-sparky-be/templates/secret.yaml @@ -17,6 +17,11 @@ kind: Secret metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} type: Opaque data: {{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-sparky-be/values.yaml b/kubernetes/aai/charts/aai-sparky-be/values.yaml index c60ce29e52..9755c8bcc2 100644 --- a/kubernetes/aai/charts/aai-sparky-be/values.yaml +++ b/kubernetes/aai/charts/aai-sparky-be/values.yaml @@ -28,7 +28,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: onap/sparky-be:1.3.0 +image: onap/sparky-be:1.4-STAGING-latest pullPolicy: Always restartPolicy: Always flavor: small @@ -40,7 +40,17 @@ config: gerritBranch: 3.0.0-ONAP gerritProject: http://gerrit.onap.org/r/aai/test-config portalUsername: aaiui - portalPassword: 1t2v1vfv1unz1vgz1t3b + portalPassword: OBF:1t2v1vfv1unz1vgz1t3b + portalCookieName: UserId + portalAppRoles: ui_view + aafUsername: aai@aai.onap.org + aafNamespace: org.onap.aai.aaiui + aafPassword: enc:xxYw1FqXU5UpianbPeH5Rezg0YfjzuwQrSiLcCmJGfz + cadiKeyFile: /opt/app/sparky/config/portal/keyFile + cadiTrustStore: /opt/app/sparky/config/auth/truststoreONAPall.jks + cadiFileLocation: /opt/app/sparky/config/portal/cadi.properties + cadiTrustStorePassword: changeit + cookieDecryptorClass: org.onap.aai.sparky.security.BaseCookieDecryptor # ONAP Cookie Processing - During initial development, the following flag, if true, will # prevent the portal interface's login processing from searching for a user diff --git a/kubernetes/aai/charts/aai-spike/Chart.yaml b/kubernetes/aai/charts/aai-spike/Chart.yaml index 4f43b242eb..587b84c537 100644 --- a/kubernetes/aai/charts/aai-spike/Chart.yaml +++ b/kubernetes/aai/charts/aai-spike/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAI Spike microservice name: aai-spike -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/aai/charts/aai-spike/requirements.yaml b/kubernetes/aai/charts/aai-spike/requirements.yaml index ebeaffff74..8915b751c5 100644 --- a/kubernetes/aai/charts/aai-spike/requirements.yaml +++ b/kubernetes/aai/charts/aai-spike/requirements.yaml @@ -14,7 +14,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/aai/charts/aai-spike/templates/deployment.yaml b/kubernetes/aai/charts/aai-spike/templates/deployment.yaml index a3ff068971..c962f1df2b 100644 --- a/kubernetes/aai/charts/aai-spike/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-spike/templates/deployment.yaml @@ -106,15 +106,15 @@ spec: - mountPath: /var/log/onap name: {{ include "common.fullname" . }}-logs resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} +{{ include "common.resources" . }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} # side car containers - name: filebeat-onap @@ -128,6 +128,8 @@ spec: name: {{ include "common.fullname" . }}-logs - mountPath: /usr/share/filebeat/data name: aai-filebeat + resources: +{{ include "common.resources" . }} volumes: - name: localtime diff --git a/kubernetes/aai/charts/aai-spike/templates/secrets.yaml b/kubernetes/aai/charts/aai-spike/templates/secrets.yaml index 6a9810bd15..510805d8cd 100644 --- a/kubernetes/aai/charts/aai-spike/templates/secrets.yaml +++ b/kubernetes/aai/charts/aai-spike/templates/secrets.yaml @@ -17,6 +17,11 @@ kind: Secret metadata: name: {{ include "common.fullname" . }}-spike-secrets namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} type: Opaque data: {{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-spike/values.yaml b/kubernetes/aai/charts/aai-spike/values.yaml index 40bfbea208..fbe09f7d10 100644 --- a/kubernetes/aai/charts/aai-spike/values.yaml +++ b/kubernetes/aai/charts/aai-spike/values.yaml @@ -16,7 +16,7 @@ # Global configuration defaults. ################################################################# global: - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingImage: beats/filebeat:5.5.0 ################################################################# diff --git a/kubernetes/aai/charts/aai-traversal/Chart.yaml b/kubernetes/aai/charts/aai-traversal/Chart.yaml index f7e6a12bed..0470d0ac7f 100644 --- a/kubernetes/aai/charts/aai-traversal/Chart.yaml +++ b/kubernetes/aai/charts/aai-traversal/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAI traversal name: aai-traversal -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile index 3416d4a737..87219388f7 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile @@ -1,27 +1,27 @@ -2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf -jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm -4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe -moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf -GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT -74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh -iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb -p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt -3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW -hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7 -RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX -xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk -8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q -ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i -5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe -GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE -_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k -zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf -S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU -LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw -hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W -nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP -bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN -JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk -Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y -J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP -mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF \ No newline at end of file +yf1wUdfxbhVQQq5UF8hzWB_01VVrRIkC8BaLT7NMTrmv30RsMj3lvlaX3_CnVC1emYgmiUfWnT7k +brk0m-URJAKM8Pm6PrnOyKlx3U7NS8HVcFdKpVm_bx0CFsA3eY2NGe-D0gd35V1MohCbABZ8G2a6 +AgE7QmToHCwclXW_goK5P7lmJX1HaMVAIydMreP1m9sSR4UboRlvkH6VsMM1H1Y9ZhhXF--RkWAM +EcIspNTQE4ef3ZvYtSzuWssGZP8Hjo4XJlXz1uCSkyczw0IR19n-lspF9S0cIMro6QqvJsyjyjRo +UdYgxdwmQ_st4P43TZ8YEBQyE8r7VUoh_EqUx9ldilxGA0kBOQcTdtd805Kf98grXiQXeT-8UD1L +02aLzbz8Md7f8foGS1oGLfoImdjYCzOOZs3qHmKSb6YoHY8VcBCxIEfCznYl8wLYLRsSZ0tV4SAM +qCM_KHOM0HOZrNfSSAW5ZVZb67U9NI9SLFRV8gkmqxMspfjSLJCyHhq0D6RMECSpeAeVgoh6SWDw +mBSXunY5ZWVzdUyEezjCcl3NqTahrlfMSV5xkfUmSNFe_WW9rIXF0vD6MHAEW62yA1OA8WoMUqp2 +VKkUzWGVGAdMvbU52D6hqmGXER44kxAHVgEwPdhQhqgk4BpjR2v9ozQ6E_xNGkSRnriNB-H6BSN0 +vZa0pNJfvmBCjwGeoyRbCJrN1grLoDHQ3_6g-IwsD3NugKp6SHxUgfiPAUMGz-J2ZdbAlU0SNQgM +8gn6_cOaXvhqHBwh9SfT4jXyuCJru0zw3pyOjuw6fLMezvJDPvFfIgWllzc2IQ7_bufMZgCr2yAe +O-nBzsXK8aqItzCti53sZLSM1YC6OuRaiIt2i0yTVa7koFYSFhyELqEco5cFKMs0c6SrgIxnRrBT +x0RPXIyLdiRr76uP2wxL8KDfJ1vbCKi1xkZRchvQfm3ssgpzXVz8lnZ-HxacEhhAfGdDV56ZgRhu +5UVQd2RdP9JVpnXRJPhVwlQeQlrIXWHp01efBPRMTZQd2lpaNqn5v5chzpi9bbM3P3-BLxnN2NID +dv1E9Ox7MH-m3IQT9yFUi-UrDxAId4dnpgeCvyxhfnc1HJ9B71x9wmryC9PJWiKs3K-T_eC9pR4o +eN5PUZZ7arwdMUmzqKPNAtyMqaJCWfD3GZ1KsC8OV5Ze0DRQZPeT3IHg2BUC1NGj2SdjcwaGP_zl +uytFZWN7kQjnI4brorkO_jzjf7SEPCO7Vy2Z2vikIv7O8bSWZWDGYCcxUoYigFYcjZFirRYr3Yvl +YZU-F_qh6ZvrVxStSpz6iYDAzPW9v4ZyLSHyWe5H2AN89uRdnvag1769KpjsmGVYbn5jabgCJFs8 +EL7rxymrXri5cKsGH8XC1E0a-kP6vvhdHJhx5eFsFmKJaWh3RCJ8_I5CSzSRsK8JvE1Z6nGFn_SI +dpeNjf66lbm4y68loUh5Q4BDce3YaCT1gHmluBzXnv1vFzuvJ2jcVyq-nUDjdTqvM9okW8Prmt7l +ttQ3MVZI4rd-tXJfV4lxaI6wF4LIwiMJmY2tiCHoJ5nbLfHvMG7G5K1NAbizPltQxURPiMPZeCDZ +15SXI9vdCR-FyQikzp1hUUMMqz231-6BDDTKMOXpicQRQ0CHpEfxY4Rq3mu0QmRi-EIs6JAzfuLi +ba7fbfHnkhl3GWkj0CVZD8uDbzJceSTHICqVt-3qECUSG3ZfsuebWAEWED_xQoXyAL7kK8fMOPwl +m6qEk4z7boiJSrcQ2ZIdyPs2bZNvlv4wYg0F3BhFf2HeCYwR3BKXQGlDXGOAD5GuRpHHBch9JfVa +iUbvCEF23mee633C_K4zCaaVR9UqXMefzqFxSsobMp3heo3eIcQzLhe2SL2xpI9TbsvN2N4c9UMk +_TnQBHiYBgPxtB_j8bnVu7C__lTTpPKYLpUPxgWEIzljZzbkF37QQ1XtAc2EzcOi2FT4qsjlNgPw +PbL6ZihWEYZrZUilTSLzzjcQDLzoaF6BL2LOOS-Uju-B7COhcSMc0JLYOob6RDBE9T6HUMuZ diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 index 023e2eaac6..5737e48796 100644 Binary files a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 and b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 differ diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props index 7cb0d492ce..0f27dbdd76 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props @@ -2,13 +2,13 @@ # Properties Generated by AT&T Certificate Manager # @copyright 2016, AT&T ############################################################ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US cadi_keyfile=/opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile cadi_keystore=/opt/app/aai-traversal/resources/aaf/org.onap.aai.p12 -cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV -#cadi_key_password=enc: +cadi_keystore_password=enc:nF3D1h00vVoLZkCnFtTCJAiH6maEiA3933rI3ctap9Ggjlm2SMg_dxk6ui9iiDwr +#cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL cadi_alias=aai@aai.onap.org cadi_truststore=/opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks -cadi_truststore_password=enc:s77wlnZFoQ08NhnU3OSeWO6uKgRwC6sAK-wTvVubNz2 +cadi_truststore_password=enc:8BxmWFFRI9wcf2jVixnfdK2GPI4veaXofZ65fcYThHv cadi_loglevel=INFO cadi_bath_convert=/opt/app/aai-traversal/resources/aaf/bath_config.csv diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/application.properties b/kubernetes/aai/charts/aai-traversal/resources/config/application.properties index 8d35e2f5d6..a7c86b6d73 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/application.properties +++ b/kubernetes/aai/charts/aai-traversal/resources/config/application.properties @@ -40,9 +40,9 @@ server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties server.port=8446 server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 -server.ssl.key-store=${server.local.startpath}etc/auth/{{ .Values.global.config.keystore.filename }} +server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) -server.ssl.trust-store=${server.local.startpath}etc/auth/{{ .Values.global.config.truststore.filename }} +server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) server.ssl.client-auth=want server.ssl.key-store-type=JKS @@ -83,3 +83,15 @@ schema.version.edge.label.start={{ .Values.global.config.schema.version.edge.lab # Specifies the version that the application should default to schema.version.api.default={{ .Values.global.config.schema.version.api.default }} +schema.translator.list={{ .Values.global.config.schema.translator.list }} +schema.service.base.url=https://aai-schema-service.{{ include "common.namespace" . }}:8452/aai/schema-service/v1/ +schema.service.nodes.endpoint=nodes?version= +schema.service.edges.endpoint=edgerules?version= +schema.service.versions.endpoint=versions +schema.service.custom.queries.endpoint=stored-queries +schema.service.client={{ .Values.global.config.schema.service.client }} + +schema.service.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }} +schema.service.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }} +schema.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) +schema.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/logback.xml b/kubernetes/aai/charts/aai-traversal/resources/config/logback.xml index 96fe00567d..d466ccf39a 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/logback.xml +++ b/kubernetes/aai/charts/aai-traversal/resources/config/logback.xml @@ -1,369 +1,268 @@ - - - - - - - - - - - - - - - - - - - %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx} - - - - - ${logDirectory}/rest/sane.log - - ${logDirectory}/rest/sane.log.%d{yyyy-MM-dd} - - - %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n - - - - - 1000 - true - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/rest/metrics.log - - ${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd} - - - - ${eelfMetricLogPattern} - - - - 1000 - true - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/rest/debug.log - - ${logDirectory}/rest/debug.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - 1000 - true - - - - - WARN - - ${logDirectory}/rest/error.log - - ${logDirectory}/rest/error.log.%d{yyyy-MM-dd} - - - - ${eelfErrorLogPattern} - - - - 1000 - true - - - - ${logDirectory}/rest/audit.log - - ${logDirectory}/rest/audit.log.%d{yyyy-MM-dd} - - - - ${eelfAuditLogPattern} - - - - 1000 - true - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/rest/translog.log - - ${logDirectory}/rest/translog.log.%d{yyyy-MM-dd} - - - - ${eelfTransLogPattern} - - - - 1000 - true - - - - - WARN - - ${logDirectory}/dmaapAAIEventConsumer/error.log - - ${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - DEBUG - ACCEPT - DENY - - ${logDirectory}/dmaapAAIEventConsumer/debug.log - - ${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - INFO - ACCEPT - DENY - - ${logDirectory}/dmaapAAIEventConsumer/metrics.log - - ${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd} - - - - ${eelfMetricLogPattern} - - - - - WARN - - ${logDirectory}/external/external.log - - ${logDirectory}/external/external.log.%d{yyyy-MM-dd} - - - - ${eelfLogPattern} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${logDirectory}/perf-audit/Audit-${lrmRVer}-${lrmRO}-${Pid}.log - - - ${logDirectory}/perf-audit/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip - - 1 - 9 - - - 5MB - - - "%d [%thread] %-5level %logger{1024} - %msg%n" - - - - - ${logDirectory}/perf-audit/Perform-${lrmRVer}-${lrmRO}-${Pid}.log - - - ${logDirectory}/perf-audit/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip - - 1 - 9 - - - 5MB - - - "%d [%thread] %-5level %logger{1024} - %msg%n" - - - - ${logDirectory}/misc/misc.log - - ${logDirectory}/misc/misc.log.%d{yyyy-MM-dd} - - - %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - {{if .Values.global.config.logback.console.enabled}} - - {{ end }} - + + + + + + + + + + + + + + + + + + + %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx} + + + + + ${logDirectory}/rest/sane.log + + ${logDirectory}/rest/sane.log.%d{yyyy-MM-dd} + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + + + 1000 + true + + + + + INFO + ACCEPT + DENY + + ${logDirectory}/rest/metrics.log + + ${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd} + + + + ${eelfMetricLogPattern} + + + + 1000 + true + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/rest/debug.log + + ${logDirectory}/rest/debug.log.%d{yyyy-MM-dd} + + + + ${eelfLogPattern} + + + + 1000 + true + + + + + WARN + + ${logDirectory}/rest/error.log + + ${logDirectory}/rest/error.log.%d{yyyy-MM-dd} + + + + ${eelfErrorLogPattern} + + + + 1000 + true + + + + ${logDirectory}/rest/audit.log + + ${logDirectory}/rest/audit.log.%d{yyyy-MM-dd} + + + + ${eelfAuditLogPattern} + + + + 1000 + true + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/rest/translog.log + + ${logDirectory}/rest/translog.log.%d{yyyy-MM-dd} + + + + ${eelfTransLogPattern} + + + + 1000 + true + + + + + WARN + + ${logDirectory}/dmaapAAIEventConsumer/error.log + + ${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd} + + + + ${eelfLogPattern} + + + + + DEBUG + ACCEPT + DENY + + ${logDirectory}/dmaapAAIEventConsumer/debug.log + + ${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd} + + + + ${eelfLogPattern} + + + + + INFO + ACCEPT + DENY + + ${logDirectory}/dmaapAAIEventConsumer/metrics.log + + ${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd} + + + + ${eelfMetricLogPattern} + + + + + WARN + + ${logDirectory}/external/external.log + + ${logDirectory}/external/external.log.%d{yyyy-MM-dd} + + + + ${eelfLogPattern} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + {{if .Values.global.config.logback.console.enabled}} + + {{ end }} + diff --git a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml index 3785de0bba..be4b863195 100644 --- a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml @@ -81,6 +81,28 @@ spec: "visualRange": "1", "path": "/aai/v14/search/generic-query" }, + { + "serviceName": "_aai-generic-query", + "version": "v15", + "url": "/aai/v15/search/generic-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/search/generic-query" + }, + { + "serviceName": "_aai-generic-query", + "version": "v16", + "url": "/aai/v16/search/generic-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/search/generic-query" + }, { "serviceName": "_aai-nodes-query", "version": "v11", @@ -125,6 +147,28 @@ spec: "visualRange": "1", "path": "/aai/v14/search/nodes-query" }, + { + "serviceName": "_aai-nodes-query", + "version": "v15", + "url": "/aai/v15/search/nodes-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/search/nodes-query" + }, + { + "serviceName": "_aai-nodes-query", + "version": "v16", + "url": "/aai/v16/search/nodes-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/search/nodes-query" + }, { "serviceName": "_aai-query", "version": "v11", @@ -169,6 +213,28 @@ spec: "visualRange": "1", "path": "/aai/v14/query" }, + { + "serviceName": "_aai-query", + "version": "v15", + "url": "/aai/v15/query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v15/query" + }, + { + "serviceName": "_aai-query", + "version": "v16", + "url": "/aai/v16/query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1", + "path": "/aai/v16/query" + }, { "serviceName": "_aai-named-query", "url": "/aai/search", @@ -219,6 +285,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-generic-query", + "version": "v15", + "url": "/aai/v15/search/generic-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-generic-query", + "version": "v16", + "url": "/aai/v16/search/generic-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-nodes-query", "version": "v11", @@ -259,6 +345,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-nodes-query", + "version": "v15", + "url": "/aai/v15/search/nodes-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-nodes-query", + "version": "v16", + "url": "/aai/v16/search/nodes-query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-query", "version": "v11", @@ -299,6 +405,26 @@ spec: "lb_policy":"ip_hash", "visualRange": "1" }, + { + "serviceName": "aai-query", + "version": "v15", + "url": "/aai/v15/query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, + { + "serviceName": "aai-query", + "version": "v16", + "url": "/aai/v16/query", + "protocol": "REST", + "port": "8446", + "enable_ssl": true, + "lb_policy":"ip_hash", + "visualRange": "1" + }, { "serviceName": "aai-named-query", "url": "/aai/search", @@ -324,6 +450,8 @@ spec: args: - --container-name - aai-cassandra + - --container-name + - aai-schema-service {{ end }} env: - name: NAMESPACE @@ -421,7 +549,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} @@ -443,6 +571,8 @@ spec: name: {{ include "common.fullname" . }}-logs - mountPath: /usr/share/filebeat/data name: {{ include "common.fullname" . }}-filebeat + resources: +{{ include "common.resources" . }} volumes: - name: localtime hostPath: @@ -486,7 +616,7 @@ spec: name: {{ include "common.fullname" . }}-realm-configmap - name: {{ include "common.fullname" . }}-auth-truststore-sec secret: - secretName: aai-auth-truststore-secret + secretName: aai-common-truststore items: {{ range $job := .Values.global.config.auth.files }} - key: {{ . }} diff --git a/kubernetes/aai/charts/aai-traversal/templates/job.yaml b/kubernetes/aai/charts/aai-traversal/templates/job.yaml index e2fe395b95..a746f54470 100644 --- a/kubernetes/aai/charts/aai-traversal/templates/job.yaml +++ b/kubernetes/aai/charts/aai-traversal/templates/job.yaml @@ -136,7 +136,7 @@ spec: name: {{ include "common.fullname" . }}-realm-configmap - name: {{ include "common.fullname" . }}-auth-truststore-sec secret: - secretName: aai-auth-truststore-secret + secretName: aai-common-truststore items: {{ range $job := .Values.global.config.auth.files }} - key: {{ . }} diff --git a/kubernetes/aai/charts/aai-traversal/values.yaml b/kubernetes/aai/charts/aai-traversal/values.yaml index 92c60a24e9..63e1444f98 100644 --- a/kubernetes/aai/charts/aai-traversal/values.yaml +++ b/kubernetes/aai/charts/aai-traversal/values.yaml @@ -18,12 +18,12 @@ global: # global defaults nodePortPrefix: 302 readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 # application image repository: nexus3.onap.org:10001 -image: onap/aai-traversal:1.3.3 +image: onap/aai-traversal:1.4-STAGING-latest pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/requirements.yaml b/kubernetes/aai/requirements.yaml index 8ac927b65e..01f6f1a9aa 100644 --- a/kubernetes/aai/requirements.yaml +++ b/kubernetes/aai/requirements.yaml @@ -14,7 +14,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/aai/resources/config/aai/aai_keystore b/kubernetes/aai/resources/config/aai/aai_keystore index 83cae95273..d50b33ed93 100644 Binary files a/kubernetes/aai/resources/config/aai/aai_keystore and b/kubernetes/aai/resources/config/aai/aai_keystore differ diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12 b/kubernetes/aai/resources/config/fproxy/auth/client-cert.p12 similarity index 100% rename from kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12 rename to kubernetes/aai/resources/config/fproxy/auth/client-cert.p12 diff --git a/kubernetes/aai/resources/config/fproxy/auth/fproxy_truststore b/kubernetes/aai/resources/config/fproxy/auth/fproxy_truststore new file mode 100644 index 0000000000..f6ebc75ed8 Binary files /dev/null and b/kubernetes/aai/resources/config/fproxy/auth/fproxy_truststore differ diff --git a/kubernetes/aai/resources/config/fproxy/auth/tomcat_keystore b/kubernetes/aai/resources/config/fproxy/auth/tomcat_keystore new file mode 100644 index 0000000000..d68bf73815 Binary files /dev/null and b/kubernetes/aai/resources/config/fproxy/auth/tomcat_keystore differ diff --git a/kubernetes/aai/resources/config/haproxy/aai.pem b/kubernetes/aai/resources/config/haproxy/aai.pem new file mode 100644 index 0000000000..e6dfd6a63d --- /dev/null +++ b/kubernetes/aai/resources/config/haproxy/aai.pem @@ -0,0 +1,82 @@ +-----BEGIN CERTIFICATE----- +MIIFATCCA+mgAwIBAgIIWY+5kgf/UH8wDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE +BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp +bnRlcm1lZGlhdGVDQV85MB4XDTE5MDMyNjAzMjc1MloXDTIwMDMyNjAzMjc1Mlow +azERMA8GA1UEAwwIYWFpLm9uYXAxDzANBgkqhkiG9w0BCQEWADEZMBcGA1UECwwQ +YWFpQGFhaS5vbmFwLm9yZzEOMAwGA1UECwwFT1NBQUYxDTALBgNVBAoMBE9OQVAx +CzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyZj +PvQrgB2bhyE3kpSH6OjXigs/+MfmV4eOrEwmMzQ1lWjItu2z5WY9xNGCky85G3Pr +qmCfT/qNPXd0W5kEujYlL0QnvrCa77WP3kSSu0kMKdUJV3S90Rp1SOhGFU/WroAQ +XvlzyBCunqQ9/F/L6mS8dLotUbkGIQlojAYOukWOT/+ogMMxzpxtb91QR+Wl4YeY +yzX//0rls/6nEKzCh2STHJuTkXqL0kod+KY08unpvMX2J/SEeHdWLS8Gsuus6oqM +r4bFyquua/U1ApxEMn0/agY58V75dF5CRPJRYrqqf9I6DBr0SntHv6pzMhokjewl +ukkrEsvIOkqEvIcE+QIDAQABo4IByzCCAccwCQYDVR0TBAIwADAOBgNVHQ8BAf8E +BAMCBeAwIAYDVR0lAQH/BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFQGA1UdIwRN +MEuAFIH3mVsQuciM3vNSXupOaaBDPqzdoTCkLjAsMQ4wDAYDVQQLDAVPU0FBRjEN +MAsGA1UECgwET05BUDELMAkGA1UEBhMCVVOCAQcwHQYDVR0OBBYEFFziBN1nFOnS +Sp7XkxOuzVNR1GFLMIIBEQYDVR0RBIIBCDCCAQSCCGFhaS5vbmFwghJhYWktc3Bh +cmt5LWJlLm9uYXCCG2FhaS5hcGkuc2ltcGxlZGVtby5vbmFwLm9yZ4IlYWFpLmVs +YXN0aWNzZWFyY2guc2ltcGxlZGVtby5vbmFwLm9yZ4IlYWFpLmdyZW1saW5zZXJ2 +ZXIuc2ltcGxlZGVtby5vbmFwLm9yZ4IdYWFpLmhiYXNlLnNpbXBsZWRlbW8ub25h +cC5vcmeCJWFhaS5zZWFyY2hzZXJ2aWNlLnNpbXBsZWRlbW8ub25hcC5vcmeCF2Fh +aS5zaW1wbGVkZW1vLm9uYXAub3JnghphYWkudWkuc2ltcGxlZGVtby5vbmFwLm9y +ZzANBgkqhkiG9w0BAQsFAAOCAQEAlqwzbZv/0uxVPmFJMB2t5B2nw3GNojLwxnHh +UVKzrLbDDpM36CkY8uX9kYAaf/Eg8eA5Jp0T9lGCheg0TNHM9OBqyyvDPjewZ5jO +N0xooRs7gh4bYtQaWIjCOg6bXg+mHkW4VVbpewMJYivGpJZQ76LauuHtg1OA688s +fy4SGrbC902OoPZ8zJlINOyljqSa+uNwvv6bg9Iqnuq/jUaFpKOYVUkMzw/ImVzy +3kXH/hY+nz4FNvMPlULgwxskOBRp90a5VWBC48cNzg4aNtanVz6lPAr/AVD1R6jt +ZDEd3Ww8nTlRKjUryxgoorqo8ThctZscWBpHMRW4B/LgGEYtRA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB +RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN +MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG +A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL +neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d +o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3 +nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV +v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO +15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw +gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV +M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/ +BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B +AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q +ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl +u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+ ++pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/ +QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht +8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX +kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3 +aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky +uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w +tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep +BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k= +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAuyZjPvQrgB2bhyE3kpSH6OjXigs/+MfmV4eOrEwmMzQ1lWjI +tu2z5WY9xNGCky85G3PrqmCfT/qNPXd0W5kEujYlL0QnvrCa77WP3kSSu0kMKdUJ +V3S90Rp1SOhGFU/WroAQXvlzyBCunqQ9/F/L6mS8dLotUbkGIQlojAYOukWOT/+o +gMMxzpxtb91QR+Wl4YeYyzX//0rls/6nEKzCh2STHJuTkXqL0kod+KY08unpvMX2 +J/SEeHdWLS8Gsuus6oqMr4bFyquua/U1ApxEMn0/agY58V75dF5CRPJRYrqqf9I6 +DBr0SntHv6pzMhokjewlukkrEsvIOkqEvIcE+QIDAQABAoIBAEe1OrvJZM2PCqOp +N5jjbnvwk32iN93EAl8xYppkBxMBgzJ/VsC4rYBNP4elWym4I2KAdSDwKrrDXtDZ +b20VYXlT+8VzkOMA2izU3Y4lqi82mwGATjcDVSPExoGr9gZ+c9yi1yL8478ZnT7N +4a5Mql5iQM9c8rZodY+9AiD8xTHbgXbaGmBsDhTxT/HPDsoacR/SHMh3XowbhAcs +eXAe+NdDtLcG6WOEqi/EhkagkWvsecIBoy888Ffbxa5h/DLEaCCoC3Dw1tWFX8KM +86sC9sQKDVRVKpKs2/9MGl9LoPi9jNDrOP6/Zx3T4k479ozGp/0G70LzmUcih72j +MUbr4f0CgYEA/AV0yOLZh0i2K53jpv3e8RDJkOBFuLb0ZZVdGkVYHncw9/WY070E +TJi0B51RAJtdSksAWa6o+1+VaJKQHtMZpABwMWDMRQUqdC+o+knONRpdCHwxXnSl +gvujFyYJhURKDr42z0xjbQrHaEZRuVJ6tzJQhFtE66G01ngREhDPbUsCgYEAvhrB +A/IOQpPaHcfU2ik80VE0KU9N4Ez50ZlheEbBDVTrMWzuFy8p9niNSfDKC7s5aqlP +DgDvTD80D8Zw6+yT/aDU5iEf5vMdKc1pnlr8jJoCNSvuyJZ40kDSehsBOKC+YN3g +b6xaYWIcH3mwwoLZO9XFsN5KAg/dSMJED8AGAEsCgYAduMMCIgbHdqLNWAyOGCif +w3wSEvEGDMWb6VaWj5EJ3sKuq48/gW4tXmD0+O+ho7EH3vqGmRuisa4cLBTFHd5L +QiX5HNJaXXaZRzmlcujXyGkqZAMqgZU3clfUlg7PYbNeM76hCgA7zuaffJOMyJZi +XpOyWFUzeNmr5XMV71eXKwKBgEtgzFvGJMVdXsUkMU/3vfe5XRdsLJLdssjbKnzI +gU/J9h/480caGmdyUYOaCGMyb4fNbl09HaV8AianJqtFeUC9/uzpAX9PsqaanmB9 +71nIz0tKCjpa/7lOnqZwAsHzasl58L4W9xdaEZChbecSfxRspSCGY44BwFpTPS2J +lFeVAoGAFOetqKStyEy+qruEOMk+lWwaKLGZ4hLk7qmFochxwrXgx7hcZ4Zrqkv9 +7qyQtbAalFiCHGmLBdSb+GLfD/1pPUA3wJoLo/I3f4g9c7cw7m7r8MdWPDXSL2Vk +vM97Syv92KQUBl8te7S3+bDBNklgb+KwRqSk3QRAl8ARWEjg8Kk= +-----END RSA PRIVATE KEY----- diff --git a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/client-cert.p12 b/kubernetes/aai/resources/config/rproxy/auth/client-cert.p12 similarity index 100% rename from kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/client-cert.p12 rename to kubernetes/aai/resources/config/rproxy/auth/client-cert.p12 diff --git a/kubernetes/aai/resources/config/rproxy/auth/org.onap.aai.p12 b/kubernetes/aai/resources/config/rproxy/auth/org.onap.aai.p12 new file mode 100644 index 0000000000..023e2eaac6 Binary files /dev/null and b/kubernetes/aai/resources/config/rproxy/auth/org.onap.aai.p12 differ diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/tomcat_keystore b/kubernetes/aai/resources/config/rproxy/auth/tomcat_keystore similarity index 100% rename from kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/tomcat_keystore rename to kubernetes/aai/resources/config/rproxy/auth/tomcat_keystore diff --git a/kubernetes/aai/resources/config/rproxy/security/keyfile b/kubernetes/aai/resources/config/rproxy/security/keyfile new file mode 100644 index 0000000000..3416d4a737 --- /dev/null +++ b/kubernetes/aai/resources/config/rproxy/security/keyfile @@ -0,0 +1,27 @@ +2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf +jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm +4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe +moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf +GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT +74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh +iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb +p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt +3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW +hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7 +RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX +xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk +8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q +ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i +5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe +GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE +_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k +zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf +S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU +LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw +hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W +nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP +bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN +JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk +Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y +J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP +mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF \ No newline at end of file diff --git a/kubernetes/aai/templates/configmap.yaml b/kubernetes/aai/templates/configmap.yaml index a23ed5fdc7..651bf8dbba 100644 --- a/kubernetes/aai/templates/configmap.yaml +++ b/kubernetes/aai/templates/configmap.yaml @@ -72,4 +72,32 @@ type: Opaque data: {{ tpl (.Files.Glob "resources/config/aai/*").AsSecrets . | indent 2 }} - +{{ if .Values.global.installSidecarSecurity }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: aai-fproxy-auth-certs + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/config/fproxy/auth/*").AsSecrets . | indent 2 }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: aai-rproxy-auth-certs + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/config/rproxy/auth/*").AsSecrets . | indent 2 }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: aai-rproxy-security-config + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/config/rproxy/security/*").AsSecrets . | indent 2 }} +{{ end }} \ No newline at end of file diff --git a/kubernetes/aai/templates/deployment.yaml b/kubernetes/aai/templates/deployment.yaml index 1f337e4374..8c107303ac 100644 --- a/kubernetes/aai/templates/deployment.yaml +++ b/kubernetes/aai/templates/deployment.yaml @@ -70,6 +70,9 @@ spec: subPath: haproxy.cfg {{ end }} name: haproxy-cfg + - mountPath: /etc/ssl/private/aai.pem + name: aai-pem + subPath: aai.pem ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} @@ -101,14 +104,14 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} resources: -{{ include "common.resources" . | indent 12 }} +{{ include "common.resources" . }} {{- if .Values.nodeSelector }} nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} +{{ toYaml .Values.nodeSelector | indent 8 }} {{- end -}} {{- if .Values.affinity }} affinity: -{{ toYaml .Values.affinity | indent 10 }} +{{ toYaml .Values.affinity | indent 8 }} {{- end }} volumes: @@ -121,5 +124,8 @@ spec: - name: haproxy-cfg configMap: name: aai-deployment-configmap + - name: aai-pem + secret: + secretName: aai-haproxy-secret imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/templates/secret.yaml b/kubernetes/aai/templates/secret.yaml index 8d00a9d41c..f01f11df78 100644 --- a/kubernetes/aai/templates/secret.yaml +++ b/kubernetes/aai/templates/secret.yaml @@ -17,6 +17,20 @@ kind: Secret metadata: name: aai-common-aai-auth namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} type: Opaque data: {{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: aai-common-truststore + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/config/aai/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index d5a5db0494..1d3a3a5d24 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -23,7 +23,7 @@ global: # global defaults busyboxImage: busybox readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: readiness-check:2.0.2 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 @@ -160,6 +160,12 @@ global: # global defaults # Schema specific properties that include supported versions of api schema: + # Specifies if the connection should be one way ssl, two way ssl or no auth + service: + client: one-way-ssl + # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service + translator: + list: schema-service source: # Specifies which folder to take a look at name: onap @@ -170,14 +176,14 @@ global: # global defaults version: # Current version of the REST API api: - default: v14 + default: v16 # Specifies which version the depth parameter is configurable - depth: v9 + depth: v11 # List of all the supported versions of the API - list: v8,v9,v10,v11,v12,v13,v14 + list: v11,v12,v13,v14,v15,v16 # Specifies from which version related link should appear related: - link: v10 + link: v11 # Specifies from which version the app root change happened app: root: v11 diff --git a/kubernetes/appc/Chart.yaml b/kubernetes/appc/Chart.yaml index dd79ae039e..b7a0755841 100644 --- a/kubernetes/appc/Chart.yaml +++ b/kubernetes/appc/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Application Controller name: appc -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/appc/charts/appc-ansible-server/Chart.yaml b/kubernetes/appc/charts/appc-ansible-server/Chart.yaml index d2760b3a05..de5213fd40 100644 --- a/kubernetes/appc/charts/appc-ansible-server/Chart.yaml +++ b/kubernetes/appc/charts/appc-ansible-server/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP APPC Ansible Server name: appc-ansible-server -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/appc/charts/appc-ansible-server/requirements.yaml b/kubernetes/appc/charts/appc-ansible-server/requirements.yaml index 9e5715e966..394444104e 100644 --- a/kubernetes/appc/charts/appc-ansible-server/requirements.yaml +++ b/kubernetes/appc/charts/appc-ansible-server/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/appc/charts/appc-ansible-server/templates/pv.yaml b/kubernetes/appc/charts/appc-ansible-server/templates/pv.yaml new file mode 100644 index 0000000000..25257eaeaf --- /dev/null +++ b/kubernetes/appc/charts/appc-ansible-server/templates/pv.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} +{{- $global := . }} +{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) -}} +{{- range $i, $t := until (int $global.Values.replicaCount)}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" $global }}-data{{$i}} + namespace: {{ include "common.namespace" $global }} + labels: + app: {{ include "common.fullname" $global }} + chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" + release: "{{ $global.Release.Name }}" + heritage: "{{ $global.Release.Service }}" + name: {{ include "common.fullname" $global }} +spec: + capacity: + storage: {{ $global.Values.persistence.size}} + accessModes: + - {{ $global.Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" $global }}-data" + persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ $global.Release.Name }}/{{ $global.Values.persistence.mountSubPath }}{{$i}} +--- +{{- end -}} +{{- end -}} diff --git a/kubernetes/appc/charts/appc-ansible-server/templates/deployment.yaml b/kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml similarity index 83% rename from kubernetes/appc/charts/appc-ansible-server/templates/deployment.yaml rename to kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml index a7daa05143..5f1cc5ae24 100644 --- a/kubernetes/appc/charts/appc-ansible-server/templates/deployment.yaml +++ b/kubernetes/appc/charts/appc-ansible-server/templates/statefulset.yaml @@ -12,8 +12,8 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 -kind: Deployment +apiVersion: apps/v1beta1 +kind: StatefulSet metadata: name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} @@ -74,6 +74,8 @@ spec: - mountPath: {{ .Values.config.configDir }}/RestServer_config name: config subPath: RestServer_config + - mountPath: {{ .Values.persistence.playbookPath }} + name: {{ include "common.fullname" . }}-data resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -92,5 +94,21 @@ spec: configMap: name: {{ include "common.fullname" . }} defaultMode: 0644 - imagePullSecrets: +{{ if not .Values.persistence.enabled }} + - name: {{ include "common.fullname" . }}-data + emptyDir: {} +{{ else }} + volumeClaimTemplates: + - metadata: + name: {{ include "common.fullname" . }}-data + labels: + name: {{ include "common.fullname" . }} + spec: + accessModes: [ {{ .Values.persistence.accessMode }} ] + storageClassName: {{ include "common.fullname" . }}-data + resources: + requests: + storage: {{ .Values.persistence.size }} +{{ end }} + imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/appc/charts/appc-ansible-server/values.yaml b/kubernetes/appc/charts/appc-ansible-server/values.yaml index 93d4c56e27..1e15919b82 100644 --- a/kubernetes/appc/charts/appc-ansible-server/values.yaml +++ b/kubernetes/appc/charts/appc-ansible-server/values.yaml @@ -29,7 +29,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-ansible-server-image:0.3.2 +image: onap/ccsdk-ansible-server-image:0.4.1-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required @@ -39,7 +39,7 @@ debugEnabled: false config: appcChartName: appc mysqlServiceName: appc-dbhost - + configDir: /opt/onap/ccsdk # default number of instances replicaCount: 1 @@ -66,6 +66,30 @@ service: portName: appc-ansible-server internalPort: 8000 externalPort: 8000 + nfsprovisionerPrefix: appc + disableNfsProvisioner: true + +## Persist data to a persitent volume +persistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + accessMode: ReadWriteMany + size: 1Gi + mountPath: /dockerdata-nfs + mountSubPath: appc/ansible + playbookPath: /home/ansible ingress: enabled: false diff --git a/kubernetes/appc/charts/appc-cdt/Chart.yaml b/kubernetes/appc/charts/appc-cdt/Chart.yaml index 4d981a8c8b..7680f7fd50 100644 --- a/kubernetes/appc/charts/appc-cdt/Chart.yaml +++ b/kubernetes/appc/charts/appc-cdt/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP APPC Self Service Controller Design Tool name: appc-cdt -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/appc/charts/appc-cdt/requirements.yaml b/kubernetes/appc/charts/appc-cdt/requirements.yaml index 220dc4619b..fae2fe2fe7 100644 --- a/kubernetes/appc/charts/appc-cdt/requirements.yaml +++ b/kubernetes/appc/charts/appc-cdt/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/appc/charts/appc-cdt/templates/service.yaml b/kubernetes/appc/charts/appc-cdt/templates/service.yaml index 735e0f510a..3e0b8894c6 100644 --- a/kubernetes/appc/charts/appc-cdt/templates/service.yaml +++ b/kubernetes/appc/charts/appc-cdt/templates/service.yaml @@ -28,6 +28,7 @@ spec: ports: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: {{ .Values.service.name }} {{- else -}} diff --git a/kubernetes/appc/charts/appc-cdt/values.yaml b/kubernetes/appc/charts/appc-cdt/values.yaml index 517b69ddea..d302c4d630 100644 --- a/kubernetes/appc/charts/appc-cdt/values.yaml +++ b/kubernetes/appc/charts/appc-cdt/values.yaml @@ -26,7 +26,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/appc-cdt-image:1.4.3 +image: onap/appc-cdt-image:1.5.0-SNAPSHOT-latest pullPolicy: Always # application configuration @@ -54,8 +54,8 @@ readiness: service: type: NodePort name: appc-cdt - externalPort: 80 - internalPort: 80 + externalPort: 18080 + internalPort: 18080 nodePort: 89 ingress: diff --git a/kubernetes/appc/requirements.yaml b/kubernetes/appc/requirements.yaml index cc912b538c..e48d857709 100644 --- a/kubernetes/appc/requirements.yaml +++ b/kubernetes/appc/requirements.yaml @@ -14,11 +14,11 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' - name: mariadb-galera - version: ~3.0.0 + version: ~4.x-0 repository: '@local' - name: dgbuilder - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh index 6a36fdf37b..ed35de8f77 100755 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh @@ -4,7 +4,7 @@ # ============LICENSE_START======================================================= # APPC # ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs,Bell Canada # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); @@ -26,6 +26,7 @@ # This script takes care of installing the SDNC & APPC platform components # if not already installed, and starts the APPC Docker Container # +#set -x function enable_odl_cluster(){ if [ -z $APPC_REPLICAS ]; then @@ -58,8 +59,6 @@ ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false} ENABLE_AAF=${ENABLE_AAF:-true} DBINIT_DIR=${DBINIT_DIR:-/opt/opendaylight/current/daexim} -appcInstallStartTime=$(date +%s) - # # Wait for database to init properly # @@ -86,16 +85,18 @@ END then echo "Installing SDNC database" ${SDNC_HOME}/bin/installSdncDb.sh - fi - appc_db_exists=$(mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p{{.Values.config.mariadbRootPassword}} mysql <<-END + appc_db_exists=$(mysql -h {{.Values.config.mariadbGaleraSVCName}}.{{.Release.Namespace}} -u root -p{{.Values.config.mariadbRootPassword}} mysql <<-END show databases like 'appcctl'; END ) - if [ "x${appc_db_exists}" == "x" ] - then - echo "Installing APPC database" - ${APPC_HOME}/bin/installAppcDb.sh + if [ "x${appc_db_exists}" == "x" ] + then + echo "Installing APPC database" + ${APPC_HOME}/bin/installAppcDb.sh + fi + else + sleep 30 fi echo "Installed at `date`" > ${DBINIT_DIR}/.installed @@ -107,19 +108,15 @@ then echo "Installing ODL Host Key" ${SDNC_HOME}/bin/installOdlHostKey.sh +# echo "Copying a working version of the logging configuration into the opendaylight etc folder" +# cp ${APPC_HOME}/data/org.ops4j.pax.logging.cfg ${ODL_HOME}/etc/org.ops4j.pax.logging.cfg + echo "Starting OpenDaylight" ${ODL_HOME}/bin/start echo "Waiting ${SLEEP_TIME} seconds for OpenDaylight to initialize" sleep ${SLEEP_TIME} - echo "Copying a working version of the logging configuration into the opendaylight etc folder" - cp ${APPC_HOME}/data/org.ops4j.pax.logging.cfg ${ODL_HOME}/etc/org.ops4j.pax.logging.cfg - echo "Copying a new version of aaf cadi shiro into the opendaylight deploy folder" - cp ${APPC_HOME}/data/aaf-shiro-aafrealm-osgi-bundle.jar ${ODL_HOME}/deploy/aaf-shiro-aafrealm-osgi-bundle.jar - - echo "Installing SDNC platform features" - ${SDNC_HOME}/bin/installFeatures.sh if [ -x ${SDNC_HOME}/svclogic/bin/install.sh ] then @@ -127,29 +124,18 @@ then ${SDNC_HOME}/svclogic/bin/install.sh fi - if $ENABLE_ODL_CLUSTER ; then echo "Installing Opendaylight cluster features" ; ${ODL_HOME}/bin/client feature:install odl-mdsal-clustering ; ${ODL_HOME}/bin/client feature:install odl-jolokia ; fi - - echo "Installing APPC platform features" - ${APPC_HOME}/bin/installFeatures.sh - - if [ -x ${APPC_HOME}/svclogic/bin/install.sh ] - then - echo "Installing APPC DGs using platform-logic" - ${APPC_HOME}/svclogic/bin/install.sh - fi - if [ -x ${APPC_HOME}/svclogic/bin/install-converted-dgs.sh ] then echo "Installing APPC JSON DGs converted to XML using dg-loader" ${APPC_HOME}/svclogic/bin/install-converted-dgs.sh fi - if $ENABLE_ODL_CLUSTER ; then enable_odl_cluster ; fi - - echo "Adding a property system.properties for AAF cadi.properties location" - echo "" >> ${ODL_HOME}/etc/system.properties - echo "cadi_prop_files=${APPC_HOME}/data/properties/cadi.properties" >> ${ODL_HOME}/etc/system.properties - echo "" >> ${ODL_HOME}/etc/system.properties + if $ENABLE_ODL_CLUSTER + then + echo "Installing Opendaylight cluster features" + ${ODL_HOME}/bin/client feature:install odl-mdsal-clustering + enable_odl_cluster + fi echo "Copying the aaa shiro configuration into opendaylight" if $ENABLE_AAF @@ -180,11 +166,32 @@ then done echo "Karaf process has stopped" sleep 10s + echo "Installed at `date`" > ${SDNC_HOME}/.installed fi - appcInstallEndTime=$(date +%s) - echo "Total Appc install took $(expr $appcInstallEndTime - $appcInstallStartTime) seconds" +# Move journal and snapshots directory to persistent storage + +hostdir=${ODL_HOME}/daexim/$(hostname -s) +if [ ! -d $hostdir ] +then + mkdir -p $hostdir + if [ -d ${ODL_HOME}/journal ] + then + mv ${ODL_HOME}/journal ${hostdir} + else + mkdir ${hostdir}/journal + fi + if [ -d ${ODL_HOME}/snapshots ] + then + mv ${ODL_HOME}/snapshots ${hostdir} + else + mkdir ${hostdir}/snapshots + fi +fi + +ln -s ${hostdir}/journal ${ODL_HOME}/journal +ln -s ${hostdir}/snapshots ${ODL_HOME}/snapshots echo "Starting cdt-proxy-service jar, logging to ${APPC_HOME}/cdt-proxy-service/jar.log" java -jar ${APPC_HOME}/cdt-proxy-service/cdt-proxy-service.jar > ${APPC_HOME}/cdt-proxy-service/jar.log & diff --git a/kubernetes/common/controller-blueprints/.helmignore b/kubernetes/cds/.helmignore similarity index 100% rename from kubernetes/common/controller-blueprints/.helmignore rename to kubernetes/cds/.helmignore diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/Chart.yaml b/kubernetes/cds/Chart.yaml similarity index 85% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/Chart.yaml rename to kubernetes/cds/Chart.yaml index 9e4a05d3b8..fa430d2f78 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/Chart.yaml +++ b/kubernetes/cds/Chart.yaml @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +14,6 @@ # limitations under the License. apiVersion: v1 -description: DMaaP Data Router MariaDB Instance -name: dmaap-dr-db -version: 1.0 +description: ONAP Common Design Studio +name: cds +version: 4.0.0 diff --git a/kubernetes/cds/README.md b/kubernetes/cds/README.md new file mode 100644 index 0000000000..6619b8f2c3 --- /dev/null +++ b/kubernetes/cds/README.md @@ -0,0 +1,20 @@ +# CDS + +## Introduction + +CDS stands for Common Design Studio. It helps developping service specific +artifacts for pre instanciation and post configuration. + +Full description is on [ONAP Read the Doc](https://docs.onap.org/en/latest/submodules/ccsdk/cds.git/docs/index.html). + +Charts has an UI and blueprints processort and controllers. +Trigger to enable it is on SDNC chart has of today. + +## Requirements + +CDS needs the following ONAP projects to work: + +- AAI +- SO +- SDC +- SDNC diff --git a/kubernetes/cds/charts/blueprints-processor/Chart.yaml b/kubernetes/cds/charts/blueprints-processor/Chart.yaml new file mode 100755 index 0000000000..389097437c --- /dev/null +++ b/kubernetes/cds/charts/blueprints-processor/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright (c) 2019 IBM, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Blueprints Processor Micro Service +name: blueprints-processor +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/requirements.yaml b/kubernetes/cds/charts/blueprints-processor/requirements.yaml old mode 100644 new mode 100755 similarity index 86% rename from kubernetes/vvp/charts/vvp-em-uwsgi/requirements.yaml rename to kubernetes/cds/charts/blueprints-processor/requirements.yaml index 9f44c6df28..9f92507a99 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/requirements.yaml +++ b/kubernetes/cds/charts/blueprints-processor/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright (c) 2019 IBM, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 - repository: '@local' + version: ~4.x-0 + repository: '@local' \ No newline at end of file diff --git a/kubernetes/cds/charts/blueprints-processor/resources/config/application.properties b/kubernetes/cds/charts/blueprints-processor/resources/config/application.properties new file mode 100755 index 0000000000..c25176f971 --- /dev/null +++ b/kubernetes/cds/charts/blueprints-processor/resources/config/application.properties @@ -0,0 +1,47 @@ +# Copyright (c) 2019 IBM, Bell Canada. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Functionality config +blueprintsprocessor.grpcEnable=true +blueprintsprocessor.restconfEnabled=true +blueprintsprocessor.httpPort=8080 +blueprintsprocessor.grpcPort=9111 + +# Basic Authentication +security.user.password: {bcrypt}$2a$10$duaUzVUVW0YPQCSIbGEkQOXwafZGwQ/b32/Ys4R1iwSSawFgz7QNu +security.user.name: ccsdkapps + +# Blueprint Processor File Execution and Handling Properties +blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy +blueprintsprocessor.blueprintArchivePath=/opt/app/onap/blueprints/archive + +# Primary Database Configuration +blueprintsprocessor.db.primary.url=jdbc:mysql://cds-db:3306/sdnctl +blueprintsprocessor.db.primary.username=sdnctl +blueprintsprocessor.db.primary.password=sdnctl +blueprintsprocessor.db.primary.driverClassName=org.mariadb.jdbc.Driver +blueprintsprocessor.db.primary.hibernateHbm2ddlAuto=update +blueprintsprocessor.db.primary.hibernateDDLAuto=update +blueprintsprocessor.db.primary.hibernateNamingStrategy=org.hibernate.cfg.ImprovedNamingStrategy +blueprintsprocessor.db.primary.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialect + +# Python executor +blueprints.processor.functions.python.executor.executionPath=/opt/app/onap/scripts/jython/ccsdk_blueprints +blueprints.processor.functions.python.executor.modulePaths=/opt/app/onap/scripts/jython/ccsdk_blueprints,/opt/app/onap/scripts/jython/ccsdk_netconf + +# SDN-C's ODL Restconf Connection Details +blueprintsprocessor.restclient.sdncodl.type=basic-auth +blueprintsprocessor.restclient.sdncodl.url=http://sdnc:8282/ +blueprintsprocessor.restclient.sdncodl.username=admin +blueprintsprocessor.restclient.sdncodl.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U \ No newline at end of file diff --git a/kubernetes/common/controller-blueprints/resources/config/logback.xml b/kubernetes/cds/charts/blueprints-processor/resources/config/logback.xml old mode 100644 new mode 100755 similarity index 100% rename from kubernetes/common/controller-blueprints/resources/config/logback.xml rename to kubernetes/cds/charts/blueprints-processor/resources/config/logback.xml diff --git a/kubernetes/common/controller-blueprints/templates/configmap.yaml b/kubernetes/cds/charts/blueprints-processor/templates/configmap.yaml old mode 100644 new mode 100755 similarity index 89% rename from kubernetes/common/controller-blueprints/templates/configmap.yaml rename to kubernetes/cds/charts/blueprints-processor/templates/configmap.yaml index 1f194b6984..873acee237 --- a/kubernetes/common/controller-blueprints/templates/configmap.yaml +++ b/kubernetes/cds/charts/blueprints-processor/templates/configmap.yaml @@ -1,5 +1,4 @@ -# Copyright (c) 2018 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T, ZTE +# Copyright (c) 2019 IBM, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/cds/charts/blueprints-processor/templates/deployment.yaml b/kubernetes/cds/charts/blueprints-processor/templates/deployment.yaml new file mode 100755 index 0000000000..876f24937d --- /dev/null +++ b/kubernetes/cds/charts/blueprints-processor/templates/deployment.yaml @@ -0,0 +1,115 @@ +# Copyright (c) 2019 IBM, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - cds-db + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: APP_CONFIG_HOME + value: {{ .Values.config.appConfigDir }} + ports: + - containerPort: {{ .Values.service.http.internalPort }} + {{ if .Values.config.grpcEnabled }} + - containerPort: {{ .Values.service.grpc.internalPort }} + {{ end }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + httpGet: + path: /api/v1/execution-service/ping + port: {{ .Values.service.http.internalPort }} + httpHeaders: + - name: Authorization + value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + httpGet: + path: /api/v1/execution-service/ping + port: {{ .Values.service.http.internalPort }} + httpHeaders: + - name: Authorization + value: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: {{ .Values.config.appConfigDir }}/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + - mountPath: {{ .Values.config.appConfigDir }}/logback.xml + name: {{ include "common.fullname" . }}-config + subPath: logback.xml + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + items: + - key: application.properties + path: application.properties + - key: logback.xml + path: logback.xml + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/cds/charts/blueprints-processor/templates/service.yaml b/kubernetes/cds/charts/blueprints-processor/templates/service.yaml new file mode 100755 index 0000000000..5c8bc8cc0d --- /dev/null +++ b/kubernetes/cds/charts/blueprints-processor/templates/service.yaml @@ -0,0 +1,43 @@ +# Copyright (c) 2019 IBM, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.http.externalPort }} + targetPort: {{ .Values.service.http.internalPort }} + {{- if eq .Values.service.type "NodePort"}} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + {{- end}} + name: {{ .Values.service.http.portName | default "http" }} + - port: {{ .Values.service.grpc.externalPort }} + targetPort: {{ .Values.service.grpc.internalPort }} + {{- if eq .Values.service.type "NodePort"}} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + {{- end}} + name: {{ .Values.service.grpc.portName | default "grpc" }} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} \ No newline at end of file diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/values.yaml b/kubernetes/cds/charts/blueprints-processor/values.yaml old mode 100644 new mode 100755 similarity index 51% rename from kubernetes/vvp/charts/vvp-cms-uwsgi/values.yaml rename to kubernetes/cds/charts/blueprints-processor/values.yaml index e57b1730c3..10169d5dc7 --- a/kubernetes/vvp/charts/vvp-cms-uwsgi/values.yaml +++ b/kubernetes/cds/charts/blueprints-processor/values.yaml @@ -1,4 +1,6 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright (c) 2019 IBM, Bell Canada +# +# Modifications Copyright (c) 2019 Bell Canada. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,24 +18,39 @@ # Global configuration defaults. ################################################################# global: + # Change to an unused port prefix range to prevent port conflicts + # with other instances running within the same k8s cluster nodePortPrefix: 302 + + # image repositories repository: nexus3.onap.org:10001 + + # readiness check readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 + + # image pull policy + pullPolicy: Always + + persistence: + mountPath: /dockerdata-nfs ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/vvp/cms:1.0.0 +image: onap/ccsdk-blueprintsprocessor:0.4-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required debugEnabled: false +# application configuration +config: + appConfigDir: /opt/app/onap/config + +# default number of instances replicaCount: 1 nodeSelector: {} @@ -54,8 +71,36 @@ readiness: service: type: ClusterIP - internalPort1: 80 - internalPort2: 9000 + http: + portName: blueprints-processor-http + internalPort: 8080 + externalPort: 8080 + grpc: + portName: blueprints-processor-grpc + internalPort: 9111 + externalPort: 9111 + +persistence: + enabled: true ingress: enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/.helmignore b/kubernetes/cds/charts/controller-blueprints/.helmignore similarity index 100% rename from kubernetes/dmaap/charts/dmaap-bus-controller/.helmignore rename to kubernetes/cds/charts/controller-blueprints/.helmignore diff --git a/kubernetes/common/controller-blueprints/Chart.yaml b/kubernetes/cds/charts/controller-blueprints/Chart.yaml similarity index 97% rename from kubernetes/common/controller-blueprints/Chart.yaml rename to kubernetes/cds/charts/controller-blueprints/Chart.yaml index 28c22a37f5..5e8b3f35df 100644 --- a/kubernetes/common/controller-blueprints/Chart.yaml +++ b/kubernetes/cds/charts/controller-blueprints/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: Controller Blueprints Micro Service name: controller-blueprints -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vvp/charts/vvp-jenkins/requirements.yaml b/kubernetes/cds/charts/controller-blueprints/requirements.yaml similarity index 86% rename from kubernetes/vvp/charts/vvp-jenkins/requirements.yaml rename to kubernetes/cds/charts/controller-blueprints/requirements.yaml index 9f44c6df28..857a963ada 100644 --- a/kubernetes/vvp/charts/vvp-jenkins/requirements.yaml +++ b/kubernetes/cds/charts/controller-blueprints/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright (c) 2018 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 - repository: '@local' + version: ~4.x-0 + repository: '@local' \ No newline at end of file diff --git a/kubernetes/cds/charts/controller-blueprints/resources/config/application.properties b/kubernetes/cds/charts/controller-blueprints/resources/config/application.properties new file mode 100755 index 0000000000..80fdaf542e --- /dev/null +++ b/kubernetes/cds/charts/controller-blueprints/resources/config/application.properties @@ -0,0 +1,67 @@ +# Copyright © 2017-2018 AT&T Intellectual Property. +# Modifications Copyright © 2018 IBM. +# Modifications Copyright © 2019 Bell Canada. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Basic Authentication +basic-auth.user-name=ccsdkapps +basic-auth.hashed-pwd={bcrypt}$2a$10$MJxhNiOAffxbyrV9.rrOUewP9Q/ASg5Nit2cmP.yBaXGsVXo8BW3y + +logging.level.org.springframework.web=INFO +logging.level.org.hibernate.SQL=warn +logging.level.org.hibernate.type.descriptor.sql=debug + +# To Remove Null in JSON API Response +spring.jackson.default-property-inclusion=non_null + +# Swagger Configuration +swagger.contact.name=CCSDK team +swagger.contact.url=www.onap.org +swagger.contact.email=onap-discuss@lists.onap.org + +# DB information +spring.jpa.properties.hibernate.show_sql=true +spring.jpa.properties.hibernate.use_sql_comments=true +spring.jpa.properties.hibernate.format_sql=true +spring.datasource.url=jdbc:mysql://cds-db:3306/sdnctl +spring.datasource.username=sdnctl +spring.datasource.password=sdnctl +spring.datasource.driver-class-name=org.mariadb.jdbc.Driver +spring.jpa.show-sql=true +spring.jpa.hibernate.ddl-auto=none +spring.jpa.hibernate.naming-strategy=org.hibernate.cfg.ImprovedNamingStrategy +spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQL5InnoDBDialect + +# Load Resource Source Mappings +resourceSourceMappings=primary-db=source-primary-db,input=source-input,default=source-default,primary-config-data=source-rest,capability=source-capability + +# Controller Blueprints Core Configuration +controllerblueprints.blueprintDeployPath=/etc/blueprints/deploy +controllerblueprints.blueprintArchivePath=/etc/blueprints/archive +controllerblueprints.blueprintEnrichmentPath=/etc/blueprints/enrichment +# Controller Blueprint Load Configurations +# blueprints.load.initial-data may be overridden by ENV variables +controllerblueprints.loadInitialData={{ .Values.config.initDataLoad }} +controllerblueprints.loadBluePrint=true +controllerblueprints.loadBluePrintPaths=/opt/app/onap/model-catalog/blueprint-model/service-blueprint +controllerblueprints.loadModelType=true +controllerblueprints.loadModeTypePaths=/opt/app/onap/model-catalog/definition-type/starter-type +controllerblueprints.loadResourceDictionary=true +controllerblueprints.loadResourceDictionaryPaths=/opt/app/onap/model-catalog/resource-dictionary/starter-dictionary + +# CBA file extension +controllerblueprints.loadCbaExtension=zip + +# Web server config +server.port=8080 \ No newline at end of file diff --git a/kubernetes/cds/charts/controller-blueprints/resources/config/logback.xml b/kubernetes/cds/charts/controller-blueprints/resources/config/logback.xml new file mode 100644 index 0000000000..b73db7145f --- /dev/null +++ b/kubernetes/cds/charts/controller-blueprints/resources/config/logback.xml @@ -0,0 +1,44 @@ + + + + + + + + + + + + + + ${defaultPattern} + + + + + + + + + + + + + + + diff --git a/kubernetes/cds/charts/controller-blueprints/templates/configmap.yaml b/kubernetes/cds/charts/controller-blueprints/templates/configmap.yaml new file mode 100644 index 0000000000..a8489681df --- /dev/null +++ b/kubernetes/cds/charts/controller-blueprints/templates/configmap.yaml @@ -0,0 +1,27 @@ +# Copyright (c) 2018 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T, ZTE +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/common/controller-blueprints/templates/deployment.yaml b/kubernetes/cds/charts/controller-blueprints/templates/deployment.yaml old mode 100644 new mode 100755 similarity index 75% rename from kubernetes/common/controller-blueprints/templates/deployment.yaml rename to kubernetes/cds/charts/controller-blueprints/templates/deployment.yaml index 15ed32fbd2..4cd2e18090 --- a/kubernetes/common/controller-blueprints/templates/deployment.yaml +++ b/kubernetes/cds/charts/controller-blueprints/templates/deployment.yaml @@ -1,5 +1,7 @@ # Copyright (c) 2018 Amdocs, Bell Canada # +# Modifications Copyright (c) 2019 IBM, Bell Canada +# # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -35,7 +37,7 @@ spec: - /root/ready.py args: - --container-name - - {{ index .Values "mariadb-galera" "nameOverride" }} + - cds-db env: - name: NAMESPACE valueFrom: @@ -49,6 +51,9 @@ spec: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: APP_CONFIG_HOME + value: {{ .Values.config.appConfigDir }} ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -65,38 +70,6 @@ spec: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: APPLICATIONNAME - value: {{ .Values.config.applicationName }} - - name: BUNDLEVERSION - value: {{ .Values.config.bundleVersion }} - - name: APP_CONFIG_HOME - value: {{ .Values.config.appConfigDir }} - - name: DB_URL - value: {{ .Values.config.dbUrl }} - - name: DB_USER - value: {{ index .Values "mariadb-galera" "config" "userName" }} - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: db-root-password - - name: MS_USER - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: restUser - - name: MS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }} - key: restPassword - - name: INIT_DATA_LOAD - value: {{ .Values.config.initDataLoad | quote }} - - name: STICKYSELECTORKEY - value: {{ .Values.config.stickySelectorKey | quote }} - - name: ENVCONTEXT - value: {{ .Values.config.envContext }} volumeMounts: - mountPath: /etc/localtime name: localtime @@ -117,7 +90,6 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} - volumes: - name: localtime hostPath: diff --git a/kubernetes/cds/charts/controller-blueprints/templates/service.yaml b/kubernetes/cds/charts/controller-blueprints/templates/service.yaml new file mode 100755 index 0000000000..e0a66d2483 --- /dev/null +++ b/kubernetes/cds/charts/controller-blueprints/templates/service.yaml @@ -0,0 +1,50 @@ +# Copyright (c) 2018 Amdocs, Bell Canada +# +# Modifications Copyright (c) 2019 IBM, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +# Example MSB registration annotation +# msb.onap.org/service-info: '[ +# { +# "serviceName": "controller-blueprints", +# "version": "v1", +# "url": "/ecomp/mso/infra", +# "protocol": "REST" +# "port": "8080", +# "visualRange":"1" +# } +# ]' +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- if eq .Values.service.type "NodePort"}} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + {{- end}} + name: {{ .Values.service.portName | default "http" }} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} \ No newline at end of file diff --git a/kubernetes/common/controller-blueprints/values.yaml b/kubernetes/cds/charts/controller-blueprints/values.yaml old mode 100644 new mode 100755 similarity index 82% rename from kubernetes/common/controller-blueprints/values.yaml rename to kubernetes/cds/charts/controller-blueprints/values.yaml index bcca317dee..246aae482b --- a/kubernetes/common/controller-blueprints/values.yaml +++ b/kubernetes/cds/charts/controller-blueprints/values.yaml @@ -38,7 +38,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/ccsdk-controllerblueprints:0.3.2 +image: onap/ccsdk-controllerblueprints:0.4-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required @@ -46,30 +46,8 @@ debugEnabled: false # application configuration config: - applicationName: ControllerBluePrints - bundleVersion: 1.0.0 appConfigDir: /opt/app/onap/config - dbUrl: jdbc:mysql://controller-blueprints-db:3306/sdnctl initDataLoad: true - stickySelectorKey: - envContext: DEV - restUser: ccsdkapps - restPassword: ccsdkapps - -mariadb-galera: - config: - userName: sdnctl - userPassword: sdnctl - mariadbRootPassword: sdnctl - mysqlDatabase: sdnctl - nameOverride: controller-blueprints-db - service: - name: controller-blueprints-db - portName: cb-db - replicaCount: 1 - persistence: - enabled: true - mountSubPath: controller-blueprints/data # default number of instances replicaCount: 1 diff --git a/kubernetes/common/controller-blueprints/requirements.yaml b/kubernetes/cds/requirements.yaml similarity index 78% rename from kubernetes/common/controller-blueprints/requirements.yaml rename to kubernetes/cds/requirements.yaml index 8daa93e63b..51a4e3f9a1 100644 --- a/kubernetes/common/controller-blueprints/requirements.yaml +++ b/kubernetes/cds/requirements.yaml @@ -1,4 +1,5 @@ -# Copyright (c) 2018 Amdocs, Bell Canada +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,9 +14,9 @@ # limitations under the License. dependencies: - - name: mariadb-galera - version: ~3.0.0 - repository: file://../mariadb-galera/ - name: common - version: ~3.0.0 + version: ~4.x-0 + repository: '@local' + - name: mariadb-galera + version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/deployment.yaml b/kubernetes/cds/templates/deployment.yaml similarity index 57% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/deployment.yaml rename to kubernetes/cds/templates/deployment.yaml index bf544916ef..134e6b7443 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/deployment.yaml +++ b/kubernetes/cds/templates/deployment.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 Orange +# Modifications Copyright © 2018 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -29,53 +30,35 @@ spec: labels: app: {{ include "common.name" . }} release: {{ .Release.Name }} + name: {{ include "common.fullname" . }} spec: containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - - containerPort: {{.Values.global.config.mariadb.internalPort}} + - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - args: - - --lower-case-table-names=1 - - --wait_timeout=28800 + {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{.Values.global.config.mariadb.internalPort}} + port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} + {{ end }} + env: + - name: HOST + value: 0.0.0.0 readinessProbe: tcpSocket: - port: {{.Values.global.config.mariadb.internalPort}} + port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-root-password - - name: MYSQL_USER - value: {{.Values.global.config.mariadb.userName}} - - name: MYSQL_DATABASE - value: {{.Values.global.config.mariadb.mysqlDatabase}} - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-user-password volumeMounts: - - mountPath: /docker-entrypoint-initdb.d/sql_init_01.sql - name: docker-entrypoint-initdb - subPath: sql_init_01.sql - - mountPath: /etc/mysql/conf.d - name: mariadb-conf - - mountPath: /var/lib/mysql - name: mariadb-data + - mountPath: /etc/localtime + name: localtime + readOnly: true resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -86,22 +69,31 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + # side car containers + # - name: filebeat-onap + # image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + # imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + # volumeMounts: + # - mountPath: /usr/share/filebeat/filebeat.yml + # name: filebeat-conf + # subPath: filebeat.yml + # - mountPath: /home/esr/works/logs + # name: esr-server-logs + # - mountPath: /usr/share/filebeat/data + # name: esr-server-filebeat volumes: - name: localtime hostPath: path: /etc/localtime - - name: docker-entrypoint-initdb - configMap: - name: {{ include "common.fullname" . }}-mdb-initd-configmap - - name: mariadb-conf - configMap: - name: {{ include "common.fullname" . }}-mdb-configmap - - name: mariadb-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} + # - name: filebeat-conf + # configMap: + # name: {{ include "common.fullname" . }}-esr-filebeat + # - name: esr-server-logs + # emptyDir: {} + # - name: esr-server-filebeat + # emptyDir: {} + # - name: esrserver-log + # configMap: + # name: {{ include "common.fullname" . }}-esr-esrserver-log imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/cds/templates/service.yaml b/kubernetes/cds/templates/service.yaml new file mode 100644 index 0000000000..f8e91120eb --- /dev/null +++ b/kubernetes/cds/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright © 2017 Amdocs, Bell Canada, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }}-{{ .Values.service.internalPort }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/values.yaml b/kubernetes/cds/values.yaml similarity index 54% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/values.yaml rename to kubernetes/cds/values.yaml index 03a46acdc6..06b7cd1211 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/values.yaml +++ b/kubernetes/cds/values.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 Orange +# Modifications Copyright © 2018 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,21 +13,41 @@ # See the License for the specific language governing permissions and # limitations under the License. -# Default values for mariadb. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults - persistence: {} +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 303 + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +subChartsOnly: + enabled: true # application image repository: nexus3.onap.org:10001 -image: mariadb:10.2.14 +image: onap/ccsdk-cds-ui:1.0.0-STAGING-latest pullPolicy: Always -# application configuration - see parent values chart +# application configuration +config: -# flag to enable debugging - application support required -debugEnabled: false +mariadb-galera: + config: + userName: sdnctl + userPassword: sdnctl + mariadbRootPassword: sdnctl + mysqlDatabase: sdnctl + nameOverride: cds-db + service: + name: cds-db + portName: cds-db + replicaCount: 1 + persistence: + enabled: true + mountSubPath: cds/data # default number of instances replicaCount: 1 @@ -37,6 +58,9 @@ affinity: {} # probe configuration parameters liveness: + httpGet: + path: / + port: 3000 initialDelaySeconds: 30 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints @@ -44,37 +68,37 @@ liveness: enabled: true readiness: + httpGet: + path: /ping + port: 3000 initialDelaySeconds: 30 periodSeconds: 10 -## Persist data to a persitent volume -persistence: - enabled: true - volumeReclaimPolicy: Retain - accessMode: ReadWriteMany - size: 1Gi - mountPath: /dockerdata-nfs - mountSubPath: dmaap/dr-db/data +service: + type: NodePort + portName: ui + name: cds + nodePort: 97 + internalPort: 3000 ingress: enabled: false - # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) resources: small: limits: - cpu: 2000m - memory: 4Gi - requests: - cpu: 500m + cpu: 1 memory: 1Gi + requests: + cpu: 10m + memory: 100Mi large: limits: - cpu: 4000m - memory: 8Gi - requests: - cpu: 1000m + cpu: 2 memory: 2Gi + requests: + cpu: 200m + memory: 200Mi unlimited: {} diff --git a/kubernetes/clamp/Chart.yaml b/kubernetes/clamp/Chart.yaml index 226dc5c29a..dc04da7d43 100644 --- a/kubernetes/clamp/Chart.yaml +++ b/kubernetes/clamp/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Clamp name: clamp -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/clamp/charts/clamp-dash-es/Chart.yaml b/kubernetes/clamp/charts/clamp-dash-es/Chart.yaml index dda3835bda..23367ab5f8 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/Chart.yaml +++ b/kubernetes/clamp/charts/clamp-dash-es/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Clamp Dashboard Elasticsearch name: clamp-dash-es -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/clamp/charts/clamp-dash-es/requirements.yaml b/kubernetes/clamp/charts/clamp-dash-es/requirements.yaml index 897df32ce0..0ba9e4746c 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/requirements.yaml +++ b/kubernetes/clamp/charts/clamp-dash-es/requirements.yaml @@ -15,5 +15,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/clamp/charts/clamp-dash-es/values.yaml b/kubernetes/clamp/charts/clamp-dash-es/values.yaml index 43920b3d65..f25e40bf2a 100644 --- a/kubernetes/clamp/charts/clamp-dash-es/values.yaml +++ b/kubernetes/clamp/charts/clamp-dash-es/values.yaml @@ -32,7 +32,7 @@ busyboxImage: library/busybox:latest # application image loggingRepository: docker.elastic.co -image: elasticsearch/elasticsearch-oss:6.1.3 +image: elasticsearch/elasticsearch-oss:6.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/Chart.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/Chart.yaml index a950743cb3..0a00ba0626 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/Chart.yaml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Clamp Dashboard Kibana name: clamp-dash-kibana -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/requirements.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/requirements.yaml index 897df32ce0..0ba9e4746c 100644 --- a/kubernetes/clamp/charts/clamp-dash-kibana/requirements.yaml +++ b/kubernetes/clamp/charts/clamp-dash-kibana/requirements.yaml @@ -15,5 +15,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/Chart.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/Chart.yaml index d557d559d3..4c7c84d0bf 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/Chart.yaml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Clamp Dashboard Logstash name: clamp-dash-logstash -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/requirements.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/requirements.yaml index 897df32ce0..0ba9e4746c 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/requirements.yaml +++ b/kubernetes/clamp/charts/clamp-dash-logstash/requirements.yaml @@ -15,5 +15,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf b/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf index 317b428c77..b4b5071ba5 100644 --- a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf +++ b/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf @@ -57,13 +57,13 @@ filter { drop { } } - if [http_request_failure] or [@metadata][code] != "200" { + if [http_request_failure] or [@metadata][code] != 200 { mutate { add_tag => [ "error" ] } } - if "dmaap_source" in [tags] { + if "dmaap_source" in [@metadata][request][tags] { # # Dmaap provides a json list, whose items are Strings containing the event # provided to Dmaap, which itself is an escaped json. @@ -76,14 +76,7 @@ filter { source => "[message]" target => "message" } - ruby { - code => " - for ev in event.get('message', []) - ev.set('@metadata', event.get('@metadata')) - end - " - } - + split { field => "message" } @@ -194,7 +187,7 @@ filter { } - if "error" not in [tags] { + if "error" not in [@metadata][request][tags]{ # # Creating data for a secondary index # @@ -203,7 +196,7 @@ filter { add_tag => [ "event-cl-aggs" ] } - if "event-cl-aggs" in [tags] { + if "event-cl-aggs" in [@metadata][request][tags]{ # # we only need a few fields for aggregations; remove all fields from clone except : # vmName,vnfName,vnfType,requestID,closedLoopAlarmStart, closedLoopControlName,closedLoopAlarmEnd,abated,nbrDmaapevents,finalFailure diff --git a/kubernetes/clamp/charts/mariadb/Chart.yaml b/kubernetes/clamp/charts/mariadb/Chart.yaml index 9f1c8adc68..74183611f3 100644 --- a/kubernetes/clamp/charts/mariadb/Chart.yaml +++ b/kubernetes/clamp/charts/mariadb/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: MariaDB Service name: mariadb -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/clamp/requirements.yaml b/kubernetes/clamp/requirements.yaml index e57547871c..68a7d9ec14 100644 --- a/kubernetes/clamp/requirements.yaml +++ b/kubernetes/clamp/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml b/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml index 0c1f3bccb2..dab2e44f5e 100644 --- a/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml +++ b/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml @@ -16,15 +16,14 @@ filebeat.prospectors: - input_type: log #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. paths: - - /var/log/ONAP/*/*/*/*.log - - /var/log/ONAP/*/*/*.log - - /var/log/ONAP/*/*.log + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive ignore_older: 48h # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit clean_inactive: 96h - # Name of the registry file. If a relative path is used, it is considered relative to the # data path. Else full qualified file name. #filebeat.registry_file: ${path.data}/registry diff --git a/kubernetes/cli/Chart.yaml b/kubernetes/cli/Chart.yaml index 74df6ed3e5..d3a1927fe8 100644 --- a/kubernetes/cli/Chart.yaml +++ b/kubernetes/cli/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Command Line Interface name: cli -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/cli/requirements.yaml b/kubernetes/cli/requirements.yaml index f3e793cfbb..9996777c42 100644 --- a/kubernetes/cli/requirements.yaml +++ b/kubernetes/cli/requirements.yaml @@ -14,7 +14,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/common/cassandra/Chart.yaml b/kubernetes/common/cassandra/Chart.yaml index 98f8ce0fa0..25cfebf98a 100644 --- a/kubernetes/common/cassandra/Chart.yaml +++ b/kubernetes/common/cassandra/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP cassandra name: cassandra -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/common/cassandra/requirements.yaml b/kubernetes/common/cassandra/requirements.yaml index 542342f5d2..645b41bae9 100644 --- a/kubernetes/common/cassandra/requirements.yaml +++ b/kubernetes/common/cassandra/requirements.yaml @@ -15,5 +15,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/common/cassandra/templates/configmap.yaml b/kubernetes/common/cassandra/templates/configmap.yaml new file mode 100644 index 0000000000..a9420d7e5b --- /dev/null +++ b/kubernetes/common/cassandra/templates/configmap.yaml @@ -0,0 +1,15 @@ +{{- if .Values.configOverrides }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configOverrides + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ toYaml .Values.configOverrides | indent 2 }} +{{- end }} + diff --git a/kubernetes/common/cassandra/templates/volumes.yaml b/kubernetes/common/cassandra/templates/pv.yaml similarity index 96% rename from kubernetes/common/cassandra/templates/volumes.yaml rename to kubernetes/common/cassandra/templates/pv.yaml index 9640aef7e3..06f41e7683 100644 --- a/kubernetes/common/cassandra/templates/volumes.yaml +++ b/kubernetes/common/cassandra/templates/pv.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -#{{ if .Values.persistence.enabled }} +{{ if .Values.persistence.enabled }} {{- $root := . -}} {{ range $i, $e := until (int $root.Values.replicaCount) }} --- @@ -36,4 +36,4 @@ spec: path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }} persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }} {{ end }} -#{{ end }} +{{ end }} diff --git a/kubernetes/common/cassandra/templates/service.yaml b/kubernetes/common/cassandra/templates/service.yaml index 467a6a9d44..cda519115d 100644 --- a/kubernetes/common/cassandra/templates/service.yaml +++ b/kubernetes/common/cassandra/templates/service.yaml @@ -22,48 +22,28 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} + annotations: + service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" spec: type: {{ .Values.service.type }} + publishNotReadyAddresses: true ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName }}2 - - port: {{ .Values.service.externalPort3 }} - targetPort: {{ .Values.service.internalPort3 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} - name: {{ .Values.service.portName }}3 - - port: {{ .Values.service.externalPort4 }} - targetPort: {{ .Values.service.internalPort4 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} - name: {{ .Values.service.portName }}4 - - port: {{ .Values.service.externalPort5 }} - targetPort: {{ .Values.service.internalPort5 }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort5 }} - name: {{ .Values.service.portName }}5 - - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName }}2 - - port: {{ .Values.service.externalPort3 }} - targetPort: {{ .Values.service.internalPort3 }} - name: {{ .Values.service.portName }}3 - - port: {{ .Values.service.externalPort4 }} - targetPort: {{ .Values.service.internalPort4 }} - name: {{ .Values.service.portName }}4 - - port: {{ .Values.service.externalPort5 }} - targetPort: {{ .Values.service.internalPort5 }} - name: {{ .Values.service.portName }}5 - {{- end}} + {{if eq .Values.service.type "NodePort" -}} + {{- $global := . }} + {{- range $index, $ports := .Values.service.ports }} + - port: {{ $ports.port }} + targetPort: {{ $ports.port }} + nodePort: {{ $global.Values.global.nodePortPrefix | default $global.Values.nodePortPrefix }}{{ $ports.nodePort }} + name: {{ $ports.name }} + {{- end }} +{{- else -}} + {{- range $index, $ports := .Values.service.ports }} + - port: {{ $ports.port }} + targetPort: {{ $ports.port }} + name: {{ $ports.name }} + {{- end }} +{{- end}} selector: app: {{ include "common.name" . }} release: {{ .Release.Name }} + clusterIP: None diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml index 960d97ed52..a0b6b5f738 100644 --- a/kubernetes/common/cassandra/templates/statefulset.yaml +++ b/kubernetes/common/cassandra/templates/statefulset.yaml @@ -23,6 +23,10 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} serviceName: {{ include "common.servicename" . }} replicas: {{ .Values.replicaCount }} podManagementPolicy: {{ .Values.podManagementPolicy }} @@ -35,24 +39,26 @@ spec: release: {{ .Release.Name }} name: {{ include "common.name" . }} spec: + hostNetwork: {{ .Values.hostNetwork }} containers: - name: {{ include "common.name" . }} image: {{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} - - containerPort: {{ .Values.service.internalPort3 }} - - containerPort: {{ .Values.service.internalPort4 }} - - containerPort: {{ .Values.service.internalPort5 }} + {{- range $index, $ports := .Values.service.ports }} + - containerPort: {{ $ports.port }} + {{- end }} volumeMounts: - - name: {{ .Values.service.name }} + - name: cassandra-data mountPath: /var/lib/cassandra - {{ if eq .Values.configmapping true }} - - name: {{ .Values.service.name }}-docker-entry-initd - mountPath: /{{ .Values.service.name }}-docker-entrypoint-initdb.d/cassandra.cql - subPath: cassandra.cql - {{ end }} + - name: localtime + mountPath: /etc/localtime + readOnly: true + {{- range $key, $value := .Values.configOverrides }} + - name: cassandra-config-{{ $key | replace "." "-" }} + mountPath: /etc/cassandra/{{ $key }} + subPath: {{ $key }} + {{- end }} {{- if eq .Values.liveness.enabled true }} livenessProbe: exec: @@ -62,6 +68,9 @@ spec: - nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }' initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + successThreshold: {{ .Values.liveness.successThreshold }} + failureThreshold: {{ .Values.liveness.failureThreshold }} {{ end -}} readinessProbe: exec: @@ -70,10 +79,19 @@ spec: - -c - nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }' initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - timeoutSeconds: {{ .Values.liveness.periodSeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} + successThreshold: {{ .Values.readiness.successThreshold }} + failureThreshold: {{ .Values.readiness.failureThreshold }} env: - {{- $seed_size := default 1 .Values.replicaCount | int -}} - {{- $global := . }} + {{- $seed_size := default 1 .Values.replicaCount | int -}} + {{- $global := . }} + - name: CASSANDRA_SEEDS + {{- if .Values.hostNetwork }} + value: {{ required "You must fill \".Values.config.seeds\" with list of Cassandra seeds when hostNetwork is set to true" .Values.config.seeds | quote }} + {{- else }} + value: "{{- range $i, $e := until $seed_size }}{{ template "common.fullname" $global }}-{{ $i }}.{{ template "common.servicename" $global }}.{{ $global.Release.Namespace }}.svc.{{ $global.Values.config.cluster_domain }}{{- if (lt ( add1 $i ) $seed_size ) }},{{- end }}{{- end }}" + {{- end }} - name: MAX_HEAP_SIZE value: {{ .Values.config.heap.max }} - name: HEAP_NEWSIZE @@ -88,22 +106,22 @@ spec: value: {{ .Values.config.rackName | quote }} - name: CASSANDRA_AUTO_BOOTSTRAP value: {{ .Values.config.autoBootstrap | quote }} + - name: CASSANDRA_START_RPC + value: {{ default "true" .Values.config.start_rpc | quote }} + - name: CASSANDRA_ENDPOINT_SNITCH + value: {{ default "GossipingPropertyFileSnitch" .Values.config.endpoint_snitch | quote }} - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP - {{ if eq .Values.configmapping true }} lifecycle: - postStart: + preStop: exec: - command: - - /bin/sh - - -c - - > - /bin/sleep {{ .Values.readiness.initialDelaySeconds }}; - cd /{{ .Values.service.name }}-docker-entrypoint-initdb.d; - cqlsh -u root -p root -f cassandra.cql - {{ end }} + {{- if not .Values.persistence.enabled }} + command: ["/bin/sh", "-c", "exec nodetool decommission"] + {{- else }} + command: ["/bin/sh", "-c", "PID=$(pidof java) && kill $PID && while ps -p $PID > /dev/null; do sleep 1; done"] + {{- end }} resources: {{ toYaml .Values.resources | indent 10 }} {{- if .Values.nodeSelector }} @@ -118,21 +136,20 @@ spec: - name: localtime hostPath: path: /etc/localtime - {{ if eq .Values.configmapping true }} - - name: {{ .Values.service.name }}-docker-entry-initd + {{- range $key, $value := .Values.configOverrides }} + - name: cassandra-config-{{ $key | replace "." "-" }} configMap: - name: {{ .Values.service.name }}-docker-entry-initd - {{ end }} + name: {{ include "common.fullname" . }}-configOverrides + {{- end }} {{- if not .Values.persistence.enabled }} - - name: {{ .Values.service.name }} + - name: cassandra-data emptyDir: {} {{- else }} volumeClaimTemplates: - metadata: - name: {{ .Values.service.name }} + name: cassandra-data labels: app: {{ template "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" annotations: diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml index 375d7ae8dd..51e82f306e 100644 --- a/kubernetes/common/cassandra/values.yaml +++ b/kubernetes/common/cassandra/values.yaml @@ -27,14 +27,9 @@ pullPolicy: Always # flag to enable debugging - application support required debugEnabled: false -# configmapping detail whether it exist locally or not -# by default it is false, if you wanna configure it then mention -# locally TRUE value in local values.yaml. - -configmapping: false - # application configuration config: + cluster_domain: cluster.local heap: max: 512M min: 100M @@ -43,11 +38,13 @@ config: dataCenter: Pod rackName: Rack autoBootstrap: true - cassandraUsername: root - cassandraPassword: root + # If hostNetwork is true then provide the comma separated list of seeds. + #seeds:seed1,seed2 # default number of instances -replicaCount: 1 +replicaCount: 3 + +hostNetwork: false nodeSelector: {} @@ -57,6 +54,9 @@ affinity: {} liveness: initialDelaySeconds: 60 periodSeconds: 10 + timeoutSeconds: 3 + successThreshold: 1 + failureThreshold: 3 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true @@ -64,25 +64,30 @@ liveness: readiness: initialDelaySeconds: 60 periodSeconds: 10 + timeoutSeconds: 3 + successThreshold: 1 + failureThreshold: 3 service: type: ClusterIP name: cassandra - portName: cassandra - externalPort: 9160 - internalPort: 9160 - externalPort2: 7000 - internalPort2: 7000 - externalPort3: 7001 - internalPort3: 7001 - externalPort4: 7199 - internalPort4: 7199 - externalPort5: 9042 - internalPort5: 9042 + ports: + - name: intra + port: 7000 + - name: tls + port: 7001 + - name: jmx + port: 7199 + - name: cql + port: 9042 + - name: thrift + port: 9160 + - name: agent + port: 61621 podManagementPolicy: OrderedReady updateStrategy: - type: OnDelete + type: RollingUpdate ingress: enabled: false @@ -111,6 +116,7 @@ persistence: storageType: local storageClass: "" +configOverrides: {} resources: {} # We usually recommend not to specify default resources and to leave this as a conscious diff --git a/kubernetes/common/common/Chart.yaml b/kubernetes/common/common/Chart.yaml index fbaaa77d7f..201b0d582f 100644 --- a/kubernetes/common/common/Chart.yaml +++ b/kubernetes/common/common/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: Common templates for inclusion in other charts name: common -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/common/controller-blueprints/resources/config/application.properties b/kubernetes/common/controller-blueprints/resources/config/application.properties deleted file mode 100644 index 48678fcef8..0000000000 --- a/kubernetes/common/controller-blueprints/resources/config/application.properties +++ /dev/null @@ -1,61 +0,0 @@ -# -# Copyright (c) 2017-2018 AT&T Intellectual Property. -# Modifications Copyright (c) 2018 IBM. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -appName=ControllerBluePrints -ms_name=org.onap.ccsdk.apps.controllerblueprints -appVersion=1.0.0 - -# Basic Authentication -basic-auth.user-name=ccsdkapps -basic-auth.hashed-pwd=$2a$10$MJxhNiOAffxbyrV9.rrOUewP9Q/ASg5Nit2cmP.yBaXGsVXo8BW3y - -logging.level.org.springframework.web=INFO -logging.level.org.hibernate.SQL=warn -logging.level.org.hibernate.type.descriptor.sql=debug - -#To Remove Null in JSON API Response -spring.jackson.default-property-inclusion=non_null - -#Swagger Configuration -swagger.contact.name=CCSDK team -swagger.contact.url=www.onap.org -swagger.contact.email=onap-discuss@lists.onap.org - -spring.jpa.properties.hibernate.show_sql=true -spring.jpa.properties.hibernate.use_sql_comments=true -spring.jpa.properties.hibernate.format_sql=true - -# spring.datasource.url, spring.datasource.username,spring.datasource.password may be overridden by ENV variables -spring.datasource.url=jdbc:mysql://controller-blueprints-db:3306/sdnctl -spring.datasource.username=sdnctl -spring.datasource.password=sdnctl -spring.datasource.driver-class-name=org.mariadb.jdbc.Driver -spring.jpa.show-sql = true -spring.jpa.hibernate.ddl-auto = none -spring.jpa.hibernate.naming-strategy = org.hibernate.cfg.ImprovedNamingStrategy -spring.jpa.properties.hibernate.dialect = org.hibernate.dialect.MySQL5Dialect - -#Load Blueprints -# blueprints.load.initial-data may be overridden by ENV variables -blueprints.load.initial-data=true -load.dataTypePath=load/model_type/data_type -load.nodeTypePath=load/model_type/node_type -load.artifactTypePath=load/model_type/artifact_type -load.resourceDictionaryPath=load/resource_dictionary -load.blueprintsPath=load/blueprints - -# Load Resource Source Mappings -resourceSourceMappings=db=source-db,input=source-input,default=source-default,mdsal=source-rest diff --git a/kubernetes/common/controller-blueprints/templates/secrets.yaml b/kubernetes/common/controller-blueprints/templates/secrets.yaml deleted file mode 100644 index b4ab161809..0000000000 --- a/kubernetes/common/controller-blueprints/templates/secrets.yaml +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright (c) 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: - db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }} - restUser: {{ .Values.config.restUser | b64enc | quote }} - restPassword: {{ .Values.config.restPassword | b64enc | quote }} diff --git a/kubernetes/common/dgbuilder/Chart.yaml b/kubernetes/common/dgbuilder/Chart.yaml index 55c61c543b..edcd2e9794 100644 --- a/kubernetes/common/dgbuilder/Chart.yaml +++ b/kubernetes/common/dgbuilder/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: D.G. Builder application name: dgbuilder -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/common/dgbuilder/requirements.yaml b/kubernetes/common/dgbuilder/requirements.yaml index a0fc24965f..4a81e88a6f 100644 --- a/kubernetes/common/dgbuilder/requirements.yaml +++ b/kubernetes/common/dgbuilder/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/common/dgbuilder/templates/configmap.yaml b/kubernetes/common/dgbuilder/templates/configmap.yaml index 0aa7a3fc18..cef11f499b 100644 --- a/kubernetes/common/dgbuilder/templates/configmap.yaml +++ b/kubernetes/common/dgbuilder/templates/configmap.yaml @@ -17,6 +17,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-config namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} --- @@ -25,5 +30,10 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-scripts namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/scripts/*").AsConfig . | indent 2 }} diff --git a/kubernetes/common/mariadb-galera/Chart.yaml b/kubernetes/common/mariadb-galera/Chart.yaml index 1121a88345..64ba32dbcc 100644 --- a/kubernetes/common/mariadb-galera/Chart.yaml +++ b/kubernetes/common/mariadb-galera/Chart.yaml @@ -15,7 +15,7 @@ apiVersion: v1 description: Chart for MariaDB Galera cluster name: mariadb-galera -version: 3.0.0 +version: 4.0.0 keywords: - mariadb - mysql diff --git a/kubernetes/common/mariadb-galera/requirements.yaml b/kubernetes/common/mariadb-galera/requirements.yaml index c6e7a39b0c..f01f533591 100644 --- a/kubernetes/common/mariadb-galera/requirements.yaml +++ b/kubernetes/common/mariadb-galera/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: 'file://../common' \ No newline at end of file diff --git a/kubernetes/common/mariadb-galera/templates/configmap.yaml b/kubernetes/common/mariadb-galera/templates/configmap.yaml index 4f99da1692..9c9a248f35 100644 --- a/kubernetes/common/mariadb-galera/templates/configmap.yaml +++ b/kubernetes/common/mariadb-galera/templates/configmap.yaml @@ -17,6 +17,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-confd namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }} --- @@ -26,6 +31,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-external-config namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: my_extra.cnf: | {{ .Values.externalConfig | indent 4 }} diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml index 7ca207f7e9..601057ff6f 100644 --- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml +++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml @@ -29,6 +29,9 @@ spec: metadata: labels: app: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" annotations: pod.alpha.kubernetes.io/initialized: "true" spec: @@ -119,6 +122,9 @@ spec: name: {{ include "common.fullname" . }}-data labels: name: {{ include "common.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" spec: accessModes: - {{ .Values.persistence.accessMode | quote }} diff --git a/kubernetes/common/mongo/Chart.yaml b/kubernetes/common/mongo/Chart.yaml index be35133db3..98c9cf8df0 100644 --- a/kubernetes/common/mongo/Chart.yaml +++ b/kubernetes/common/mongo/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: MongoDB Server name: mongo -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/common/mongo/requirements.yaml b/kubernetes/common/mongo/requirements.yaml index 9f23fac6f8..71fbbc5ce9 100644 --- a/kubernetes/common/mongo/requirements.yaml +++ b/kubernetes/common/mongo/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/common/music/Chart.yaml b/kubernetes/common/music/Chart.yaml index 680216389a..3b08fb02cd 100644 --- a/kubernetes/common/music/Chart.yaml +++ b/kubernetes/common/music/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: MUSIC - Multi-site State Coordination Service name: music -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/common/music/charts/music-cassandra-job/Chart.yaml b/kubernetes/common/music/charts/music-cassandra-job/Chart.yaml index fd421764fa..1cf5470f25 100644 --- a/kubernetes/common/music/charts/music-cassandra-job/Chart.yaml +++ b/kubernetes/common/music/charts/music-cassandra-job/Chart.yaml @@ -15,5 +15,5 @@ apiVersion: v1 description: Cassandra Job - Run CQL Scripts after Cassandra Starts. name: music-cassandra-job -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/common/music/charts/music-cassandra/Chart.yaml b/kubernetes/common/music/charts/music-cassandra/Chart.yaml index 7aae51ac98..da15d33d7f 100644 --- a/kubernetes/common/music/charts/music-cassandra/Chart.yaml +++ b/kubernetes/common/music/charts/music-cassandra/Chart.yaml @@ -15,5 +15,5 @@ apiVersion: v1 description: ONAP - Cassandra Database name: music-cassandra -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/common/music/charts/music-cassandra/requirements.yaml b/kubernetes/common/music/charts/music-cassandra/requirements.yaml index a22007c38a..cee64a54ac 100644 --- a/kubernetes/common/music/charts/music-cassandra/requirements.yaml +++ b/kubernetes/common/music/charts/music-cassandra/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml index cdea9e3da2..449949992f 100644 --- a/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml +++ b/kubernetes/common/music/charts/music-cassandra/templates/statefulset.yaml @@ -137,3 +137,5 @@ spec: app: {{ include "common.name" . }} release: "{{ .Release.Name }}" {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/common/music/charts/music-tomcat/Chart.yaml b/kubernetes/common/music/charts/music-tomcat/Chart.yaml index d0fdc6088c..ef9e966327 100755 --- a/kubernetes/common/music/charts/music-tomcat/Chart.yaml +++ b/kubernetes/common/music/charts/music-tomcat/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP - MUSIC Tomcat Container name: music-tomcat -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/common/music/charts/music-tomcat/requirements.yaml b/kubernetes/common/music/charts/music-tomcat/requirements.yaml index 28352e407c..8b30624577 100755 --- a/kubernetes/common/music/charts/music-tomcat/requirements.yaml +++ b/kubernetes/common/music/charts/music-tomcat/requirements.yaml @@ -15,5 +15,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/common/music/requirements.yaml b/kubernetes/common/music/requirements.yaml index 220dc4619b..fae2fe2fe7 100644 --- a/kubernetes/common/music/requirements.yaml +++ b/kubernetes/common/music/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/common/mysql/Chart.yaml b/kubernetes/common/mysql/Chart.yaml index b110dc9c70..1ff737d9bd 100644 --- a/kubernetes/common/mysql/Chart.yaml +++ b/kubernetes/common/mysql/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: MySQL Server name: mysql -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/common/mysql/requirements.yaml b/kubernetes/common/mysql/requirements.yaml index 9f23fac6f8..71fbbc5ce9 100644 --- a/kubernetes/common/mysql/requirements.yaml +++ b/kubernetes/common/mysql/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/common/mysql/templates/configmap.yaml b/kubernetes/common/mysql/templates/configmap.yaml index d8c29fb551..65ac5f2d1e 100644 --- a/kubernetes/common/mysql/templates/configmap.yaml +++ b/kubernetes/common/mysql/templates/configmap.yaml @@ -19,6 +19,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-db-configmap namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: master.cnf: | # Apply this config only on the master. diff --git a/kubernetes/common/mysql/templates/service.yaml b/kubernetes/common/mysql/templates/service.yaml index dc63e31029..e1771c6054 100644 --- a/kubernetes/common/mysql/templates/service.yaml +++ b/kubernetes/common/mysql/templates/service.yaml @@ -41,6 +41,9 @@ metadata: namespace: {{ include "common.namespace" . }} labels: app: {{ .Values.nfsprovisionerPrefix }}-nfs-provisioner + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} spec: ports: - name: nfs @@ -65,6 +68,9 @@ metadata: namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} spec: ports: - port: {{ .Values.service.internalPort }} @@ -80,6 +86,9 @@ metadata: namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} spec: ports: - port: {{ .Values.service.internalPort }} @@ -96,6 +105,9 @@ metadata: namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} spec: ports: - port: {{ .Values.service.internalPort }} @@ -112,7 +124,11 @@ metadata: name: {{ include "common.servicename" . }}-nodeport namespace: {{ include "common.namespace" . }} labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} statefulset.kubernetes.io/pod-name: {{ include "common.fullname" . }}-0 + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} spec: ports: - name: {{ .Values.service.portName | default .Values.service.name }}-1 diff --git a/kubernetes/common/mysql/templates/statefulset.yaml b/kubernetes/common/mysql/templates/statefulset.yaml index f73b10f460..c3f8ae236f 100644 --- a/kubernetes/common/mysql/templates/statefulset.yaml +++ b/kubernetes/common/mysql/templates/statefulset.yaml @@ -31,7 +31,9 @@ spec: metadata: labels: app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} + heritage: {{ .Release.Service }} spec: initContainers: #{{ if not .Values.disableNfsProvisioner }} @@ -244,6 +246,10 @@ spec: - metadata: name: {{ include "common.fullname" . }}-mysql labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} name: {{ include "common.fullname" . }} spec: accessModes: [ {{ .Values.persistence.accessMode }} ] diff --git a/kubernetes/common/mysql/templates/storageclass.yaml b/kubernetes/common/mysql/templates/storageclass.yaml index 4edb477144..bbe4562d0a 100644 --- a/kubernetes/common/mysql/templates/storageclass.yaml +++ b/kubernetes/common/mysql/templates/storageclass.yaml @@ -20,5 +20,10 @@ apiVersion: storage.k8s.io/v1 metadata: name: "{{ include "common.fullname" . }}-mysql" namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} provisioner: {{ include "common.fullname" . }}/nfs {{ end }} diff --git a/kubernetes/common/network-name-gen/Chart.yaml b/kubernetes/common/network-name-gen/Chart.yaml index e1b9c5531f..4b7690b3ee 100644 --- a/kubernetes/common/network-name-gen/Chart.yaml +++ b/kubernetes/common/network-name-gen/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: Name Generation Micro Service name: network-name-gen -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/common/network-name-gen/requirements.yaml b/kubernetes/common/network-name-gen/requirements.yaml index 52a2c51844..31fe2fd159 100644 --- a/kubernetes/common/network-name-gen/requirements.yaml +++ b/kubernetes/common/network-name-gen/requirements.yaml @@ -14,8 +14,8 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' - name: mariadb-galera - version: ~3.0.0 + version: ~4.x-0 repository: file://../mariadb-galera/ diff --git a/kubernetes/common/postgres/Chart.yaml b/kubernetes/common/postgres/Chart.yaml index f9be4c2ceb..2de3b42f92 100644 --- a/kubernetes/common/postgres/Chart.yaml +++ b/kubernetes/common/postgres/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Postgres Server name: postgres -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/common/postgres/charts/pgpool/Chart.yaml b/kubernetes/common/postgres/charts/pgpool/Chart.yaml index b57e72a6ee..7807d5bf8e 100644 --- a/kubernetes/common/postgres/charts/pgpool/Chart.yaml +++ b/kubernetes/common/postgres/charts/pgpool/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Postgres Server name: pgpool -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/common/postgres/charts/pgpool/requirements.yaml b/kubernetes/common/postgres/charts/pgpool/requirements.yaml index 9f44c6df28..27f4c40177 100644 --- a/kubernetes/common/postgres/charts/pgpool/requirements.yaml +++ b/kubernetes/common/postgres/charts/pgpool/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/common/postgres/requirements.yaml b/kubernetes/common/postgres/requirements.yaml index 9f44c6df28..27f4c40177 100644 --- a/kubernetes/common/postgres/requirements.yaml +++ b/kubernetes/common/postgres/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/consul/Chart.yaml b/kubernetes/consul/Chart.yaml index 10134f1842..1bbeea9660 100644 --- a/kubernetes/consul/Chart.yaml +++ b/kubernetes/consul/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Consul Agent name: consul -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/consul/charts/consul-server/Chart.yaml b/kubernetes/consul/charts/consul-server/Chart.yaml index f9fb82155e..f8244f0b2c 100644 --- a/kubernetes/consul/charts/consul-server/Chart.yaml +++ b/kubernetes/consul/charts/consul-server/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Consul Server name: consul-server -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/consul/charts/consul-server/requirements.yaml b/kubernetes/consul/charts/consul-server/requirements.yaml index e57547871c..68a7d9ec14 100644 --- a/kubernetes/consul/charts/consul-server/requirements.yaml +++ b/kubernetes/consul/charts/consul-server/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/consul/requirements.yaml b/kubernetes/consul/requirements.yaml index e57547871c..68a7d9ec14 100644 --- a/kubernetes/consul/requirements.yaml +++ b/kubernetes/consul/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json b/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json index 51f2acc8f5..7bc9ff090f 100644 --- a/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json +++ b/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json @@ -44,6 +44,20 @@ "interval": "15s", "timeout": "1s" }, + { + "id": "multicloud-starlingx", + "name": "Multicloud Starlingx Health Check", + "http": "http://multicloud-starlingx:9009/api/multicloud-starlingx/v0/swagger.json", + "method": "HEAD", + "header": { + "Cache-Control": ["no-cache"], + "Content-Type": ["application/json"], + "Accept": ["application/json"] + }, + "tls_skip_verify": true, + "interval": "15s", + "timeout": "1s" + }, { "id": "multicloud-vio", "name": "Multicloud Vio Health Check", diff --git a/kubernetes/contrib/Chart.yaml b/kubernetes/contrib/Chart.yaml index ce70d19f8c..634b692a96 100755 --- a/kubernetes/contrib/Chart.yaml +++ b/kubernetes/contrib/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP optional tools name: contrib -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/contrib/charts/netbox/Chart.yaml b/kubernetes/contrib/charts/netbox/Chart.yaml index 2a7e9fb3df..db2c984266 100755 --- a/kubernetes/contrib/charts/netbox/Chart.yaml +++ b/kubernetes/contrib/charts/netbox/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: Netbox IPAM name: netbox -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/Chart.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/Chart.yaml index 3ac79e490f..c23cb20e1e 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/Chart.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: Netbox - Application (WSGI + Gunicorn) name: netbox-app -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml index 5215ca811d..92888ea20f 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml @@ -152,4 +152,6 @@ spec: name: {{ include "common.fullname" . }}-initializers-configmap - name: {{ include "common.fullname" . }}-configuration-config configMap: - name: {{ include "common.fullname" . }}-configuration-configmap \ No newline at end of file + name: {{ include "common.fullname" . }}-configuration-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml index a60bbb4f7a..96328caa95 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml @@ -42,8 +42,8 @@ config: superuserName: admin superuserEmail: admin@onap.org -repository: docker.io -image: ninech/netbox:v2.3.5 +repository: netboxcommunity +image: netbox:v2.5.8 # probe configuration parameters liveness: diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-nginx/Chart.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-nginx/Chart.yaml index ae22705dab..11acec15c8 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-nginx/Chart.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-nginx/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: Netbox - Nginx web server name: netbox-nginx -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-nginx/values.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-nginx/values.yaml index 14fedc881a..f67ff06410 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-nginx/values.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-nginx/values.yaml @@ -23,7 +23,7 @@ global: # global defaults # application image repository: docker.io -image: nginx:1.13-alpine +image: nginx:1.15-alpine pullPolicy: Always ingress: diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/Chart.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/Chart.yaml index 6e5125c61e..7490bf0efd 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/Chart.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: Netbox Posgres database name: netbox-postgres -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml index e662567e31..f2def04359 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml @@ -22,7 +22,7 @@ global: # global defaults # application image repository: docker.io -image: postgres:10.2-alpine +image: postgres:10.4-alpine pullPolicy: Always # application configuration diff --git a/kubernetes/contrib/charts/netbox/requirements.yaml b/kubernetes/contrib/charts/netbox/requirements.yaml index f315681d6a..5d820137cf 100755 --- a/kubernetes/contrib/charts/netbox/requirements.yaml +++ b/kubernetes/contrib/charts/netbox/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/contrib/requirements.yaml b/kubernetes/contrib/requirements.yaml index f315681d6a..5d820137cf 100644 --- a/kubernetes/contrib/requirements.yaml +++ b/kubernetes/contrib/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/contrib/tools/rke/rke_setup.sh b/kubernetes/contrib/tools/rke/rke_setup.sh new file mode 100755 index 0000000000..cc71522f12 --- /dev/null +++ b/kubernetes/contrib/tools/rke/rke_setup.sh @@ -0,0 +1,355 @@ +#!/bin/bash +############################################################################# +# Copyright © 2019 Bell. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +############################################################################# +# +# This installation is for an RKE install of kubernetes +# after this run the standard oom install +# this installation can be run on amy ubuntu 16.04 VM, RHEL 7.6 (root only), physical or cloud azure/aws host +# https://wiki.onap.org/display/DW/OOM+RKE+Kubernetes+Deployment +# source from https://jira.onap.org/browse/OOM-1598 +# +# master/dublin +# RKE 0.1.16 Kubernetes 1.11.6, kubectl 1.11.6, Helm 2.9.1, Docker 18.06 +# single node install, HA pending + +usage() { +cat < cluster.yml <> /etc/hosts + echo "Install docker - If you must install as non-root - comment out the docker install below - run it separately, run the user mod, logout/login and continue this script" + curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh + sudo usermod -aG docker $USERNAME + + echo "Install RKE" + sudo wget https://github.com/rancher/rke/releases/download/v$RKE_VERSION/rke_linux-amd64 + mv rke_linux-amd64 rke + sudo chmod +x rke + sudo mv ./rke /usr/local/bin/rke + + echo "Install make - required for beijing+ - installed via yum groupinstall Development Tools in RHEL" + # ubuntu specific + sudo apt-get install make -y + + sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl + sudo chmod +x ./kubectl + sudo mv ./kubectl /usr/local/bin/kubectl + sudo mkdir ~/.kube + wget http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz + sudo tar -zxvf helm-v${HELM_VERSION}-linux-amd64.tar.gz + sudo mv linux-amd64/helm /usr/local/bin/helm + + echo "Bringing RKE up - using supplied cluster.yml" + sudo rke up + echo "wait 2 extra min for the cluster" + sleep 60 + echo "1 more min" + sleep 60 + echo "copy kube_config_cluter.yaml generated - to ~/.kube/config" + sudo cp kube_config_cluster.yml ~/.kube/config + # avoid using sudo for kubectl + sudo chmod 777 ~/.kube/config + echo "Verify all pods up on the kubernetes system - will return localhost:8080 until a host is added" + echo "kubectl get pods --all-namespaces" + kubectl get pods --all-namespaces + echo "install tiller/helm" + kubectl -n kube-system create serviceaccount tiller + kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller + helm init --service-account tiller + kubectl -n kube-system rollout status deploy/tiller-deploy + echo "upgrade server side of helm in kubernetes" + if [ "$USERNAME" == "root" ]; then + helm version + else + sudo helm version + fi + echo "sleep 30" + sleep 30 + if [ "$USERNAME" == "root" ]; then + helm init --upgrade + else + sudo helm init --upgrade + fi + echo "sleep 30" + sleep 30 + echo "verify both versions are the same below" + if [ "$USERNAME" == "root" ]; then + helm version + else + sudo helm version + fi + echo "start helm server" + if [ "$USERNAME" == "root" ]; then + helm serve & + else + sudo helm serve & + fi + echo "sleep 30" + sleep 30 + echo "add local helm repo" + if [ "$USERNAME" == "root" ]; then + helm repo add local http://127.0.0.1:8879 + helm repo list + else + sudo helm repo add local http://127.0.0.1:8879 + sudo helm repo list + fi + echo "To enable grafana dashboard - do this after running cd.sh which brings up onap - or you may get a 302xx port conflict" + echo "kubectl expose -n kube-system deployment monitoring-grafana --type=LoadBalancer --name monitoring-grafana-client" + echo "to get the nodeport for a specific VM running grafana" + echo "kubectl get services --all-namespaces | grep graf" + sudo docker version + helm version + kubectl version + kubectl get services --all-namespaces + kubectl get pods --all-namespaces + echo "finished!" +} + +BRANCH= +SERVER= +ENVIRON= +VALIDATE=false +USERNAME=ubuntu +SSHPATH_PREFIX=~/.ssh + +while getopts ":b:s:e:u:l:k:v" PARAM; do + case $PARAM in + u) + usage + exit 1 + ;; + b) + BRANCH=${OPTARG} + ;; + e) + ENVIRON=${OPTARG} + ;; + s) + SERVER=${OPTARG} + ;; + l) + USERNAME=${OPTARG} + ;; + k) + SSHKEY=${OPTARG} + ;; + v) + VALIDATE=${OPTARG} + ;; + ?) + usage + exit + ;; + esac +done + +if [[ -z $BRANCH ]]; then + usage + exit 1 +fi + +install_onap $BRANCH $SERVER $ENVIRON $USERNAME $SSHPATH_PREFIX $SSHKEY $VALIDATE diff --git a/kubernetes/dcaegen2/Chart.yaml b/kubernetes/dcaegen2/Chart.yaml index 3f62f3c3d1..ceda39bd75 100644 --- a/kubernetes/dcaegen2/Chart.yaml +++ b/kubernetes/dcaegen2/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP DCAE Gen2 name: dcaegen2 -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/dcaegen2/Makefile b/kubernetes/dcaegen2/Makefile index c16f23be28..432a744094 100644 --- a/kubernetes/dcaegen2/Makefile +++ b/kubernetes/dcaegen2/Makefile @@ -1,2 +1,22 @@ -make-dmaap: - cd charts && helm dep up dcae-bootstrap +make-dcaegen2: make-dcae-bootstrap make-dcae-cloudify-manager make-dcae-config-binding-service make-dcae-healthcheck make-dcae-redis make-dcae-servicechange-handler make-dcae-inventory-api + +make-dcae-bootstrap: + cd charts && helm dep up dcae-bootstrap && helm lint dcae-bootstrap + +make-dcae-cloudify-manager: + cd charts && helm dep up dcae-cloudify-manager && helm lint dcae-cloudify-manager + +make-dcae-config-binding-service: + cd charts && helm dep up dcae-config-binding-service && helm lint dcae-config-binding-service + +make-dcae-healthcheck: + cd charts && helm dep up dcae-healthcheck && helm lint dcae-healthcheck + +make-dcae-redis: + cd charts && helm dep up dcae-redis && helm lint dcae-redis + +make-dcae-servicechange-handler: + cd charts && helm dep up dcae-servicechange-handler && helm lint dcae-servicechange-handler + +make-dcae-inventory-api: + cd charts/dcae-servicechange-handler/charts && helm dep up dcae-inventory-api && helm lint dcae-inventory-api diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/Chart.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/Chart.yaml index fca0302881..6ac53de0b8 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/Chart.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: ONAP DCAE Bootstrap name: dcae-bootstrap -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/requirements.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/requirements.yaml index caf790483f..5807f08e29 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/requirements.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/requirements.yaml @@ -18,8 +18,8 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' - name: postgres - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json index 5d8bf50947..51d31a355b 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/config/k8s-plugin.json @@ -19,6 +19,7 @@ { "namespace" : "{{ if .Values.dcae_ns }}{{ .Values.dcae_ns}}{{ else }}{{include "common.namespace" . }}{{ end}}", "consul_dns_name" : "{{ .Values.config.address.consul.host }}.{{ include "common.namespace" . }}", + "default_k8s_location" : "{{ .Values.default_k8s_location }}", "image_pull_secrets" : ["{{ include "common.namespace" . }}-docker-registry-key"], "filebeat": { @@ -28,5 +29,10 @@ "config_subpath": "filebeat.yml", "image" : "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}", "config_map" : "dcae-filebeat-configmap" + }, + "tls": + { + "cert_path": "/opt/tls/shared", + "image": "{{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}" } } diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-inventory-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml similarity index 56% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-inventory-inputs.yaml rename to kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml index 2f897db54e..ff2c39261b 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-inventory-inputs.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-dashboard-inputs.yaml @@ -16,17 +16,17 @@ # limitations under the License. # ============LICENSE_END========================================================= -sdc_address: '{{ .Values.config.address.sdc }}.{{include "common.namespace" . }}:8443' -sdc_uri: 'https://{{ .Values.config.address.sdc }}.{{include "common.namespace" . }}:8443' -sdc_user: "dcae" -sdc_password: !!str Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U -sdc_environment_name: "AUTO" -sdc_msg_bus_address: '{{ .Values.config.address.message_router }}.{{include "common.namespace" . }}' -postgres_user_inventory: "postgres" -postgres_password_inventory: "onap123" -{{ if .Values.componentImages.service_change_handler }} -service_change_handler_image: '{{ include "common.repository" . }}/{{ .Values.componentImages.service_change_handler }}' -{{ end }} -{{ if .Values.componentImages.inventory }} -inventory_image: '{{ include "common.repository" . }}/{{ .Values.componentImages.inventory }}' +{{ if .Values.componentImages.dashboard }} +dashboard_docker_image: {{ include "common.repository" . }}/{{ .Values.componentImages.dashboard }} {{ end }} +external_port: {{ .Values.config.address.dashboard.port }} +external_tls_port: {{ .Values.config.address.dashboard.portSecure }} +database_cluster_name: {{ .Values.postgres.service.name2 }}.{{ include "common.namespace" . }} +database_cluster_fqdn: {{ .Values.postgres.service.name2 }}.{{ include "common.namespace" . }}.{{ .Values.postgres.suffix }} +database_name: "dashboard_pg" +cloudify_ip: {{ .Values.config.address.cm }} +cloudify_user: "admin" +cloudify_password: "admin" +consul_url: {{ .Values.config.address.consul.host }} +postgres_port: "5432" +replicas: 1 diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-policy_handler-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-policy_handler-inputs.yaml deleted file mode 100644 index 50ac16ffc9..0000000000 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-policy_handler-inputs.yaml +++ /dev/null @@ -1,107 +0,0 @@ -#============LICENSE_START======================================================== -#================================================================================= -# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -{{ if .Values.componentImages.policy_handler }} -policy_handler_image: {{ include "common.repository" . }}/{{ .Values.componentImages.policy_handler }} -{{ end }} -application_config: - policy_handler : - # parallelize the getConfig queries to policy-engine on each policy-update notification - thread_pool_size : 4 - - # parallelize requests to policy-engine and keep them alive - pool_connections : 20 - - # retry to getConfig from policy-engine on policy-update notification - policy_retry_count : 5 - policy_retry_sleep : 5 - - # config of automatic catch_up for resiliency - catch_up : - # interval in seconds on how often to call automatic catch_up - # example: 1200 is 20*60 seconds that is 20 minutes - interval : 1200 - - # config of periodic reconfigure-rediscover for adaptability - reconfigure: - # interval in seconds on how often to call automatic reconfigure - # example: 600 is 10*60 seconds that is 10 minutes - interval : 600 - - # policy-engine config - # These are the url of and the auth for the external system, namely the policy-engine (PDP). - # We obtain that info manually from PDP folks at the moment. - # In long run we should figure out a way of bringing that info into consul record - # related to policy-engine itself. - # - k8s specific routing to policy-engine by hostname "pdp" - # - relying on dns to resolve hostname "pdp" to ip address - # - expecing to find "pdp" as the hostname in server cert from policy-engine - policy_engine : - url : "https://{{ .Values.config.address.policy_pdp }}.{{include "common.namespace" . }}:8081" - path_notifications : "/pdp/notifications" - path_api : "/pdp/api/" - headers : - Accept : "application/json" - "Content-Type" : "application/json" - ClientAuth : "cHl0aG9uOnRlc3Q=" - Authorization : "Basic dGVzdHBkcDphbHBoYTEyMw==" - Environment : "TEST" - target_entity : "policy_engine" - # optional tls_ca_mode specifies where to find the cacert.pem for tls - # can be one of these: - # "cert_directory" - use the cacert.pem stored locally in cert_directory. - # this is the default if cacert.pem file is found - # - # "os_ca_bundle" - use the public ca_bundle provided by linux system. - # this is the default if cacert.pem file not found - # - # "do_not_verify" - special hack to turn off the verification by cacert and hostname - tls_ca_mode : "cert_directory" - # optional tls_wss_ca_mode specifies the same for the tls based web-socket - tls_wss_ca_mode : "cert_directory" - # optional timeout_in_secs specifies the timeout for the http requests - timeout_in_secs: 60 - # optional ws_ping_interval_in_secs specifies the ping interval for the web-socket connection - ws_ping_interval_in_secs: 180 - # deploy_handler config - # changed from string "deployment_handler" in 2.3.1 to structure in 2.4.0 - deploy_handler : - # name of deployment-handler service used by policy-handler for logging - target_entity : "deployment_handler" - # url of the deployment-handler service for policy-handler to direct the policy-updates to - # - expecting dns to resolve the hostname deployment-handler to ip address - url : "https://deployment-handler:8443" - # limit the size of a single data segment for policy-update messages - # from policy-handler to deployment-handler in megabytes - max_msg_length_mb : 5 - query : - # optionally specify the tenant name for the cloudify under deployment-handler - # if not specified the "default_tenant" is used by the deployment-handler - cfy_tenant_name : "default_tenant" - # optional tls_ca_mode specifies where to find the cacert.pem or skip tls verification - # can be one of these: - # "cert_directory" - use the cacert.pem stored locally in cert_directory. - # this is the default if cacert.pem file is found - # - # "os_ca_bundle" - use the public ca_bundle provided by linux system. - # this is the default if cacert.pem file not found - # - # "do_not_verify" - special hack to turn off the verification by cacert and hostname - tls_ca_mode : "cert_directory" - # optional timeout_in_secs specifies the timeout for the http requests - timeout_in_secs: 60 diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml index e1ae791af8..aa2b9a3f18 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml @@ -19,3 +19,4 @@ {{ if .Values.componentImages.snmptrap }} tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.snmptrap }} {{ end }} +external_port: {{ .Values.config.address.snmptrap.port }} diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml index 078af0cb75..69e7cb76de 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml @@ -20,6 +20,7 @@ tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.ves }} {{ end }} external_port : {{ .Values.config.address.ves.port }} +external_tls_port : {{ .Values.config.address.ves.portSecure }} ves_other_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_OTHER_OUTPUT/" ves_heartbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT/" ves_fault_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_FAULT_OUTPUT/" diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml index a26307d64b..0463655c79 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/templates/deployment.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2017-2019 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); @@ -49,6 +49,10 @@ spec: - msb-discovery - --container-name - kube2msb + - --container-name + - dcae-config-binding-service + - --container-name + - dcae-db - "-t" - "15" env: diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml index 26067e0230..2da7875137 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== #================================================================================= -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); @@ -21,10 +21,13 @@ ################################################################# global: nodePortPrefix: 302 + nodePortPrefixExt: 304 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + tlsRepository: nexus3.onap.org:10001 + tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.1-STAGING-latest config: logstashServiceName: log-ls @@ -35,6 +38,9 @@ config: host: consul-server port: 8500 cm: dcae-cloudify-manager + dashboard: + port: 30418 + portSecure: 30419 datafile_collector: port: 30223 portSecure: 30262 @@ -44,8 +50,11 @@ config: msb_iag: msb-iag policy_pdp: pdp sdc: sdc-be + snmptrap: + port: 30470 ves: port: 30235 + portSecure: 30417 # redisCaching is a string not a boolean! redisCaching: "false" @@ -56,6 +65,7 @@ postgres: name: dcae-postgres name2: dcae-pg-primary name3: dcae-pg-replica + suffix: svc.cluster.local container: name: primary: dcae-pg-primary @@ -79,23 +89,19 @@ postgres: # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.5 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.10-STAGING-latest +default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager # Use to override default setting in blueprints componentImages: - config_binding_service: onap/org.onap.dcaegen2.platform.configbinding.app-app:2.2.3 - datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.1.1 - deployment_handler: onap/org.onap.dcaegen2.platform.deployment-handler:3.1.0 + dashboard: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.1.0-SNAPSHOT-latest holmes_rules: onap/holmes/rule-management:1.2.3 holmes_engine: onap/holmes/engine-management:1.2.2 - inventory: onap/org.onap.dcaegen2.platform.inventory-api:3.0.4 - policy_handler: onap/org.onap.dcaegen2.platform.policy-handler:4.5.0 - service_change_handler: onap/org.onap.dcaegen2.platform.servicechange-handler:1.1.5 tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.1.0 ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.3.1 snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0 - prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.2.0-SNAPSHOT + prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.2.1-SNAPSHOT hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.1.0-SNAPSHOT # Resource Limit flavor -By Default using small diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/Chart.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/Chart.yaml index 93e4feeb58..1f84269f17 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/Chart.yaml +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: ONAP DCAE Cloudify Manager name: dcae-cloudify-manager -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/requirements.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/requirements.yaml index 897df32ce0..0ba9e4746c 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/requirements.yaml +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/requirements.yaml @@ -15,5 +15,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml index ecaee65785..3995bc6cba 100644 --- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); @@ -21,6 +21,7 @@ ################################################################# global: nodePortPrefix: 302 + persistence: {} readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co @@ -43,7 +44,7 @@ config: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.cm-container:1.5.0 +image: onap/org.onap.dcaegen2.deployments.cm-container:1.5.2-STAGING-latest pullPolicy: Always # probe configuration parameters @@ -56,7 +57,7 @@ liveness: enabled: false readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 60 periodSeconds: 10 service: diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/Chart.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/Chart.yaml new file mode 100644 index 0000000000..295abdbe2a --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/Chart.yaml @@ -0,0 +1,21 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +description: ONAP DCAE Config Binding Service +name: dcae-config-binding-service +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/dmaap/charts/dmaap-data-router/requirements.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/requirements.yaml similarity index 91% rename from kubernetes/dmaap/charts/dmaap-data-router/requirements.yaml rename to kubernetes/dcaegen2/charts/dcae-config-binding-service/requirements.yaml index 5da3738b55..0ba9e4746c 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/requirements.yaml +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/requirements.yaml @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,6 +15,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' - diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml new file mode 100644 index 0000000000..1a3f693a12 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/resources/config/log/filebeat/filebeat.yml @@ -0,0 +1,72 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +filebeat.prospectors: +#it is mandatory, in our case it's log +- input_type: log + #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. + paths: + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive + ignore_older: 48h + # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit + clean_inactive: 96h + + +# Name of the registry file. If a relative path is used, it is considered relative to the +# data path. Else full qualified file name. +#filebeat.registry_file: ${path.data}/registry + + +output.logstash: + #List of logstash server ip addresses with port number. + #But, in our case, this will be the loadbalancer IP address. + #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. + hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + #If enable will do load balancing among availabe Logstash, automatically. + loadbalance: true + + #The list of root certificates for server verifications. + #If certificate_authorities is empty or not set, the trusted + #certificate authorities of the host system are used. + #ssl.certificate_authorities: $ssl.certificate_authorities + + #The path to the certificate for SSL client authentication. If the certificate is not specified, + #client authentication is not available. + #ssl.certificate: $ssl.certificate + + #The client certificate key used for client authentication. + #ssl.key: $ssl.key + + #The passphrase used to decrypt an encrypted key stored in the configured key file + #ssl.key_passphrase: $ssl.key_passphrase + +logging: + level: debug + + # enable file rotation with default configuration + to_files: true + + # do not log to syslog + to_syslog: false + + files: + path: /usr/share/filebeat/logs + name: mybeat.log + keepfiles: 7 diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/secrets.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/configmap.yaml similarity index 77% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/secrets.yaml rename to kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/configmap.yaml index bc93b9ecc9..a150cbd336 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/secrets.yaml +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/configmap.yaml @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,18 +12,15 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 -kind: Secret +kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-secret + name: {{ .Release.Name }}-cbs-filebeat-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} -type: Opaque data: - db-root-password: {{ .Values.global.config.mariadb.mariadbRootPassword | b64enc | quote }} - db-user-password: {{ .Values.global.config.mariadb.userPassword | b64enc | quote }} +{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }} diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml new file mode 100644 index 0000000000..a968204575 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/deployment.yaml @@ -0,0 +1,103 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - consul-server + - "-t" + - "15" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: +{{ include "common.resources" . | indent 12 }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + httpGet: + path: {{ .Values.readiness.path }} + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/logs + env: + - name: CONSUL_HOST + value: consul.{{ include "common.namespace" . }} + + - name: {{ include "common.name" . }}-filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap + volumes: + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ .Release.Name }}-cbs-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml new file mode 100644 index 0000000000..794b896eef --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/templates/service.yaml @@ -0,0 +1,43 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefixExt| default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + diff --git a/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml b/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml new file mode 100644 index 0000000000..31d6a8b2fb --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-config-binding-service/values.yaml @@ -0,0 +1,91 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + repositoryCred: + user: docker + password: docker + +config: + logstashServiceName: log-ls + logstashPort: 5044 + # Addresses of other ONAP entities + address: + consul: + host: consul-server + port: 8500 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/org.onap.dcaegen2.platform.configbinding.app-app:2.2.3 +pullPolicy: Always + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + # liveness not desirable for Cloudify Manager container + enabled: false + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + path: /healthcheck + +service: + type: NodePort + name: config-binding-service + externalPort: 10000 + internalPort: 10000 + nodePort: 15 + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 4 + memory: 4Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} +# Kubernetes namespace for components deployed via Cloudify manager +# If empty, use the common namespace +# dcae_ns: "dcae" diff --git a/kubernetes/dmaap/charts/dmaap-data-router/.helmignore b/kubernetes/dcaegen2/charts/dcae-deployment-handler/.helmignore similarity index 100% rename from kubernetes/dmaap/charts/dmaap-data-router/.helmignore rename to kubernetes/dcaegen2/charts/dcae-deployment-handler/.helmignore diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-config_binding_service-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/Chart.yaml similarity index 67% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-config_binding_service-inputs.yaml rename to kubernetes/dcaegen2/charts/dcae-deployment-handler/Chart.yaml index f4770ac29f..35d892a9cf 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-config_binding_service-inputs.yaml +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/Chart.yaml @@ -1,7 +1,6 @@ #============LICENSE_START======================================================== #================================================================================= -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,8 +15,7 @@ # limitations under the License. # ============LICENSE_END========================================================= -#TODO would like to make this conditional, as with the other input templates -# but having template expansion issues trying to do that -{{ if .Values.componentImages.config_binding_service }} -cbs_image: {{ include "common.repository" . }}/{{ .Values.componentImages.config_binding_service }} -{{ end }} +apiVersion: v1 +description: ONAP DCAE Deployment Handler +name: dcae-deployment-handler +version: 4.0.0 diff --git a/kubernetes/vvp/charts/vvp-imagescanner/requirements.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/requirements.yaml similarity index 85% rename from kubernetes/vvp/charts/vvp-imagescanner/requirements.yaml rename to kubernetes/dcaegen2/charts/dcae-deployment-handler/requirements.yaml index 9f44c6df28..d2b64d33b2 100644 --- a/kubernetes/vvp/charts/vvp-imagescanner/requirements.yaml +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/requirements.yaml @@ -1,4 +1,5 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,5 +15,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.0.0 repository: '@local' diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/config/config.json b/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/config/config.json new file mode 100644 index 0000000000..600f07c457 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/config/config.json @@ -0,0 +1,8 @@ +{ + "cloudify": { + "protocol": "http" + }, + "inventory": { + "protocol": "http" + } +} \ No newline at end of file diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/log/filebeat.yml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/log/filebeat.yml new file mode 100644 index 0000000000..0e5ee9bffa --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/resources/log/filebeat.yml @@ -0,0 +1,72 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +filebeat.prospectors: +#it is mandatory, in our case it's log +- input_type: log + #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. + paths: + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive + ignore_older: 48h + # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit + clean_inactive: 96h + + +# Name of the registry file. If a relative path is used, it is considered relative to the +# data path. Else full qualified file name. +#filebeat.registry_file: ${path.data}/registry + + +output.logstash: + #List of logstash server ip addresses with port number. + #But, in our case, this will be the loadbalancer IP address. + #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. + hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + #If enable will do load balancing among availabe Logstash, automatically. + loadbalance: true + + #The list of root certificates for server verifications. + #If certificate_authorities is empty or not set, the trusted + #certificate authorities of the host system are used. + #ssl.certificate_authorities: $ssl.certificate_authorities + + #The path to the certificate for SSL client authentication. If the certificate is not specified, + #client authentication is not available. + #ssl.certificate: $ssl.certificate + + #The client certificate key used for client authentication. + #ssl.key: $ssl.key + + #The passphrase used to decrypt an encrypted key stored in the configured key file + #ssl.key_passphrase: $ssl.key_passphrase + +logging: + level: debug + + # enable file rotation with default configuration + to_files: true + + # do not log to syslog + to_syslog: false + + files: + path: /usr/share/filebeat/logs + name: mybeat.log + keepfiles: 7 diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/configmap.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/configmap.yaml new file mode 100644 index 0000000000..39af31a4f3 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/configmap.yaml @@ -0,0 +1,34 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{include "common.fullname" . }}-filebeat-configmap + namespace: {{include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }} \ No newline at end of file diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/deployment.yaml new file mode 100644 index 0000000000..3e4e53b679 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/deployment.yaml @@ -0,0 +1,161 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - dcae-cloudify-manager + - --container-name + - consul-server + - --container-name + - dcae-inventory-api + - "-t" + - "45" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: init-tls + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: {} + volumeMounts: + - mountPath: /opt/tls/shared + name: tls-info + - name: init-consul + image: {{ .Values.global.consulLoaderRepository }}/{{ .Values.global.consulLoaderImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + args: + - --service + - "cloudify_manager|dcae-cloudify-manager.{{ include "common.namespace" . }}|80" + - --service + - "inventory|inventory.{{ include "common.namespace" . }}|8080" + - --key + - deployment_handler|/dhconfig/config.json + resources: {} + volumeMounts: + - mountPath: /dhconfig + name: dh-config + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: +{{ include "common.resources" . | indent 12 }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + httpGet: + path: {{ .Values.readiness.path }} + port: {{ .Values.service.internalPort }} + scheme: {{ .Values.readiness.scheme }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /opt/app/dh/log + name: component-log + - mountPath: /opt/app/dh/etc/cert/ + name: tls-info + env: + - name: CONSUL_HOST + value: consul-server.{{ include "common.namespace" . }} + - name: CLOUDIFY_USER + value: admin + - name: CLOUDIFY_PASSWORD + value: admin + - name: CONFIG_BINDING_SERVICE + value: config-binding-service + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: {{ include "common.name" . }}-filebeat + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }} + imagePullPolicy: IfNotPresent + resources: {} + volumeMounts: + - mountPath: /var/log/onap/deployment-handler + name: component-log + - mountPath: /usr/share/filebeat/data + name: filebeat-data + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + volumes: + - emptyDir: {} + name: component-log + - emptyDir: {} + name: filebeat-data + - configMap: + defaultMode: 420 + name: {{ include "common.fullname" . }}-filebeat-configmap + name: filebeat-conf + - emptyDir: {} + name: tls-info + - configMap: + defaultMode: 422 + name: {{ include "common.fullname" . }}-configmap + name: dh-config + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/service.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/service.yaml new file mode 100644 index 0000000000..088d381d50 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/templates/service.yaml @@ -0,0 +1,43 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + diff --git a/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml b/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml new file mode 100644 index 0000000000..6a00d36f2c --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-deployment-handler/values.yaml @@ -0,0 +1,95 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + tlsRepository: nexus3.onap.org:10001 + tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.1-STAGING-latest + consulLoaderRepository: nexus3.onap.org:10001 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0-STAGING-latest + repositoryCred: + user: docker + password: docker + +config: + logstashServiceName: log-ls + logstashPort: 5044 + # Addresses of other ONAP entities + address: + consul: + host: consul-server + port: 8500 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/org.onap.dcaegen2.platform.deployment-handler:3.2.0 +pullPolicy: Always + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + # liveness not desirable for Cloudify Manager container + enabled: false + +readiness: + initialDelaySeconds: 30 + periodSeconds: 30 + path: / + scheme: HTTPS + +service: + type: ClusterIP + name: deployment-handler + externalPort: 8443 + internalPort: 8443 + + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 4 + memory: 4Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} +# Kubernetes namespace for components deployed via Cloudify manager +# If empty, use the common namespace +# dcae_ns: "dcae" diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/Chart.yaml b/kubernetes/dcaegen2/charts/dcae-healthcheck/Chart.yaml index 78385402b7..56e49c9e9b 100644 --- a/kubernetes/dcaegen2/charts/dcae-healthcheck/Chart.yaml +++ b/kubernetes/dcaegen2/charts/dcae-healthcheck/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: ONAP DCAE Health Check name: dcae-healthcheck -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/requirements.yaml b/kubernetes/dcaegen2/charts/dcae-healthcheck/requirements.yaml index 8943620f13..5b4519e15a 100644 --- a/kubernetes/dcaegen2/charts/dcae-healthcheck/requirements.yaml +++ b/kubernetes/dcaegen2/charts/dcae-healthcheck/requirements.yaml @@ -18,5 +18,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml index 3c9936b1b1..97cd7d2482 100644 --- a/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml +++ b/kubernetes/dcaegen2/charts/dcae-healthcheck/values.yaml @@ -45,7 +45,7 @@ readiness: periodSeconds: 10 # application image repository: nexus3.onap.org:10001 -image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.1 +image: onap/org.onap.dcaegen2.deployments.healthcheck-container:1.2.4-STAGING-latest # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/.helmignore b/kubernetes/dcaegen2/charts/dcae-policy-handler/.helmignore similarity index 100% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/.helmignore rename to kubernetes/dcaegen2/charts/dcae-policy-handler/.helmignore diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-deployment_handler-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/Chart.yaml similarity index 65% rename from kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-deployment_handler-inputs.yaml rename to kubernetes/dcaegen2/charts/dcae-policy-handler/Chart.yaml index 97ff037481..98844dce4f 100644 --- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-deployment_handler-inputs.yaml +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/Chart.yaml @@ -1,7 +1,6 @@ #============LICENSE_START======================================================== #================================================================================= -# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,13 +14,8 @@ # See the License for the specific language governing permissions and # limitations under the License. # ============LICENSE_END========================================================= -# -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -{{ if .Values.componentImages.deployment_handler }} -deployment_handler_image: {{ include "common.repository" . }}/{{ .Values.componentImages.deployment_handler }} -{{ end }} -application_config: - cloudify: - protocol: "http" - inventory: - protocol: "http" + +apiVersion: v1 +description: ONAP DCAE Policy Handler +name: dcae-policy-handler +version: 4.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/requirements.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/requirements.yaml new file mode 100644 index 0000000000..d2b64d33b2 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/requirements.yaml @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~4.0.0 + repository: '@local' diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json b/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json new file mode 100644 index 0000000000..76aa3838aa --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json @@ -0,0 +1,41 @@ +{ + "policy_handler": { + "thread_pool_size": 4, + "pool_connections": 20, + "policy_retry_count": 5, + "policy_retry_sleep": 5, + "catch_up": { + "interval": 1200 + }, + "reconfigure": { + "interval": 600 + }, + "policy_engine": { + "url": "https://{{ .Values.config.address.policy_pdp }}.{{include "common.namespace" . }}:8081", + "path_notifications": "/pdp/notifications", + "path_api": "/pdp/api/", + "headers": { + "Accept": "application/json", + "Content-Type": "application/json", + "ClientAuth": "cHl0aG9uOnRlc3Q=", + "Authorization": "Basic dGVzdHBkcDphbHBoYTEyMw==", + "Environment": "TEST" + }, + "target_entity": "policy_engine", + "tls_ca_mode": "cert_directory", + "tls_wss_ca_mode": "cert_directory", + "timeout_in_secs": 60, + "ws_ping_interval_in_secs": 180 + }, + "deploy_handler": { + "target_entity": "deployment_handler", + "url": "https://deployment-handler:8443", + "max_msg_length_mb": 5, + "query": { + "cfy_tenant_name": "default_tenant" + }, + "tls_ca_mode": "cert_directory", + "timeout_in_secs": 60 + } + } +} diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/log/filebeat.yml b/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/log/filebeat.yml new file mode 100644 index 0000000000..1a3f693a12 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/log/filebeat.yml @@ -0,0 +1,72 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +filebeat.prospectors: +#it is mandatory, in our case it's log +- input_type: log + #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. + paths: + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive + ignore_older: 48h + # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit + clean_inactive: 96h + + +# Name of the registry file. If a relative path is used, it is considered relative to the +# data path. Else full qualified file name. +#filebeat.registry_file: ${path.data}/registry + + +output.logstash: + #List of logstash server ip addresses with port number. + #But, in our case, this will be the loadbalancer IP address. + #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. + hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + #If enable will do load balancing among availabe Logstash, automatically. + loadbalance: true + + #The list of root certificates for server verifications. + #If certificate_authorities is empty or not set, the trusted + #certificate authorities of the host system are used. + #ssl.certificate_authorities: $ssl.certificate_authorities + + #The path to the certificate for SSL client authentication. If the certificate is not specified, + #client authentication is not available. + #ssl.certificate: $ssl.certificate + + #The client certificate key used for client authentication. + #ssl.key: $ssl.key + + #The passphrase used to decrypt an encrypted key stored in the configured key file + #ssl.key_passphrase: $ssl.key_passphrase + +logging: + level: debug + + # enable file rotation with default configuration + to_files: true + + # do not log to syslog + to_syslog: false + + files: + path: /usr/share/filebeat/logs + name: mybeat.log + keepfiles: 7 diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/configmap.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/configmap.yaml new file mode 100644 index 0000000000..39af31a4f3 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/configmap.yaml @@ -0,0 +1,34 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{include "common.fullname" . }}-filebeat-configmap + namespace: {{include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }} \ No newline at end of file diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/deployment.yaml new file mode 100644 index 0000000000..a6b87bf3eb --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/deployment.yaml @@ -0,0 +1,157 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - dcae-deployment-handler + - --container-name + - consul-server + - --container-name + - pdp + - "-t" + - "45" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: init-tls + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: {{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: {} + volumeMounts: + - mountPath: /opt/tls/shared + name: tls-info + - name: init-consul + image: {{ .Values.global.consulLoaderRepository }}/{{ .Values.global.consulLoaderImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + args: + - --key + - policy_handler|/phconfig/config.json + resources: {} + volumeMounts: + - mountPath: /phconfig + name: ph-config + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + resources: +{{ include "common.resources" . | indent 12 }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + httpGet: + path: {{ .Values.readiness.path }} + port: {{ .Values.service.internalPort }} + scheme: {{ .Values.readiness.scheme }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /opt/app/policy_handler/logs + name: component-log + - mountPath: /opt/app/policy_handler/etc/tls/certs/ + name: tls-info + env: + - name: CONSUL_HOST + value: consul-server.{{ include "common.namespace" . }} + - name: CLOUDIFY_USER + value: admin + - name: CLOUDIFY_PASSWORD + value: admin + - name: CONFIG_BINDING_SERVICE + value: config-binding-service + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: {{ include "common.name" . }}-filebeat + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }} + imagePullPolicy: IfNotPresent + resources: {} + volumeMounts: + - mountPath: /var/log/onap/deployment-handler + name: component-log + - mountPath: /usr/share/filebeat/data + name: filebeat-data + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + volumes: + - emptyDir: {} + name: component-log + - emptyDir: {} + name: filebeat-data + - configMap: + defaultMode: 420 + name: {{ include "common.fullname" . }}-filebeat-configmap + name: filebeat-conf + - emptyDir: {} + name: tls-info + - configMap: + defaultMode: 422 + name: {{ include "common.fullname" . }}-configmap + name: ph-config + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/service.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/service.yaml new file mode 100644 index 0000000000..088d381d50 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/templates/service.yaml @@ -0,0 +1,43 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml b/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml new file mode 100644 index 0000000000..c14614278c --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/values.yaml @@ -0,0 +1,95 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + tlsRepository: nexus3.onap.org:10001 + tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.1-STAGING-latest + consulLoaderRepository: nexus3.onap.org:10001 + consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0-STAGING-latest + repositoryCred: + user: docker + password: docker + +config: + logstashServiceName: log-ls + logstashPort: 5044 + # Addresses of other ONAP entities + address: + consul: + host: consul-server + port: 8500 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/org.onap.dcaegen2.platform.policy-handler:4.6.0-STAGING-latest +pullPolicy: Always + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + # liveness not desirable for Cloudify Manager container + enabled: false + +readiness: + initialDelaySeconds: 60 + periodSeconds: 300 + path: /healthcheck + scheme: HTTP + +service: + type: ClusterIP + name: policy-handler + externalPort: 25577 + internalPort: 25577 + + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 4 + memory: 4Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} +# Kubernetes namespace for components deployed via Cloudify manager +# If empty, use the common namespace +# dcae_ns: "dcae" diff --git a/kubernetes/dcaegen2/charts/dcae-redis/Chart.yaml b/kubernetes/dcaegen2/charts/dcae-redis/Chart.yaml index 1b0325d60c..f01b6280df 100644 --- a/kubernetes/dcaegen2/charts/dcae-redis/Chart.yaml +++ b/kubernetes/dcaegen2/charts/dcae-redis/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP DCAE Redis name: dcae-redis -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/dcaegen2/charts/dcae-redis/requirements.yaml b/kubernetes/dcaegen2/charts/dcae-redis/requirements.yaml index 2aa12fdd12..f6b154516e 100644 --- a/kubernetes/dcaegen2/charts/dcae-redis/requirements.yaml +++ b/kubernetes/dcaegen2/charts/dcae-redis/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/Chart.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/Chart.yaml new file mode 100644 index 0000000000..918f82e9d4 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/Chart.yaml @@ -0,0 +1,21 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +description: ONAP DCAE Service Change Handler +name: dcae-servicechange-handler +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/Chart.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/Chart.yaml new file mode 100644 index 0000000000..1b6e852d28 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/Chart.yaml @@ -0,0 +1,21 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +description: ONAP DCAE Inventory API Service +name: dcae-inventory-api +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/requirements.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/requirements.yaml new file mode 100644 index 0000000000..55ac83926f --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/requirements.yaml @@ -0,0 +1,22 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~4.x-0 + repository: '@local' + - name: postgres + version: ~4.x-0 + repository: '@local' diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/resources/config/config.json b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/resources/config/config.json new file mode 100644 index 0000000000..a8329f674b --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/resources/config/config.json @@ -0,0 +1,34 @@ +{ + "database": { + "driverClass": "org.postgresql.Driver", + "user": "{{ .Values.postgres.config.pgUserName }}", + "password": "{{ .Values.postgres.config.pgUserPassword }}", + "url": "jdbc:postgresql://{{ .Values.postgres.service.name2 }}:5432/{{ .Values.postgres.config.pgDatabase }}", + "properties": { + "charSet": "UTF-8" + }, + "maxWaitForConnection": "1s", + "validationQuery": "/* MyService Health Check */ SELECT 1", + "minSize": 2, + "maxSize": 8, + "initialSize": 2, + "checkConnectionWhileIdle": false, + "evictionInterval": "10s", + "minIdleTime": "1 minute" + }, + "databusControllerConnection": { + "host": "databus-controller-hostname", + "port": 8443, + "mechId": null, + "password": null, + "required": false + }, + "httpClient": { + "minThreads": 1, + "maxThreads": 128, + "gzipEnabled": false, + "gzipEnabledForRequests": false, + "timeout": "5000milliseconds", + "connectionTimeout": "5000milliseconds" + } + } \ No newline at end of file diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/templates/configmap.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/configmap.yaml similarity index 84% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/templates/configmap.yaml rename to kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/configmap.yaml index 525c18b6ba..9cda43c499 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/templates/configmap.yaml +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/configmap.yaml @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,11 +12,10 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-prov-props-configmap + name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -23,4 +23,4 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/config/provserver.properties").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/deployment.yaml new file mode 100644 index 0000000000..e3e4aaf5cd --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/deployment.yaml @@ -0,0 +1,96 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - {{ .Values.postgres.nameOverride }} + - "-t" + - "15" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + # Assumes that the Docker image is built with ENTRYPOINT set to + # ["java", "-jar", "/opt/inventory-api-x.y.z.jar", "server"] + # where "x.y.z" is the version number (matches the Docker image version number) + # The arg below adds a parameter, the path to a config file. + # This tells the inventory-api app to get its configuration from the file + # rather than querying Consul. + args: + - "/opt/config.json" + resources: +{{ include "common.resources" . | indent 12 }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + httpGet: + path: {{ .Values.readiness.path }} + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-inv-config + mountPath: /opt/config.json + subPath: config.json + env: + - name: CONSUL_HOST + value: consul.{{ include "common.namespace" . }} + volumes: + - name: {{ include "common.fullname" . }}-inv-config + configMap: + name: {{ include "common.fullname" . }}-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/service.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/service.yaml new file mode 100644 index 0000000000..088d381d50 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/templates/service.yaml @@ -0,0 +1,43 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/values.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/values.yaml new file mode 100644 index 0000000000..1fd004f2bd --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/charts/dcae-inventory-api/values.yaml @@ -0,0 +1,122 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + repositoryCred: + user: docker + password: docker + +config: + logstashServiceName: log-ls + logstashPort: 5044 + # Addresses of other ONAP entities + address: + consul: + host: consul-server + port: 8500 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/org.onap.dcaegen2.platform.inventory-api:3.0.4 + +pullPolicy: Always + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + # liveness not desirable for Cloudify Manager container + enabled: false + +readiness: + initialDelaySeconds: 30 + periodSeconds: 30 + path: /dcae-service-types + +service: + type: ClusterIP + name: inventory + externalPort: 8080 + internalPort: 8080 + +# application configuration override for postgres +postgres: + nameOverride: dcae-inv-pg + service: + name: dcae-inv-postgres + name2: dcae-inv-pg-primary + name3: dcae-inv-pg-replica + container: + name: + primary: dcae-inv-pg-primary + replica: dcae-inv-pg-replica + config: + pgUserName: dcae_inv + pgDatabase: dcae_inventory + pgPrimaryPassword: onapdemodb + pgUserPassword: onapdemodb + pgRootPassword: onapdemodb + persistence: + mountSubPath: dcae-inv/data + mountInitPath: dcae-inv + pgpool: + nameOverride: dcae-inv-pgpool + service: + name: dcae-inv-pgpool + credentials: + pgusername: ddcae_inv + pgpassword: onapdemodb + container: + name: + primary: dcae-inv-pgpool-primary + replica: dcae-inv-pgpool-replica + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 4 + memory: 4Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} +# Kubernetes namespace for components deployed via Cloudify manager +# If empty, use the common namespace +# dcae_ns: "dcae" diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/requirements.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/requirements.yaml new file mode 100644 index 0000000000..0ba9e4746c --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/requirements.yaml @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~4.x-0 + repository: '@local' diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/resources/config/config.json b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/resources/config/config.json new file mode 100644 index 0000000000..7ddc800817 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/resources/config/config.json @@ -0,0 +1,22 @@ +{ + "asdcDistributionClient": { + "asdcAddress": "{{ .Values.config.address.sdc }}.{{include "common.namespace" . }}:8443", + "asdcUri": "https://{{ .Values.config.address.sdc }}.{{include "common.namespace" . }}:8443", + "msgBusAddress": "{{ .Values.config.address.message_router }}.{{include "common.namespace" . }}", + "user": "{{ .Values.sdc.user }}", + "password": "{{ .Values.sdc.password }}", + "pollingInterval": 20, + "pollingTimeout": 20, + "consumerGroup": "dcae", + "consumerId": "dcae-sch", + "environmentName": "{{ .Values.sdc.environmentName }}", + "keyStorePath": null, + "keyStorePassword": null, + "activateServerTLSAuth": {{ .Values.sdc.useHttps }}, + "useHttpsWithDmaap": {{ .Values.dmaap.useHttps }}, + "isFilterInEmptyResources": false + }, + "dcaeInventoryClient": { + "uri": "http://inventory:8080" + } +} diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/configmap.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/configmap.yaml new file mode 100644 index 0000000000..9cda43c499 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/configmap.yaml @@ -0,0 +1,26 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/deployment.yaml new file mode 100644 index 0000000000..44ebc42412 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/templates/deployment.yaml @@ -0,0 +1,95 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: 1 + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - "dcae-inventory-api" + - --container-name + - "message-router" + - --container-name + - "sdc-dcae-be" + - "-t" + - "45" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["java"] + args: + - "-jar" + - "/opt/servicechange-handler.jar" + - "prod" + - "/opt/config.json" + resources: +{{ include "common.resources" . | indent 12 }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + exec: + command: [{{ .Values.liveness.script }}] + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + exec: + command: [{{ .Values.readiness.script }}] + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-sch-config + mountPath: /opt/config.json + subPath: config.json + env: + - name: CONSUL_HOST + value: consul.{{ include "common.namespace" . }} + volumes: + - name: {{ include "common.fullname" . }}-sch-config + configMap: + name: {{ include "common.fullname" . }}-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2/charts/dcae-servicechange-handler/values.yaml b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/values.yaml new file mode 100644 index 0000000000..dd985163c1 --- /dev/null +++ b/kubernetes/dcaegen2/charts/dcae-servicechange-handler/values.yaml @@ -0,0 +1,95 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + repositoryCred: + user: docker + password: docker + +config: + logstashServiceName: log-ls + logstashPort: 5044 + address: + # Addresses of ONAP components + message_router: message-router + sdc: sdc-be +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/org.onap.dcaegen2.platform.servicechange-handler:1.1.5 + +pullPolicy: Always + +# configuration for accessing SDC +sdc: + user: "dcae" + password: !!str Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + environmentName: "AUTO" + useHttps: false + +# configuration for accessing DMaaP +dmaap: + useHttps: false + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 30 + script: /opt/health.sh + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + # liveness not desirable for Cloudify Manager container + enabled: false + +readiness: + initialDelaySeconds: 30 + periodSeconds: 30 + script: /opt/health.sh + + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 4 + memory: 4Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} +# Kubernetes namespace for components deployed via Cloudify manager +# If empty, use the common namespace +# dcae_ns: "dcae" diff --git a/kubernetes/dcaegen2/requirements.yaml b/kubernetes/dcaegen2/requirements.yaml index 220dc4619b..fae2fe2fe7 100644 --- a/kubernetes/dcaegen2/requirements.yaml +++ b/kubernetes/dcaegen2/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/dmaap/Chart.yaml b/kubernetes/dmaap/Chart.yaml index 2f8bb0ebaf..810e863128 100644 --- a/kubernetes/dmaap/Chart.yaml +++ b/kubernetes/dmaap/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP DMaaP components name: dmaap -version: 3.0.0 +version: 4.0.1 diff --git a/kubernetes/dmaap/Makefile b/kubernetes/dmaap/Makefile index b39b91f804..3a1931121a 100644 --- a/kubernetes/dmaap/Makefile +++ b/kubernetes/dmaap/Makefile @@ -1,5 +1,4 @@ # Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,16 +12,20 @@ # See the License for the specific language governing permissions and # limitations under the License. -make-dmaap: make-bus-controller make-message-router make-dmaap-data-router +make-dmaap: make-dmaap-bc make-message-router make-dmaap-dr-node make-dmaap-dr-prov -make-bus-controller: - cd charts && helm dep up dmaap-bus-controller && helm lint dmaap-bus-controller +make-dmaap-bc: + cd components && helm dep up dmaap-bc && helm lint dmaap-bc make-message-router: - cd charts && helm dep up message-router && helm lint message-router + cd components && helm dep up message-router && helm lint message-router -make-dmaap-data-router: - cd charts && helm dep up dmaap-data-router && helm lint dmaap-data-router +make-dmaap-dr-node: + cd components && helm dep up dmaap-dr-node && helm lint dmaap-dr-node + +make-dmaap-dr-prov: + cd components && helm dep up dmaap-dr-prov && helm lint dmaap-dr-prov clean: @find . -type f -name '*.tgz' -delete + @find . -type f -name '*.lock' -delete diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/feeds/DefaultPM.json b/kubernetes/dmaap/charts/dmaap-bus-controller/resources/feeds/DefaultPM.json deleted file mode 100644 index 411d7f41e1..0000000000 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/feeds/DefaultPM.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "feedName": "Default PM Feed", - "feedVersion": "m1.1", - "feedDescription": "Default feed provisioned for PM File collector", - "asprClassification" : "unclassified", - "owner": "onap", - "pubs": [ - { - "dcaeLocationName" : "san-francisco", - "username": "dradmin", - "userpwd": "dradmin" - } - - ] -} - diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/resources/config/mariadb/conf.d/mariadb1.cnf b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/resources/config/mariadb/conf.d/mariadb1.cnf deleted file mode 100644 index ff2c63740b..0000000000 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/resources/config/mariadb/conf.d/mariadb1.cnf +++ /dev/null @@ -1,193 +0,0 @@ -# Example MySQL config file for medium systems. -# -# This is for a system with memory 8G where MySQL plays -# an important part, or systems up to 128M where MySQL is used together with -# other programs (such as a web server) -# -# In this file, you can use all long options that a program supports. -# If you want to know which options a program supports, run the program -# with the "--help" option. - -# The following options will be passed to all MySQL clients -##[client] -##user = root -##port = 3306 -##socket = //opt/app/mysql/mysql.sock - -# Here follows entries for some specific programs - -# The MySQL server -[mysqld] -##performance_schema - -slow_query_log =ON -long_query_time =2 -slow_query_log_file =//var/lib/mysql/slow_query.log - -skip-external-locking -explicit_defaults_for_timestamp = true -skip-symbolic-links -local-infile = 0 -key_buffer_size = 16M -max_allowed_packet = 4M -table_open_cache = 100 -sort_buffer_size = 512K -net_buffer_length = 8K -read_buffer_size = 256K -read_rnd_buffer_size = 512K -myisam_sort_buffer_size = 8M -max_connections = 300 -lower_case_table_names = 1 -thread_stack = 256K -thread_cache_size = 25 -query_cache_size = 8M -query_cache_type = 0 -query_prealloc_size = 512K -query_cache_limit = 1M - -# Password validation -##plugin-load-add=simple_password_check.so -##simple_password_check_other_characters=0 - -# Audit Log settings -plugin-load-add=server_audit.so -server_audit=FORCE_PLUS_PERMANENT -server_audit_file_path=//var/lib/mysql/audit.log -server_audit_file_rotate_size=50M -server_audit_events=CONNECT,QUERY,TABLE -server_audit_logging=on - -# Don't listen on a TCP/IP port at all. This can be a security enhancement, -# if all processes that need to connect to mysqld run on the same host. -# All interaction with mysqld must be made via Unix sockets or named pipes. -# Note that using this option without enabling named pipes on Windows -# (via the "enable-named-pipe" option) will render mysqld useless! -# -#skip-networking - -# Replication Master Server (default) -# binary logging is required for replication -##log-bin=//var/lib/mysql/mysql-bin - -# binary logging format - mixed recommended -binlog_format=row - -# required unique id between 1 and 2^32 - 1 -# defaults to 1 if master-host is not set -# but will not function as a master if omitted - -# Replication Slave (comment out master section to use this) -# -# To configure this host as a replication slave, you can choose between -# two methods : -# -# 1) Use the CHANGE MASTER TO command (fully described in our manual) - -# the syntax is: -# -# CHANGE MASTER TO MASTER_HOST=, MASTER_PORT=, -# MASTER_USER=, MASTER_PASSWORD= ; -# -# where you replace , , by quoted strings and -# by the master's port number (3306 by default). -# -# Example: -# -# CHANGE MASTER TO MASTER_HOST='125.564.12.1', MASTER_PORT=3306, -# MASTER_USER='joe', MASTER_PASSWORD='secret'; -# -# OR -# -# 2) Set the variables below. However, in case you choose this method, then -# start replication for the first time (even unsuccessfully, for example -# if you mistyped the password in master-password and the slave fails to -# connect), the slave will create a master.info file, and any later -# change in this file to the variables' values below will be ignored and -# overridden by the content of the master.info file, unless you shutdown -# the slave server, delete master.info and restart the slaver server. -# For that reason, you may want to leave the lines below untouched -# (commented) and instead use CHANGE MASTER TO (see above) -# -# required unique id between 2 and 2^32 - 1 -# (and different from the master) -# defaults to 2 if master-host is set -# but will not function as a slave if omitted -#server-id = 2 -# -# The replication master for this slave - required -#master-host = -# -# The username the slave will use for authentication when connecting -# to the master - required -#master-user = -# -# The password the slave will authenticate with when connecting to -# the master - required -#master-password = -# -# The port the master is listening on. -# optional - defaults to 3306 -#master-port = -# -# binary logging - not required for slaves, but recommended -#log-bin=mysql-bin - -# Uncomment the following if you are using InnoDB tables -##innodb_data_home_dir = //opt/app/mysql/data -##innodb_data_file_path = ibdata1:20M:autoextend:max:32G -##innodb_log_group_home_dir = //opt/app/mysql/iblogs -# You can set .._buffer_pool_size up to 50 - 80 % -# of RAM but beware of setting memory usage too high -#innodb_buffer_pool_size = 6380M -#innodb_additional_mem_pool_size = 2M -# Set .._log_file_size to 25 % of buffer pool size -innodb_log_file_size = 150M -innodb_log_files_in_group = 3 -innodb_log_buffer_size = 8M -#innodb_flush_log_at_trx_commit = 1 -innodb_lock_wait_timeout = 50 -innodb_autoextend_increment = 100 -expire_logs_days = 8 -open_files_limit = 2000 -transaction-isolation=READ-COMMITTED -####### Galera parameters ####### -## Galera Provider configuration -wsrep_provider=/usr/lib/galera/libgalera_smm.so -wsrep_provider_options="gcache.size=1G; gcache.page_size=1G" -## Galera Cluster configuration -wsrep_cluster_name="MSO-automated-tests-cluster" -wsrep_cluster_address="gcomm://" -#wsrep_cluster_address="gcomm://mariadb1,mariadb2,mariadb3" -##wsrep_cluster_address="gcomm://192.169.3.184,192.169.3.185,192.169.3.186" -## Galera Synchronization configuration -wsrep_sst_method=rsync -#wsrep_sst_method=xtrabackup-v2 -#wsrep_sst_auth="sstuser:Mon#2o!6" -## Galera Node configuration -wsrep_node_name="mariadb1" -##wsrep_node_address="192.169.3.184" -wsrep_on=ON -## Status notification -#wsrep_notify_cmd=/opt/app/mysql/bin/wsrep_notify -####### - - -[mysqldump] -quick -max_allowed_packet = 16M - -[mysql] -no-auto-rehash -# Remove the next comment character if you are not familiar with SQL -#safe-updates - -[myisamchk] -key_buffer_size = 20971520 - -##[mysqlhotcopy] -##interactive-timeout -##[mysqld_safe] -##malloc-lib=//opt/app/mysql/local/lib/libjemalloc.so.1 -##log-error=//opt/app/mysql/log/mysqld.log - -general_log_file = /var/log/mysql/mysql.log -general_log = 1 diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/resources/config/mariadb/docker-entrypoint-initdb.d/sql_init_01.sql b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/resources/config/mariadb/docker-entrypoint-initdb.d/sql_init_01.sql deleted file mode 100644 index e7fade9eb8..0000000000 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/resources/config/mariadb/docker-entrypoint-initdb.d/sql_init_01.sql +++ /dev/null @@ -1,144 +0,0 @@ -USE `datarouter`; - -CREATE TABLE FEEDS ( - FEEDID INT UNSIGNED NOT NULL PRIMARY KEY, - GROUPID INT(10) UNSIGNED NOT NULL DEFAULT 0, - NAME VARCHAR(255) NOT NULL, - VERSION VARCHAR(20) NOT NULL, - DESCRIPTION VARCHAR(1000), - BUSINESS_DESCRIPTION VARCHAR(1000) DEFAULT NULL, - AUTH_CLASS VARCHAR(32) NOT NULL, - PUBLISHER VARCHAR(8) NOT NULL, - SELF_LINK VARCHAR(256), - PUBLISH_LINK VARCHAR(256), - SUBSCRIBE_LINK VARCHAR(256), - LOG_LINK VARCHAR(256), - DELETED BOOLEAN DEFAULT FALSE, - LAST_MOD TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - SUSPENDED BOOLEAN DEFAULT FALSE, - CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP -); - -CREATE TABLE FEED_ENDPOINT_IDS ( - FEEDID INT UNSIGNED NOT NULL, - USERID VARCHAR(20) NOT NULL, - PASSWORD VARCHAR(32) NOT NULL -); - -CREATE TABLE FEED_ENDPOINT_ADDRS ( - FEEDID INT UNSIGNED NOT NULL, - ADDR VARCHAR(44) NOT NULL -); - -CREATE TABLE SUBSCRIPTIONS ( - SUBID INT UNSIGNED NOT NULL PRIMARY KEY, - FEEDID INT UNSIGNED NOT NULL, - GROUPID INT(10) UNSIGNED NOT NULL DEFAULT 0, - DELIVERY_URL VARCHAR(256), - DELIVERY_USER VARCHAR(20), - DELIVERY_PASSWORD VARCHAR(32), - DELIVERY_USE100 BOOLEAN DEFAULT FALSE, - METADATA_ONLY BOOLEAN DEFAULT FALSE, - SUBSCRIBER VARCHAR(8) NOT NULL, - SELF_LINK VARCHAR(256), - LOG_LINK VARCHAR(256), - LAST_MOD TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - SUSPENDED BOOLEAN DEFAULT FALSE, - CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP - -); - -CREATE TABLE PARAMETERS ( - KEYNAME VARCHAR(32) NOT NULL PRIMARY KEY, - VALUE VARCHAR(4096) NOT NULL -); - -CREATE TABLE LOG_RECORDS ( - TYPE ENUM('pub', 'del', 'exp', 'pbf', 'dlx') NOT NULL, - EVENT_TIME BIGINT NOT NULL, /* time of the publish request */ - PUBLISH_ID VARCHAR(64) NOT NULL, /* unique ID assigned to this publish attempt */ - FEEDID INT UNSIGNED NOT NULL, /* pointer to feed in FEEDS */ - REQURI VARCHAR(256) NOT NULL, /* request URI */ - METHOD ENUM('DELETE', 'GET', 'HEAD', 'OPTIONS', 'PUT', 'POST', 'TRACE') NOT NULL, /* HTTP method */ - CONTENT_TYPE VARCHAR(256) NOT NULL, /* content type of published file */ - CONTENT_LENGTH BIGINT NOT NULL, /* content length of published file */ - - FEED_FILEID VARCHAR(256), /* file ID of published file */ - REMOTE_ADDR VARCHAR(40), /* IP address of publishing endpoint */ - USER VARCHAR(50), /* user name of publishing endpoint */ - STATUS SMALLINT, /* status code returned to delivering agent */ - - DELIVERY_SUBID INT UNSIGNED, /* pointer to subscription in SUBSCRIPTIONS */ - DELIVERY_FILEID VARCHAR(256), /* file ID of file being delivered */ - RESULT SMALLINT, /* result received from subscribing agent */ - - ATTEMPTS INT, /* deliveries attempted */ - REASON ENUM('notRetryable', 'retriesExhausted', 'diskFull', 'other'), - - RECORD_ID BIGINT UNSIGNED NOT NULL PRIMARY KEY, /* unique ID for this record */ - CONTENT_LENGTH_2 BIGINT, - - INDEX (FEEDID) USING BTREE, - INDEX (DELIVERY_SUBID) USING BTREE, - INDEX (RECORD_ID) USING BTREE -) ENGINE = MyISAM; - -CREATE TABLE INGRESS_ROUTES ( - SEQUENCE INT UNSIGNED NOT NULL, - FEEDID INT UNSIGNED NOT NULL, - USERID VARCHAR(20), - SUBNET VARCHAR(44), - NODESET INT UNSIGNED NOT NULL -); - -CREATE TABLE EGRESS_ROUTES ( - SUBID INT UNSIGNED NOT NULL PRIMARY KEY, - NODEID INT UNSIGNED NOT NULL -); - -CREATE TABLE NETWORK_ROUTES ( - FROMNODE INT UNSIGNED NOT NULL, - TONODE INT UNSIGNED NOT NULL, - VIANODE INT UNSIGNED NOT NULL -); - -CREATE TABLE NODESETS ( - SETID INT UNSIGNED NOT NULL, - NODEID INT UNSIGNED NOT NULL -); - -CREATE TABLE NODES ( - NODEID INT UNSIGNED NOT NULL PRIMARY KEY, - NAME VARCHAR(255) NOT NULL, - ACTIVE BOOLEAN DEFAULT TRUE -); - -CREATE TABLE GROUPS ( - GROUPID INT UNSIGNED NOT NULL PRIMARY KEY, - AUTHID VARCHAR(100) NOT NULL, - NAME VARCHAR(50) NOT NULL, - DESCRIPTION VARCHAR(255), - CLASSIFICATION VARCHAR(20) NOT NULL, - MEMBERS TINYTEXT, - LAST_MOD TIMESTAMP DEFAULT CURRENT_TIMESTAMP -); - -INSERT INTO PARAMETERS VALUES - ('ACTIVE_POD', '{{.Values.global.config.dmaapDrProv.name}}'), - ('PROV_ACTIVE_NAME', '{{.Values.global.config.dmaapDrProv.name}}'), - ('STANDBY_POD', ''), - ('PROV_NAME', '{{.Values.global.config.dmaapDrProv.name}}'), - ('NODES', '{{.Values.global.config.dmaapDrNode.name}}'), - ('PROV_DOMAIN', '{{ include "common.namespace" . }}'), - ('DELIVERY_INIT_RETRY_INTERVAL', '10'), - ('DELIVERY_MAX_AGE', '86400'), - ('DELIVERY_MAX_RETRY_INTERVAL', '3600'), - ('DELIVERY_RETRY_RATIO', '2'), - ('LOGROLL_INTERVAL', '300'), - ('PROV_AUTH_ADDRESSES', '{{.Values.global.config.dmaapDrProv.name}}|{{.Values.global.config.dmaapDrNode.name}}'), - ('PROV_AUTH_SUBJECTS', ''), - ('PROV_MAXFEED_COUNT', '10000'), - ('PROV_MAXSUB_COUNT', '100000'), - ('PROV_REQUIRE_CERT', 'false'), - ('PROV_REQUIRE_SECURE', 'false'), - ('_INT_VALUES', 'LOGROLL_INTERVAL|PROV_MAXFEED_COUNT|PROV_MAXSUB_COUNT|DELIVERY_INIT_RETRY_INTERVAL|DELIVERY_MAX_RETRY_INTERVAL|DELIVERY_RETRY_RATIO|DELIVERY_MAX_AGE'); diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/NOTES.txt b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/NOTES.txt deleted file mode 100644 index 71879412d0..0000000000 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.global.config.mariadb.servicetype }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.global.config.mariadb.servicetype }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{.Values.global.config.mariadb.externalPort}} -{{- else if contains "ClusterIP" .Values.global.config.mariadb.servicetype }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{.Values.global.config.mariadb.internalPort}} -{{- end }} diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/templates/deployment.yaml b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/templates/deployment.yaml deleted file mode 100644 index 84887587ae..0000000000 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/templates/deployment.yaml +++ /dev/null @@ -1,114 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - hostname: {{.Values.global.config.dmaapDrNode.name}} - initContainers: - - name: {{ include "common.name" . }}-readiness - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /root/ready.py - args: - - --container-name - - {{.Values.global.config.dmaapDrProv.name}} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{.Values.global.config.dmaapDrNode.externalPort}} - - containerPort: {{.Values.global.config.dmaapDrNode.externalPort2}} - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{.Values.global.config.dmaapDrNode.internalPort}} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{.Values.global.config.dmaapDrNode.internalPort}} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: false - - mountPath: /opt/app/datartr/etc/dedicatedFeed.json - subPath: dedicatedFeed.json - name: create-feed - - mountPath: /opt/app/datartr/etc/createFeed.sh - subPath: createFeed.sh - name: create-feed - - mountPath: /opt/app/datartr/etc/node.properties - subPath: node.properties - name: node-props - lifecycle: - postStart: - exec: - command: - - /opt/app/datartr/etc/createFeed.sh - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: create-feed - configMap: - name: {{ include "common.fullname" . }}-create-feed-configmap - defaultMode: 0755 - - name: node-props - configMap: - name: {{ include "common.fullname" . }}-node-props-configmap - - name: dr-node-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/kubernetes/dmaap/charts/dmaap-data-router/values.yaml b/kubernetes/dmaap/charts/dmaap-data-router/values.yaml deleted file mode 100644 index 7f29f931fb..0000000000 --- a/kubernetes/dmaap/charts/dmaap-data-router/values.yaml +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# DMaap Data Router Global config defaults. -################################################################# -global: - persistence: {} - env: - name: AUTO - ubuntuInitRepository: oomk8s - ubuntuInitImage: ubuntu-init:1.0.0 - - config: -# dr db configuration - mariadb: - servicetype: ClusterIP - name: dmaap-dr-db - portName: dr-db-port - internalPort: 3306 - externalPort: 3306 - mariadbRootPassword: datarouter - userName: datarouter - userPassword: datarouter - mysqlDatabase: datarouter -# dr provisioning server configuration - dmaapDrProv: - servicetype: NodePort - name: dmaap-dr-prov - externalPort: 8080 - externalPort2: 8443 - internalPort: 8080 - internalPort2: 8443 - portName: dr-prov-port - portName2: dr-prov-port2 - nodePort: 59 - nodePort2: 69 -# dr node server configuration - dmaapDrNode: - servicetype: ClusterIP - name: dmaap-dr-node - externalPort: 8080 - internalPort: 8080 - externalPort2: 8443 - internalPort2: 8443 - portName: dr-node-port - portName2: dr-node-port2 diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/.helmignore b/kubernetes/dmaap/components/dmaap-bc/.helmignore similarity index 100% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/.helmignore rename to kubernetes/dmaap/components/dmaap-bc/.helmignore diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/Chart.yaml b/kubernetes/dmaap/components/dmaap-bc/Chart.yaml similarity index 91% rename from kubernetes/dmaap/charts/dmaap-bus-controller/Chart.yaml rename to kubernetes/dmaap/components/dmaap-bc/Chart.yaml index 275cc8cc07..37862dcc67 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/Chart.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/Chart.yaml @@ -14,6 +14,6 @@ # limitations under the License. apiVersion: v1 -description: a Helm chart to deploy ONAP DMaaP Bus Controller (aka dmaap-prov) in Kubernetes -name: dmaap-bus-controller -version: 3.0.0 +description: a Helm chart to deploy ONAP DMaaP Bus Controller (aka dmaap-bc) in Kubernetes +name: dmaap-bc +version: 4.0.0 diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/README.md b/kubernetes/dmaap/components/dmaap-bc/README.md similarity index 100% rename from kubernetes/dmaap/charts/dmaap-bus-controller/README.md rename to kubernetes/dmaap/components/dmaap-bc/README.md diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/requirements.yaml b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml similarity index 94% rename from kubernetes/dmaap/charts/dmaap-bus-controller/requirements.yaml rename to kubernetes/dmaap/components/dmaap-bc/requirements.yaml index fa6e0afd01..61c265fe64 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/requirements.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml @@ -14,8 +14,8 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' - name: postgres - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/config/buscontroller.env b/kubernetes/dmaap/components/dmaap-bc/resources/config/buscontroller.env similarity index 100% rename from kubernetes/dmaap/charts/dmaap-bus-controller/resources/config/buscontroller.env rename to kubernetes/dmaap/components/dmaap-bc/resources/config/buscontroller.env diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/config/dmaapbc.properties b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties similarity index 95% rename from kubernetes/dmaap/charts/dmaap-bus-controller/resources/config/dmaapbc.properties rename to kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties index f2a6dd9648..f15b9a12d1 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/config/dmaapbc.properties +++ b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties @@ -25,13 +25,13 @@ # ##################################################### # Indicator for whether to use AAF -UseAAF: false +UseAAF: true # csit: stubs out some southbound APIs for csit csit: No # name of this DMaaP instance (deprecated) -DmaapName: demo +#DmaapName: demo ##################################################### # @@ -39,7 +39,7 @@ DmaapName: demo # ##################################################### # FQDN of DR Prov Server (deprecated) -DR.provhost: dcae-drps.domain.not.set +#DR.provhost: dcae-drps.domain.not.set # URI to retrieve dynamic DR configuration ProvisioningURI: /internal/prov @@ -99,7 +99,7 @@ MR.TopicFactoryNS: org.onap.dmaap.mr.topicFactory MR.TopicMgrRole: org.onap.dmaap-bc-topic-mgr.client # MR topic ProjectID (used in certain topic name generation formats) -MR.projectID: ONAP +MR.projectID: mr ##################################################### @@ -130,6 +130,9 @@ aaf.AdminUser: {{ .Values.adminUser }} # Admin Password aaf.AdminPassword: {{ .Values.adminPwd }} +# Identity that is owner of any created namespaces for topics +aaf.NsOwnerIdentity: {{ .Values.adminUser }} + # location of the codec keyfile used to decrypt passwords in this properties file before they are passed to AAF CredentialCodeKeyfile: etc/LocalKey @@ -195,10 +198,9 @@ KeyStoreType: jks KeyStoreFile: etc/keystore # password for the https keystore -KeyStorePassword: *j&Z*Ma;.4My4M]W0eB*fal$ - +KeyStorePassword: Y@Y5f&gm?PAz,CVQL,lk[VAF # password for the private key in the https keystore -KeyPassword: *j&Z*Ma;.4My4M]W0eB*fal$ +KeyPassword: Y@Y5f&gm?PAz,CVQL,lk[VAF # type of truststore for https TrustStoreType: jks @@ -207,8 +209,9 @@ TrustStoreType: jks TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks # password for the https truststore -TrustStorePassword: pi8HuuSbN03MtQQ7(5TcyQ6; +TrustStorePassword: 8b&R5%l$l:@jSWz@FCs;rhY* # path to the file used to trigger an orderly shutdown QuiesceFile: etc/SHUTDOWN +inHttpsPort: 0 diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/dcaeLocations/san-francisco.json b/kubernetes/dmaap/components/dmaap-bc/resources/dcaeLocations/san-francisco.json similarity index 100% rename from kubernetes/dmaap/charts/dmaap-bus-controller/resources/dcaeLocations/san-francisco.json rename to kubernetes/dmaap/components/dmaap-bc/resources/dcaeLocations/san-francisco.json diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/dmaap/onap.json b/kubernetes/dmaap/components/dmaap-bc/resources/dmaap/onap.json similarity index 100% rename from kubernetes/dmaap/charts/dmaap-bus-controller/resources/dmaap/onap.json rename to kubernetes/dmaap/components/dmaap-bc/resources/dmaap/onap.json diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/mr_clusters/san-francisco.json b/kubernetes/dmaap/components/dmaap-bc/resources/mr_clusters/san-francisco.json similarity index 100% rename from kubernetes/dmaap/charts/dmaap-bus-controller/resources/mr_clusters/san-francisco.json rename to kubernetes/dmaap/components/dmaap-bc/resources/mr_clusters/san-francisco.json diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/templates/NOTES.txt b/kubernetes/dmaap/components/dmaap-bc/templates/NOTES.txt similarity index 100% rename from kubernetes/dmaap/charts/dmaap-bus-controller/templates/NOTES.txt rename to kubernetes/dmaap/components/dmaap-bc/templates/NOTES.txt diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml similarity index 58% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/configmap.yaml rename to kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml index dd75846932..1066c946af 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/configmap.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml @@ -1,4 +1,5 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs,Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,7 +16,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-mdb-configmap + name: {{ include "common.fullname" . }}-config namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -23,12 +24,12 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-mdb-initd-configmap + name: {{ include "common.fullname" . }}-dbc-dmaap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -36,4 +37,17 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/config/mariadb/docker-entrypoint-initdb.d/sql_init_01.sql").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/dmaap/*.json").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dbc-dcaelocations + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/dcaeLocations/*.json").AsConfig . | indent 2 }} diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml similarity index 74% rename from kubernetes/dmaap/charts/dmaap-bus-controller/templates/deployment.yaml rename to kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml index 9cf147fdab..0ecdc1c0e8 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml @@ -31,6 +31,10 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: + hostAliases: + - ip: "10.12.6.214" + hostnames: + - "aaf-onap-test.osaaf.org" initContainers: - command: - /root/ready.py @@ -78,17 +82,6 @@ spec: - name: {{ include "common.name" . }}-config mountPath: /opt/app/config/conf/ -# NOTE: the basename of the subdirectory is important - it matches the DBCL API URI - - name: {{ include "common.name" . }}-dmaap - mountPath: /opt/app/config/dmaap/ - - name: {{ include "common.name" . }}-dcaelocations - mountPath: /opt/app/config/dcaeLocations/ - - name: {{ include "common.name" . }}-mrclusters - mountPath: /opt/app/config/mr_clusters/ - - name: {{ include "common.name" . }}-topics - mountPath: /opt/app/config/topics/ - - name: {{ include "common.name" . }}-feeds - mountPath: /opt/app/config/feeds/ resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -106,20 +99,5 @@ spec: - name: {{ include "common.name" . }}-config configMap: name: {{ include "common.fullname" . }}-config - - name: {{ include "common.name" . }}-dmaap - configMap: - name: {{ include "common.fullname" . }}-dmaap - - name: {{ include "common.name" . }}-dcaelocations - configMap: - name: {{ include "common.fullname" . }}-dcaelocations - - name: {{ include "common.name" . }}-mrclusters - configMap: - name: {{ include "common.fullname" . }}-mrclusters - - name: {{ include "common.name" . }}-topics - configMap: - name: {{ include "common.fullname" . }}-topics - - name: {{ include "common.name" . }}-feeds - configMap: - name: {{ include "common.fullname" . }}-feeds imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml new file mode 100644 index 0000000000..ee24cfb548 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-bc/templates/post-install-job.yaml @@ -0,0 +1,72 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-post-install + labels: + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + "helm.sh/hook": post-install + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + name: {{ include "common.fullname" . }} + labels: + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + spec: + restartPolicy: Never + + containers: + - name: post-install-job + image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: DELAY + value: "0" + - name: PROTO + value: "http" + - name: PORT + value: "8080" + - name: REQUESTID + value: "{{.Chart.Name}}-post-install" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + +# NOTE: on the following several configMaps, careful to include / at end +# since there may be more than one file in each mountPath +# NOTE: the basename of the subdirectory of mountPath is important - it matches the DBCL API URI + - name: {{ include "common.fullname" . }}-dbc-dmaap + mountPath: /opt/app/config/dmaap/ + - name: {{ include "common.fullname" . }}-dbc-dcaelocations + mountPath: /opt/app/config/dcaeLocations/ + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-dbc-dmaap + configMap: + name: {{ include "common.fullname" . }}-dbc-dmaap + - name: {{ include "common.fullname" . }}-dbc-dcaelocations + configMap: + name: {{ include "common.fullname" . }}-dbc-dcaelocations + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/templates/service.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/service.yaml similarity index 100% rename from kubernetes/dmaap/charts/dmaap-bus-controller/templates/service.yaml rename to kubernetes/dmaap/components/dmaap-bc/templates/service.yaml diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml similarity index 93% rename from kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml rename to kubernetes/dmaap/components/dmaap-bc/values.yaml index 0483ce5db2..a7fc3d88db 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -30,13 +30,16 @@ pullPolicy: Always # application images repository: nexus3.onap.org:10001 - -image: onap/dmaap/buscontroller:1.0.23 +image: onap/dmaap/dmaap-bc:1.1.2 # application configuration dmaapMessageRouterService: message-router -aafURL: https://aaf-authz/ +# change the following value to point to Windriver instance maintained +# but AAF team. +# e.g. +#aafURL: https://aaf-onap-test.osaaf.org:8095/proxy/ +aafURL: https://aaf-service:8100/ topicMgrUser: dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org topicMgrPwd: demo123456! adminUser: aaf_admin@people.osaaf.org diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/.helmignore b/kubernetes/dmaap/components/dmaap-dr-node/.helmignore similarity index 100% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/.helmignore rename to kubernetes/dmaap/components/dmaap-dr-node/.helmignore diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/Chart.yaml b/kubernetes/dmaap/components/dmaap-dr-node/Chart.yaml similarity index 97% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/Chart.yaml rename to kubernetes/dmaap/components/dmaap-dr-node/Chart.yaml index 084aa58dc6..44bf9dfc80 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/Chart.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP DMaaP Data Router Node Server name: dmaap-dr-node -version: 1.0 +version: 4.0.0 diff --git a/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml b/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml new file mode 100644 index 0000000000..0b6190657a --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml @@ -0,0 +1,24 @@ +# +# ============LICENSE_START======================================================= +# Copyright (C) 2019 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# + +dependencies: + - name: common + version: ~4.x-0 + repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties new file mode 100644 index 0000000000..90c413738c --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties @@ -0,0 +1,23 @@ +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US +cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile +cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks +cadi_keystore_password=]3V)($O&.Mv]W{f8^]6SxGNL +cadi_key_password=]3V)($O&.Mv]W{f8^]6SxGNL +cadi_alias=dmaap-dr-node@dmaap-dr.onap.org +cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks +cadi_truststore_password=(Rd,&{]%ePdp}4JZjqoJ2G+g + +aaf_env=DEV +aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 +cadi_protocols=TLSv1.1,TLSv1.2 +cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 +fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 +gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 + +cadi_latitude=53.423 +cadi_longitude=7.940 + +cadi_loglevel=INFO \ No newline at end of file diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/resources/config/feeds/createFeed.sh b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/createFeed.sh similarity index 64% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/resources/config/feeds/createFeed.sh rename to kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/createFeed.sh index a6a829a485..1289ecae86 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/resources/config/feeds/createFeed.sh +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/createFeed.sh @@ -1,8 +1,8 @@ #!/bin/sh -dr_prov_url="{{.Values.global.config.dmaapDrProv.name}}:{{.Values.global.config.dmaapDrProv.internalPort2}}" -ct_header="Content-Type:application/vnd.att-dr.feed" -obo_header="X-ATT-DR-ON-BEHALF-OF:dradmin" +dr_prov_url="{{.Values.config.dmaapDrProv.name}}:{{.Values.config.dmaapDrProv.internalPort2}}" +ct_header="Content-Type:application/vnd.dmaap-dr.feed" +obo_header="X-DMAAP-DR-ON-BEHALF-OF:dradmin" feed_payload=/opt/app/datartr/etc/dedicatedFeed.json sleep 20 diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/resources/config/feeds/dedicatedFeed.json b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/dedicatedFeed.json similarity index 100% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/resources/config/feeds/dedicatedFeed.json rename to kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/dedicatedFeed.json diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/log/filebeat/filebeat.yml b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/log/filebeat/filebeat.yml new file mode 100644 index 0000000000..f1cf7394b6 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/log/filebeat/filebeat.yml @@ -0,0 +1,60 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 The Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +filebeat.prospectors: +#it is mandatory, in our case it's log +- input_type: log + #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. + paths: + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log + - /opt/app/datartr/logs/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive + ignore_older: 48h + # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit + clean_inactive: 96h + + +# Name of the registry file. If a relative path is used, it is considered relative to the +# data path. Else full qualified file name. +#filebeat.registry_file: ${path.data}/registry + + +output.logstash: + #List of logstash server ip addresses with port number. + #But, in our case, this will be the loadbalancer IP address. + #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. + hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + #If enable will do load balancing among available Logstash, automatically. + loadbalance: true + + #The list of root certificates for server verifications. + #If certificate_authorities is empty or not set, the trusted + #certificate authorities of the host system are used. + #ssl.certificate_authorities: $ssl.certificate_authorities + + #The path to the certificate for SSL client authentication. If the certificate is not specified, + #client authentication is not available. + #ssl.certificate: $ssl.certificate + + #The client certificate key used for client authentication. + #ssl.key: $ssl.key + + #The passphrase used to decrypt an encrypted key stored in the configured key file + #ssl.key_passphrase: $ssl.key_passphrase \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/logback.xml b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/logback.xml new file mode 100644 index 0000000000..25a2c6e093 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/logback.xml @@ -0,0 +1,148 @@ + + + + + + + + + + + + + + + + ${defaultPattern} + + + + + + + + + ${logDirectory}/${generalLogName}.log + + INFO + ACCEPT + DENY + + + ${logDirectory}/${generalLogName}.%i.log.zip + + 1 + 9 + + + 5MB + + + ${defaultPattern} + + + + + 256 + + + + + ${logDirectory}/${errorLogName}.log + + ERROR + ACCEPT + DENY + + + ${logDirectory}/${errorLogName}.%i.log.zip + + 1 + 9 + + + 5MB + + + ${defaultPattern} + + + + + 256 + + + + + + ${logDirectory}/${jettyAndNodeLogName}.log + + + ${logDirectory}/${jettyAndNodeLogName}.%i.log.zip + + 1 + 9 + + + 5MB + + + ${jettyAndNodeLoggerPattern} + + + + + 256 + + true + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/resources/config/node.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties similarity index 75% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/resources/config/node.properties rename to kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties index 41062c77c8..f2896ccafa 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/resources/config/node.properties +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties @@ -26,23 +26,23 @@ # URL to retrieve dynamic configuration # #ProvisioningURL: ${DRTR_PROV_INTURL} -ProvisioningURL=https://{{.Values.global.config.dmaapDrProv.name}}:{{.Values.global.config.dmaapDrProv.externalPort2}}/internal/prov +ProvisioningURL=https://{{.Values.config.dmaapDrProv.name}}:{{.Values.config.dmaapDrProv.externalPort2}}/internal/prov # # URL to upload PUB/DEL/EXP logs # #LogUploadURL: ${DRTR_LOG_URL} -LogUploadURL=https://{{.Values.global.config.dmaapDrProv.name}}:{{.Values.global.config.dmaapDrProv.externalPort2}}/internal/logs +LogUploadURL=https://{{.Values.config.dmaapDrProv.name}}:{{.Values.config.dmaapDrProv.externalPort2}}/internal/logs # # The port number for http as seen within the server # #IntHttpPort: ${DRTR_NODE_INTHTTPPORT:-8080} -IntHttpPort={{.Values.global.config.dmaapDrNode.internalPort}} +IntHttpPort={{.Values.config.dmaapDrNode.internalPort}} # # The port number for https as seen within the server # -IntHttpsPort={{.Values.global.config.dmaapDrNode.internalPort2}} +IntHttpsPort={{.Values.config.dmaapDrNode.internalPort2}} # # The external port number for https taking port mapping into account # @@ -83,11 +83,11 @@ KeyStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks # # The password for the https keystore # -KeyStorePassword=4*&GD+w58RUM]01No.CYY;z6 +KeyStorePassword=]3V)($O&.Mv]W{f8^]6SxGNL # # The password for the private key in the https keystore # -KeyPassword=4*&GD+w58RUM]01No.CYY;z6 +KeyPassword=]3V)($O&.Mv]W{f8^]6SxGNL # # The type of truststore for https # @@ -99,7 +99,7 @@ TrustStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks # # The password for the https truststore # -TrustStorePassword=UDXlT6Iu[F)k,Htk92+B,0Xj +TrustStorePassword=(Rd,&{]%ePdp}4JZjqoJ2G+g # # The path to the file used to trigger an orderly shutdown # @@ -108,4 +108,22 @@ QuiesceFile=etc/SHUTDOWN # The key used to generate passwords for node to node transfers # NodeAuthKey=Node123! +# +# DR_NODE DEFAULT ENABLED TLS PROTOCOLS +NodeHttpsProtocols = TLSv1.1|TLSv1.2 +# +# AAF type to generate permission string +AAFType = org.onap.dmaap-dr.feed +# +# AAF default instance to generate permission string - default should be legacy +AAFInstance = legacy +# +# AAF action to generate permission string - default should be publish +AAFAction = publish +# +# AAF URL to connect to AAF server +AafUrl = https://aaf-onap-test.osaaf.org:8095 +# +# AAF CADI enabled flag +CadiEnabled = false diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/dr_nodes/central.yaml b/kubernetes/dmaap/components/dmaap-dr-node/resources/dr_nodes/central.yaml new file mode 100644 index 0000000000..7ef2dcdb8f --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/dr_nodes/central.yaml @@ -0,0 +1,6 @@ +{ + "dcaeLocationName" : "san-francisco", + "fqdn" : "dmaap-dr-node.san-francisco", + "hostName" : "dmaap-dr-node.pod", + "version" : "1.0.1" +} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/dr_nodes/edge.yaml b/kubernetes/dmaap/components/dmaap-dr-node/resources/dr_nodes/edge.yaml new file mode 100644 index 0000000000..272cd75e52 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/dr_nodes/edge.yaml @@ -0,0 +1,6 @@ +{ + "dcaeLocationName" : "edge1", + "fqdn" : "dmaap-dr-node.edge1", + "hostName" : "dmaap-dr-node.pod.edge1", + "version" : "1.0.1" +} diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/templates/NOTES.txt b/kubernetes/dmaap/components/dmaap-dr-node/templates/NOTES.txt similarity index 80% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/templates/NOTES.txt rename to kubernetes/dmaap/components/dmaap-dr-node/templates/NOTES.txt index 42d7663182..65597e062f 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/templates/NOTES.txt +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/NOTES.txt @@ -17,17 +17,17 @@ {{- range .Values.ingress.hosts }} http://{{ . }} {{- end }} -{{- else if contains "NodePort" .Values.global.config.dmaapDrNode.servicetype }} +{{- else if contains "NodePort" .Values.config.dmaapDrNode.servicetype }} export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.global.config.dmaapDrNode.servicetype }} +{{- else if contains "LoadBalancer" .Values.config.dmaapDrNode.servicetype }} NOTE: It may take a few minutes for the LoadBalancer IP to be available. You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{.Values.global.config.dmaapDrNode.externalPort}} -{{- else if contains "ClusterIP" .Values.global.config.dmaapDrNode.servicetype }} + echo http://$SERVICE_IP:{{.Values.config.dmaapDrNode.externalPort}} +{{- else if contains "ClusterIP" .Values.config.dmaapDrNode.servicetype }} export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{.Values.global.config.dmaapDrNode.internalPort}} + kubectl port-forward $POD_NAME 8080:{{.Values.config.dmaapDrNode.internalPort}} {{- end }} \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml new file mode 100644 index 0000000000..a3882bcb38 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml @@ -0,0 +1,68 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-create-feed-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/feeds/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dbc-drnodes + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/dr_nodes/*.json").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml new file mode 100644 index 0000000000..096b51c094 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/post-install-job.yaml @@ -0,0 +1,67 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-post-install + labels: + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + "helm.sh/hook": post-install + "helm.sh/hook-weight": "-2" + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + name: {{ include "common.fullname" . }} + labels: + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + spec: + restartPolicy: Never + containers: + - name: post-install-job + image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: DELAY + value: "60" + - name: PROTO + value: "http" + - name: PORT + value: "8080" + - name: REQUESTID + value: "{{.Chart.Name}}-post-install" + + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + +# NOTE: on the following several configMaps, careful to include / at end +# since there may be more than one file in each mountPath +# NOTE: the basename of the subdirectory is important - it matches the DBCL API URI + - name: {{ include "common.fullname" . }}-dbc-drnodes + mountPath: /opt/app/config/dr_nodes/ + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-dbc-drnodes + configMap: + name: {{ include "common.fullname" . }}-dbc-drnodes + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/pv.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv.yaml new file mode 100644 index 0000000000..016a6ea023 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/pv.yaml @@ -0,0 +1,61 @@ +{{/* + # ============LICENSE_START======================================================= + # Copyright (C) 2019 Nordix Foundation. + # ================================================================================ + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + # + # SPDX-License-Identifier: Apache-2.0 + # ============LICENSE_END========================================================= +*/}} + +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-spool-data-pv + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-spool-data-pv +spec: + capacity: + storage: {{ .Values.persistence.spoolSize }} + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-spool-data-stcl" + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.spoolMountSubPath }} +--- +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-event-logs-pv + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-event-logs-pv +spec: + capacity: + storage: {{ .Values.persistence.eventLogSize }} + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: "{{ include "common.fullname" . }}-event-logs-stcl" + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.eventLogsMountSubPath }} \ No newline at end of file diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/templates/service.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/service.yaml similarity index 51% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/templates/service.yaml rename to kubernetes/dmaap/components/dmaap-dr-node/templates/service.yaml index e13e854d3b..b7207017da 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/templates/service.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/service.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: Service metadata: - name: {{.Values.global.config.dmaapDrNode.name}} + name: {{.Values.config.dmaapDrNode.name}} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -25,24 +25,24 @@ metadata: annotations: service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" spec: - type: {{.Values.global.config.dmaapDrNode.servicetype}} + type: {{.Values.config.dmaapDrNode.servicetype}} ports: - {{if eq .Values.global.config.dmaapDrNode.servicetype "NodePort" -}} - - port: {{.Values.global.config.dmaapDrNode.externalPort}} - targetPort: {{.Values.global.config.dmaapDrNode.internalPort}} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.global.config.dmaapDrNode.nodePort}} - name: {{.Values.global.config.dmaapDrNode.name}} - - port: {{.Values.global.config.dmaapDrNode.externalPort2}} - targetPort: {{.Values.global.config.dmaapDrNode.internalPort2}} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.global.config.dmaapDrNode.nodePort2}} - name: {{.Values.global.config.dmaapDrNode.name}}2 + {{if eq .Values.config.dmaapDrNode.servicetype "NodePort" -}} + - port: {{.Values.config.dmaapDrNode.externalPort}} + targetPort: {{.Values.config.dmaapDrNode.internalPort}} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrNode.nodePort}} + name: {{.Values.config.dmaapDrNode.name}} + - port: {{.Values.config.dmaapDrNode.externalPort2}} + targetPort: {{.Values.config.dmaapDrNode.internalPort2}} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrNode.nodePort2}} + name: {{.Values.config.dmaapDrNode.name}}2 {{- else -}} - - port: {{.Values.global.config.dmaapDrNode.externalPort}} - targetPort: {{.Values.global.config.dmaapDrNode.internalPort}} - name: {{.Values.global.config.dmaapDrNode.name}} - - port: {{.Values.global.config.dmaapDrNode.externalPort2}} - targetPort: {{.Values.global.config.dmaapDrNode.internalPort2}} - name: {{.Values.global.config.dmaapDrNode.name}}2 + - port: {{.Values.config.dmaapDrNode.externalPort}} + targetPort: {{.Values.config.dmaapDrNode.internalPort}} + name: {{.Values.config.dmaapDrNode.name}} + - port: {{.Values.config.dmaapDrNode.externalPort2}} + targetPort: {{.Values.config.dmaapDrNode.internalPort2}} + name: {{.Values.config.dmaapDrNode.name}}2 {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml new file mode 100644 index 0000000000..ec31f3f750 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml @@ -0,0 +1,173 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + serviceName: {{ .Values.config.dmaapDrNode.name }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - dmaap-dr-prov + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{.Values.config.dmaapDrNode.externalPort}} + - containerPort: {{.Values.config.dmaapDrNode.externalPort2}} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{.Values.config.dmaapDrNode.internalPort}} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{.Values.config.dmaapDrNode.internalPort}} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: {{ .Values.persistence.spoolPath }} + name: {{ include "common.fullname" . }}-spool-data-pvc + - mountPath: {{ .Values.persistence.eventLogsPath }} + name: {{ include "common.fullname" . }}-event-logs-pvc + - mountPath: /etc/localtime + name: localtime + readOnly: false + - mountPath: /opt/app/datartr/etc/dedicatedFeed.json + name: {{ include "common.fullname" . }}-create-feed-config + subPath: dedicatedFeed.json + - mountPath: /opt/app/datartr/etc/createFeed.sh + name: {{ include "common.fullname" . }}-create-feed-config + subPath: createFeed.sh + - mountPath: /opt/app/datartr/etc/node.properties + name: {{ include "common.fullname" . }}-config + subPath: node.properties + - mountPath: /opt/app/datartr/etc/drNodeCadi.properties + name: {{ include "common.fullname" . }}-config + subPath: drNodeCadi.properties + lifecycle: + postStart: + exec: + command: + - /opt/app/datartr/etc/createFeed.sh + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + # Filebeat sidecar container + - name: {{ include "common.fullname" . }}-filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-event-logs-pvc + mountPath: /var/log/onap/datarouter-node + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-create-feed-config + configMap: + name: {{ include "common.fullname" . }}-create-feed-configmap + defaultMode: 0755 + items: + - key: createFeed.sh + path: createFeed.sh + - key: dedicatedFeed.json + path: dedicatedFeed.json + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + items: + - key: node.properties + path: node.properties + - key: drNodeCadi.properties + path: drNodeCadi.properties + - name: {{ include "common.fullname" . }}-log-conf + configMap: + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-event-logs-pvc + emptyDir: {} + volumeClaimTemplates: + - metadata: + name: {{ include "common.fullname" . }}-spool-data-pvc + labels: + name: {{ include "common.fullname" . }} + spec: + accessModes: [ {{ .Values.persistence.accessMode }} ] + storageClassName: {{ include "common.fullname" . }}-spool-data-stcl + resources: + requests: + storage: {{ .Values.persistence.spoolSize }} + selector: + matchLabels: + name: {{ include "common.fullname" . }}-spool-data-pv + - metadata: + name: {{ include "common.fullname" . }}-event-logs-pvc + labels: + name: {{ include "common.fullname" . }} + spec: + accessModes: [ {{ .Values.persistence.accessMode }} ] + storageClassName: {{ include "common.fullname" . }}-event-logs-stcl + resources: + requests: + storage: {{ .Values.persistence.eventLogSize }} + selector: + matchLabels: + name: {{ include "common.fullname" . }}-event-logs-pv diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml similarity index 72% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml rename to kubernetes/dmaap/components/dmaap-dr-node/values.yaml index 8062a33517..c6087e8852 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/values.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml @@ -20,13 +20,14 @@ global: readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + loggingDirectory: /opt/app/datartr/logs ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/datarouter-node:1.0.3 +image: onap/dmaap/datarouter-node:2.0.2 pullPolicy: Always # flag to enable debugging - application support required @@ -55,7 +56,17 @@ readiness: ## Persist data to a persitent volume persistence: - enabled: false + volumeReclaimPolicy: Retain + accessMode: ReadWriteMany + mountPath: /dockerdata-nfs + + spoolMountSubPath: data-router/dr-node/spool-data + spoolSize: 1Gi + spoolPath: /opt/app/datartr/spool + + eventLogsMountSubPath: data-router/dr-node/event-logs + eventLogSize: 1Gi + eventLogsPath: /opt/app/datartr/logs ingress: enabled: false @@ -79,3 +90,21 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + +config: + # dr node server configuration + dmaapDrNode: + servicetype: ClusterIP + name: dmaap-dr-node + externalPort: 8080 + externalPort2: 8443 + internalPort: 8080 + internalPort2: 8443 + portName: dr-node-port + portName2: dr-node-port2 + +# dr provisioning server configuration + dmaapDrProv: + name: dmaap-dr-prov + externalPort2: 8443 + internalPort2: 8443 diff --git a/kubernetes/dmaap/charts/message-router/.helmignore b/kubernetes/dmaap/components/dmaap-dr-prov/.helmignore similarity index 100% rename from kubernetes/dmaap/charts/message-router/.helmignore rename to kubernetes/dmaap/components/dmaap-dr-prov/.helmignore diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/Chart.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/Chart.yaml similarity index 97% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/Chart.yaml rename to kubernetes/dmaap/components/dmaap-dr-prov/Chart.yaml index 591e9e011d..fd9a51a6ef 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/Chart.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP DMaaP Data Router Provisioning Server name: dmaap-dr-prov -version: 1.0 +version: 4.0.0 diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml new file mode 100644 index 0000000000..949b5bbdc6 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml @@ -0,0 +1,28 @@ +# +# ============LICENSE_START======================================================= +# Copyright (C) 2019 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# + +dependencies: + - name: common + version: ~4.x-0 + repository: '@local' + - name: mariadb-galera + alias: mariadb + version: ~4.x-0 + repository: '@local' \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties new file mode 100644 index 0000000000..6a875146bd --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties @@ -0,0 +1,23 @@ +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US +cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile +cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks +cadi_keystore_password=AT{];bvaDiytVD&oWhMZj0N5 +cadi_key_password=AT{];bvaDiytVD&oWhMZj0N5 +cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org +cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks +cadi_truststore_password=ljlS@Y}0]{UO(TnwvEWkgJ%] + +aaf_env=DEV +aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 +cadi_protocols=TLSv1.1,TLSv1.2 +cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 +fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 +gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 + +cadi_latitude=53.423 +cadi_longitude=7.940 + +cadi_loglevel=INFO \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/log/filebeat/filebeat.yml b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/log/filebeat/filebeat.yml new file mode 100644 index 0000000000..f1cf7394b6 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/log/filebeat/filebeat.yml @@ -0,0 +1,60 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 The Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +filebeat.prospectors: +#it is mandatory, in our case it's log +- input_type: log + #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. + paths: + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log + - /opt/app/datartr/logs/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive + ignore_older: 48h + # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit + clean_inactive: 96h + + +# Name of the registry file. If a relative path is used, it is considered relative to the +# data path. Else full qualified file name. +#filebeat.registry_file: ${path.data}/registry + + +output.logstash: + #List of logstash server ip addresses with port number. + #But, in our case, this will be the loadbalancer IP address. + #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. + hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + #If enable will do load balancing among available Logstash, automatically. + loadbalance: true + + #The list of root certificates for server verifications. + #If certificate_authorities is empty or not set, the trusted + #certificate authorities of the host system are used. + #ssl.certificate_authorities: $ssl.certificate_authorities + + #The path to the certificate for SSL client authentication. If the certificate is not specified, + #client authentication is not available. + #ssl.certificate: $ssl.certificate + + #The client certificate key used for client authentication. + #ssl.key: $ssl.key + + #The passphrase used to decrypt an encrypted key stored in the configured key file + #ssl.key_passphrase: $ssl.key_passphrase \ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/logback.xml b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/logback.xml new file mode 100644 index 0000000000..942d898695 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/logback.xml @@ -0,0 +1,148 @@ + + + + + + + + + + + + + + + + ${defaultPattern} + + + + + + + + + ${logDirectory}/${generalLogName}.log + + INFO + ACCEPT + DENY + + + ${logDirectory}/${generalLogName}.%i.log.zip + + 1 + 9 + + + 5MB + + + ${defaultPattern} + + + + + 256 + + + + + ${logDirectory}/${errorLogName}.log + + ERROR + ACCEPT + DENY + + + ${logDirectory}/${errorLogName}.%i.log.zip + + 1 + 9 + + + 5MB + + + ${defaultPattern} + + + + + 256 + + + + + + ${logDirectory}/${jettyLogName}.log + + + ${logDirectory}/${jettyLogName}.%i.log.zip + + 1 + 9 + + + 5MB + + + ${jettyLoggerPattern} + + + + + 256 + + true + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/resources/config/provserver.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties similarity index 66% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/resources/config/provserver.properties rename to kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties index 6bde746d66..2b78b8eb2c 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/resources/config/provserver.properties +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties @@ -23,16 +23,16 @@ #Jetty Server properties -org.onap.dmaap.datarouter.provserver.http.port = {{.Values.global.config.dmaapDrProv.externalPort}} -org.onap.dmaap.datarouter.provserver.https.port = {{.Values.global.config.dmaapDrProv.externalPort2}} +org.onap.dmaap.datarouter.provserver.http.port = {{.Values.config.dmaapDrProv.externalPort}} +org.onap.dmaap.datarouter.provserver.https.port = {{.Values.config.dmaapDrProv.externalPort2}} org.onap.dmaap.datarouter.provserver.https.relaxation = true -org.onap.dmaap.datarouter.provserver.keymanager.password = Qgw77oaQcdP*F8Pwa[&.,.Ab +org.onap.dmaap.datarouter.provserver.keymanager.password = AT{];bvaDiytVD&oWhMZj0N5 org.onap.dmaap.datarouter.provserver.keystore.type = jks org.onap.dmaap.datarouter.provserver.keystore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks -org.onap.dmaap.datarouter.provserver.keystore.password = Qgw77oaQcdP*F8Pwa[&.,.Ab +org.onap.dmaap.datarouter.provserver.keystore.password = AT{];bvaDiytVD&oWhMZj0N5 org.onap.dmaap.datarouter.provserver.truststore.path = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks -org.onap.dmaap.datarouter.provserver.truststore.password = 9M?)?:KAj1z6gpLhNrVUG@0T +org.onap.dmaap.datarouter.provserver.truststore.password = ljlS@Y}0]{UO(TnwvEWkgJ%] org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool org.onap.dmaap.datarouter.provserver.dbscripts = /opt/app/datartr/etc/misc @@ -44,6 +44,23 @@ org.onap.dmaap.datarouter.provserver.isaddressauthenabled = false # Database access org.onap.dmaap.datarouter.db.driver = org.mariadb.jdbc.Driver -org.onap.dmaap.datarouter.db.url = jdbc:mariadb://{{.Values.global.config.mariadb.name}}:{{.Values.global.config.mariadb.externalPort}}/datarouter +org.onap.dmaap.datarouter.db.url = jdbc:mariadb://{{.Values.config.dmaapDrDb.mariadbServiceName}}:{{.Values.config.dmaapDrDb.mariadbServicePort}}/datarouter org.onap.dmaap.datarouter.db.login = datarouter org.onap.dmaap.datarouter.db.password = datarouter + +# PROV - DEFAULT ENABLED TLS PROTOCOLS +org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2 + +# AAF config +org.onap.dmaap.datarouter.provserver.cadi.enabled = false + +org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234# +org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.feed +org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub +org.onap.dmaap.datarouter.provserver.aaf.instance = legacy +org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish +org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe + +# AAF URL to connect to AAF server +org.onap.dmaap.datarouter.provserver.cadi.aaf.url = https://aaf-onap-test.osaaf.org:8095 + diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json b/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json new file mode 100644 index 0000000000..994f9c9845 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/DefaultPM.json @@ -0,0 +1,31 @@ +{ + "feedName": "bulk_pm_feed", + "feedVersion": "m1.1", + "feedDescription": "Default feed provisioned for PM File collector", + "asprClassification" : "unclassified", + "owner": "onap", + "pubs": [ + { + "dcaeLocationName" : "san-francisco", + "username": "dradmin", + "userpwd": "dradmin" + } + + ], + "subs": [ + { + "dcaeLocationName": "san-francisco", + "deliveryURL": "https://dcae-pm-mapper:8443/delivery", + "feedId": "1", + "owner": "dcae-pm-mapper", + "status": "VALID", + "subId": "1", + "suspended": false, + "use100": true, + "username": "pmmapper", + "userpwd": "pmmapper", + "decompressData": true, + "privilegedSubscriber": true + } + ] +} \ No newline at end of file diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/feeds/README b/kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/README similarity index 100% rename from kubernetes/dmaap/charts/dmaap-bus-controller/resources/feeds/README rename to kubernetes/dmaap/components/dmaap-dr-prov/resources/feeds/README diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/templates/NOTES.txt b/kubernetes/dmaap/components/dmaap-dr-prov/templates/NOTES.txt similarity index 80% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/templates/NOTES.txt rename to kubernetes/dmaap/components/dmaap-dr-prov/templates/NOTES.txt index 64e6abf1d5..8d29cf9e66 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/templates/NOTES.txt +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/NOTES.txt @@ -17,17 +17,17 @@ {{- range .Values.ingress.hosts }} http://{{ . }} {{- end }} -{{- else if contains "NodePort" .Values.global.config.dmaapDrProv.servicetype }} +{{- else if contains "NodePort" .Values.config.dmaapDrProv.servicetype }} export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.global.config.dmaapDrProv.servicetype }} +{{- else if contains "LoadBalancer" .Values.config.dmaapDrProv.servicetype }} NOTE: It may take a few minutes for the LoadBalancer IP to be available. You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{.Values.global.config.dmaapDrProv.externalPort}} -{{- else if contains "ClusterIP" .Values.global.config.dmaapDrProv.servicetype }} + echo http://$SERVICE_IP:{{.Values.config.dmaapDrProv.externalPort}} +{{- else if contains "ClusterIP" .Values.config.dmaapDrProv.servicetype }} export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{.Values.global.config.dmaapDrProv.internalPort}} + kubectl port-forward $POD_NAME 8080:{{.Values.config.dmaapDrProv.internalPort}} {{- end }} diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml similarity index 65% rename from kubernetes/dmaap/charts/dmaap-bus-controller/templates/configmap.yaml rename to kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml index ead7562a59..fe93cb0dcd 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/templates/configmap.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml @@ -1,5 +1,4 @@ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs,Bell Canada +# Copyright © 2017 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,7 +15,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-config + name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -29,33 +28,23 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-dmaap + name: {{ include "common.fullname" . }}-log namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/dmaap/*.json").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-dcaelocations + name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/dcaeLocations/*.json").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-mrclusters + name: {{ include "common.fullname" . }}-dbc-feeds namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -63,12 +52,12 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/mr_clusters/*.json").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/feeds/*.json").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-topics + name: {{ include "common.fullname" . }}-dbc-drpubs namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -76,12 +65,12 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/topics/*.json").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/dr_pubs/*.json").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-feeds + name: {{ include "common.fullname" . }}-dbc-drsubs namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -89,4 +78,4 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/feeds/*.json").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/dr_subs/*.json").AsConfig . | indent 2 }} diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml similarity index 57% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/templates/deployment.yaml rename to kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml index 7fd60ea501..afd34d92bc 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml @@ -29,13 +29,13 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: - hostname: {{.Values.global.config.dmaapDrProv.name}} + hostname: {{.Values.config.dmaapDrProv.name}} initContainers: - command: - /root/ready.py args: - --container-name - - {{.Values.global.config.mariadb.name}} + - {{.Values.config.dmaapDrDb.mariadbContName}} env: - name: NAMESPACE valueFrom: @@ -50,18 +50,18 @@ spec: image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - - containerPort: {{.Values.global.config.dmaapDrProv.externalPort}} - - containerPort: {{.Values.global.config.dmaapDrProv.externalPort2}} + - containerPort: {{.Values.config.dmaapDrProv.externalPort}} + - containerPort: {{.Values.config.dmaapDrProv.externalPort2}} {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: - port: {{.Values.global.config.dmaapDrProv.externalPort}} + port: {{.Values.config.dmaapDrProv.externalPort}} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end -}} readinessProbe: tcpSocket: - port: {{.Values.global.config.dmaapDrProv.externalPort}} + port: {{.Values.config.dmaapDrProv.externalPort}} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: @@ -69,8 +69,13 @@ spec: name: localtime readOnly: false - mountPath: /opt/app/datartr/etc/provserver.properties + name: {{ include "common.fullname" . }}-config subPath: provserver.properties - name: prov-props + - mountPath: /opt/app/datartr/etc/drProvCadi.properties + name: {{ include "common.fullname" . }}-config + subPath: drProvCadi.properties + - mountPath: {{ .Values.global.loggingDirectory }} + name: {{ include "common.fullname" . }}-logs resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -81,19 +86,39 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + # Filebeat sidecar container + - name: {{ include "common.fullname" . }}-filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /var/log/onap/datarouter-prov volumes: - name: localtime hostPath: path: /etc/localtime - - name: prov-props + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }}-configmap + items: + - key: provserver.properties + path: provserver.properties + - key: drProvCadi.properties + path: drProvCadi.properties + - name: {{ include "common.fullname" . }}-log-conf configMap: - name: {{ include "common.fullname" . }}-prov-props-configmap - - name: dr-prov-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} + name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ include "common.fullname" . }}-dmaap-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} + - name: {{ include "common.fullname" . }}-logs emptyDir: {} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml new file mode 100644 index 0000000000..8a2cf692b8 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/post-install-job.yaml @@ -0,0 +1,77 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-post-install + labels: + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + "helm.sh/hook": post-install + "helm.sh/hook-weight": "-3" + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + name: {{ include "common.fullname" . }} + labels: + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + spec: + restartPolicy: Never + containers: + - name: post-install-job + image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: DELAY + value: "30" + - name: PROTO + value: "http" + - name: PORT + value: "8080" + - name: REQUESTID + value: "{{.Chart.Name}}-post-install" + + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + +# NOTE: on the following several configMaps, careful to include / at end +# since there may be more than one file in each mountPath +# NOTE: the basename of the subdirectory is important - it matches the DBCL API URI + - name: {{ include "common.fullname" . }}-dbc-feeds + mountPath: /opt/app/config/feeds/ + - name: {{ include "common.fullname" . }}-dbc-drpubs + mountPath: /opt/app/config/dr_pubs/ + - name: {{ include "common.fullname" . }}-dbc-drsubs + mountPath: /opt/app/config/dr_subs/ + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-dbc-feeds + configMap: + name: {{ include "common.fullname" . }}-dbc-feeds + - name: {{ include "common.fullname" . }}-dbc-drpubs + configMap: + name: {{ include "common.fullname" . }}-dbc-drpubs + - name: {{ include "common.fullname" . }}-dbc-drsubs + configMap: + name: {{ include "common.fullname" . }}-dbc-drsubs + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/templates/service.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml similarity index 51% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/templates/service.yaml rename to kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml index 15059c6bcc..691c9dcc9f 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/templates/service.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml @@ -15,7 +15,7 @@ apiVersion: v1 kind: Service metadata: - name: {{.Values.global.config.dmaapDrProv.name}} + name: {{.Values.config.dmaapDrProv.name}} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -26,34 +26,34 @@ metadata: service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" msb.onap.org/service-info: '[ { - "serviceName": "{{.Values.global.config.dmaapDrProv.name}}", + "serviceName": "{{.Values.config.dmaapDrProv.name}}", "version": "v1", "url": "/", "protocol": "REST", - "port": "{{.Values.global.config.dmaapDrProv.externalPort}}", + "port": "{{.Values.config.dmaapDrProv.externalPort}}", "visualRange":"1" } ]' spec: - type: {{.Values.global.config.dmaapDrProv.servicetype}} + type: {{.Values.config.dmaapDrProv.servicetype}} ports: - {{if eq .Values.global.config.dmaapDrProv.servicetype "NodePort" -}} - - port: {{.Values.global.config.dmaapDrProv.externalPort}} - targetPort: {{.Values.global.config.dmaapDrProv.internalPort}} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.global.config.dmaapDrProv.nodePort}} - name: {{.Values.global.config.dmaapDrProv.name}} - - port: {{.Values.global.config.dmaapDrProv.externalPort2}} - targetPort: {{.Values.global.config.dmaapDrProv.internalPort2}} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.global.config.dmaapDrProv.nodePort2}} - name: {{.Values.global.config.dmaapDrProv.name}}2 + {{if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}} + - port: {{.Values.config.dmaapDrProv.externalPort}} + targetPort: {{.Values.config.dmaapDrProv.internalPort}} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrProv.nodePort}} + name: {{.Values.config.dmaapDrProv.name}} + - port: {{.Values.config.dmaapDrProv.externalPort2}} + targetPort: {{.Values.config.dmaapDrProv.internalPort2}} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrProv.nodePort2}} + name: {{.Values.config.dmaapDrProv.name}}2 {{- else -}} - - port: {{.Values.global.config.dmaapDrProv.externalPort}} - targetPort: {{.Values.global.config.dmaapDrProv.internalPort}} - name: {{.Values.global.config.dmaapDrProv.name}} - - port: {{.Values.global.config.dmaapDrProv.externalPort2}} - targetPort: {{.Values.global.config.dmaapDrProv.internalPort2}} - name: {{.Values.global.config.dmaapDrProv.name}}2 + - port: {{.Values.config.dmaapDrProv.externalPort}} + targetPort: {{.Values.config.dmaapDrProv.internalPort}} + name: {{.Values.config.dmaapDrProv.name}} + - port: {{.Values.config.dmaapDrProv.externalPort2}} + targetPort: {{.Values.config.dmaapDrProv.internalPort2}} + name: {{.Values.config.dmaapDrProv.name}}2 {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml new file mode 100644 index 0000000000..3d65e911cf --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml @@ -0,0 +1,121 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + loggingDirectory: /opt/app/datartr/logs + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/dmaap/datarouter-prov:2.0.2 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration - see parent values chart + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + +## Persist data to a persitent volume +persistence: + enabled: false + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2000m + memory: 4Gi + requests: + cpu: 500m + memory: 1Gi + large: + limits: + cpu: 4000m + memory: 8Gi + requests: + cpu: 1000m + memory: 2Gi + unlimited: {} + +config: + # dr provisioning server configuration + dmaapDrProv: + servicetype: NodePort + name: dmaap-dr-prov + externalPort: 8080 + externalPort2: 8443 + internalPort: 8080 + internalPort2: 8443 + portName: dr-prov-port + portName2: dr-prov-port2 + nodePort: 59 + nodePort2: 69 + # dr-prov db configuration + dmaapDrDb: + mariadbServiceName: dmaap-dr-db-svc + mariadbServicePort: 3306 + mariadbContName: dmaap-dr-db + +# mariadb-galera configuration +mariadb: + name: dmaap-dr-db + nameOverride: dmaap-dr-db + replicaCount: 2 + config: + mariadbRootPassword: datarouter + userName: datarouter + userPassword: datarouter + mysqlDatabase: datarouter + service: + name: dmaap-dr-db-svc + portName: dmaap-dr-db-svc + nfsprovisionerPrefix: dmaap-dr-db + persistence: + size: 1Gi + mountSubPath: data-router/dr-db-data + disableNfsProvisioner: true \ No newline at end of file diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/.helmignore b/kubernetes/dmaap/components/message-router/.helmignore similarity index 100% rename from kubernetes/dmaap/charts/message-router/charts/message-router-kafka/.helmignore rename to kubernetes/dmaap/components/message-router/.helmignore diff --git a/kubernetes/dmaap/charts/message-router/Chart.yaml b/kubernetes/dmaap/components/message-router/Chart.yaml similarity index 97% rename from kubernetes/dmaap/charts/message-router/Chart.yaml rename to kubernetes/dmaap/components/message-router/Chart.yaml index 11d8c8feb7..1a05378712 100644 --- a/kubernetes/dmaap/charts/message-router/Chart.yaml +++ b/kubernetes/dmaap/components/message-router/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Message Router name: message-router -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/.helmignore b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/.helmignore similarity index 100% rename from kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/.helmignore rename to kubernetes/dmaap/components/message-router/charts/message-router-kafka/.helmignore diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/Chart.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/Chart.yaml similarity index 97% rename from kubernetes/dmaap/charts/message-router/charts/message-router-kafka/Chart.yaml rename to kubernetes/dmaap/components/message-router/charts/message-router-kafka/Chart.yaml index 547d84604e..0f7c27701d 100644 --- a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/Chart.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/Chart.yaml @@ -16,5 +16,5 @@ apiVersion: v1 description: ONAP Message Router Kafka Service name: message-router-kafka -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/templates/NOTES.txt b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/NOTES.txt similarity index 100% rename from kubernetes/dmaap/charts/message-router/charts/message-router-kafka/templates/NOTES.txt rename to kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/NOTES.txt diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/poddisruptionbudget.yaml similarity index 95% rename from kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml rename to kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/poddisruptionbudget.yaml index 0bc64e7682..5c2db8c1e4 100644 --- a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/poddisruptionbudget.yaml @@ -24,5 +24,5 @@ metadata: spec: selector: matchLabels: - app: {{ include "common.fullname" . }} + app: {{ include "common.name" . }} maxUnavailable: 1 diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/templates/pv.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/pv.yaml similarity index 100% rename from kubernetes/dmaap/charts/message-router/charts/message-router-kafka/templates/pv.yaml rename to kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/pv.yaml diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/templates/service.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service-hs.yaml similarity index 89% rename from kubernetes/dmaap/charts/message-router/charts/message-router-kafka/templates/service.yaml rename to kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service-hs.yaml index 88de96b2d5..0dabe55e10 100644 --- a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/templates/service.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service-hs.yaml @@ -24,10 +24,8 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: - type: {{ .Values.service.type }} ports: - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} + - port: {{ .Values.service.internalPort }} name: {{ .Values.service.portName }} clusterIP: None selector: diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml new file mode 100644 index 0000000000..8200eda6b1 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{- $root := . -}} +{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ $root.Values.service.name }}-{{ $i }} + namespace: {{ $root.Release.Namespace }} + labels: + app: {{ $root.Values.service.name }} + chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} + release: {{ $root.Release.Name }} + heritage: {{ $root.Release.Service }} + +spec: + type: {{ $root.Values.service.type }} + externalTrafficPolicy: Local + selector: + statefulset.kubernetes.io/pod-name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }} + ports: + - port: {{ $root.Values.service.externalPort }} + targetPort: {{ $root.Values.service.externalPort }} + nodePort: {{ $root.Values.service.baseNodePort | add $i }} + name: {{ $root.Values.service.name }}-{{ $i }} +{{ end }} diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml similarity index 75% rename from kubernetes/dmaap/charts/message-router/charts/message-router-kafka/templates/statefulset.yaml rename to kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml index 163bbc23b6..cc8fd5a93c 100644 --- a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml @@ -34,7 +34,11 @@ spec: release: {{ .Release.Name }} spec: podAntiAffinity: + {{if eq .Values.podAntiAffinityType "hard" -}} + requiredDuringSchedulingIgnoredDuringExecution: + {{- else -}} preferredDuringSchedulingIgnoredDuringExecution: + {{- end}} - weight: 1 podAffinityTerm: labelSelector: @@ -44,6 +48,10 @@ spec: values: - {{ include "common.name" . }} topologyKey: "kubernetes.io/hostname" + {{- if .Values.nodeAffinity }} + nodeAffinity: + {{ toYaml .Values.nodeAffinity | indent 10 }} + {{- end }} initContainers: - name: {{ include "common.name" . }}-initcontainer image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" @@ -66,10 +74,19 @@ spec: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + - -exc + - | + export KAFKA_BROKER_ID=${HOSTNAME##*-} && \ + export ENDPOINT_PORT=$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )) && \ + export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_SASL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_SASL_PLAINTEXT://:{{ .Values.service.internalPort }} && \ + exec start-kafka.sh resources: {{ include "common.resources" . | indent 12 }} ports: - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.externalPort }} {{ if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -83,30 +100,31 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: - - name: HOST_NAME + - name: HOST_IP valueFrom: fieldRef: apiVersion: v1 - fieldPath: metadata.name - - name: HOST_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace + fieldPath: status.hostIP - name: KAFKA_ZOOKEEPER_CONNECT value: "{{.Values.zookeeper.name}}:{{.Values.zookeeper.port}}" - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP - value: "INTERNAL_PLAINTEXT:PLAINTEXT,EXTERNAL_PLAINTEXT:PLAINTEXT" - - name: KAFKA_ADVERTISED_LISTENERS - value: "INTERNAL_PLAINTEXT://$(HOST_NAME).{{ .Values.service.name }}.$(HOST_NAMESPACE).svc.cluster.local:{{ .Values.service.internalPort}}" + value: "INTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT,EXTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT" - name: KAFKA_LISTENERS - value: "INTERNAL_PLAINTEXT://0.0.0.0:{{.Values.service.internalPort}}" + value: "EXTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.externalPort }},INTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.internalPort }}" - name: KAFKA_INTER_BROKER_LISTENER_NAME - value: "INTERNAL_PLAINTEXT" + value: "INTERNAL_SASL_PLAINTEXT" + - name: KAFKA_SASL_ENABLED_MECHANISMS + value: "PLAIN" + - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL + value: "PLAIN" + - name: KAFKA_AUTHORIZER_CLASS_NAME + value: "{{ .Values.kafkaCustomAuthorizer }}" + - name: KAFKA_DELETE_TOPIC_ENABLE + value: "{{ .Values.deleteTopicEnable }}" + - name: aaf_locate_url + value: "https://aaf-locate:8095" - name: KAFKA_LOG_DIRS value: "kafka/logs" - - name: BROKER_ID_COMMAND - value: "hostname | awk -F '-' '{print $NF}'" - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR value: "{{ .Values.replicaCount }}" - name: KAFKA_DEFAULT_REPLICATION_FACTOR @@ -121,6 +139,10 @@ spec: name: docker-socket - mountPath: /kafka name: kafka-data + {{- if .Values.tolerations }} + tolerations: + {{ toYaml .Values.tolerations | indent 10 }} + {{- end }} volumes: - name: localtime hostPath: diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml similarity index 86% rename from kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml rename to kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml index 6569729bee..5b83bb0a55 100644 --- a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml @@ -30,7 +30,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/kafka01101:0.0.1 +image: onap/dmaap/kafka111:0.0.5 pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 @@ -44,24 +44,36 @@ debugEnabled: false # default number of instances replicaCount: 3 +#Kafka custom authorizer class name +kafkaCustomAuthorizer: org.onap.dmaap.kafkaAuthorize.KafkaCustomAuthorizer +deleteTopicEnable: true + +# To access Kafka outside cluster, this value must be set to hard and the number of nodes in K8S cluster must be equal or greater then replica count +podAntiAffinityType: soft + # defult partitions defaultpartitions: 3 - nodeSelector: {} +nodeAffinity: {} + affinity: {} +tolerations: {} + + + # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 60 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 60 periodSeconds: 10 ## Persist data to a persitent volume @@ -88,11 +100,14 @@ persistence: mountSubPath: message-router/data-kafka service: - type: ClusterIP + type: NodePort name: message-router-kafka portName: message-router-kafka internalPort: 9092 - externalPort: 9092 + externalPort: 9093 + baseNodePort: 30490 + + ingress: enabled: false diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/Chart.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/Chart.yaml new file mode 100644 index 0000000000..1d0b7bea22 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/Chart.yaml @@ -0,0 +1,20 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: ONAP Message Router Kafka Service +name: message-router-mirrormaker +version: 4.0.0 + diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/templates/NOTES.txt b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/NOTES.txt similarity index 100% rename from kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/templates/NOTES.txt rename to kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/NOTES.txt diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml new file mode 100644 index 0000000000..51c4149094 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/templates/deployment.yaml @@ -0,0 +1,103 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + serviceName: {{ .Values.service.name }} + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-initcontainer + image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.messagerouter.container }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + - -exc + - | + exec start-mirrormaker.sh + resources: +{{ include "common.resources" . | indent 12 }} + ports: + - containerPort: {{ .Values.service.internalPort }} + {{ if eq .Values.liveness.enabled true }} + livenessProbe: + exec: + command: + - sh + - -c + - "touch /tmp/lprobe.txt" + - "rm /tmp/lprobe.txt" + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + exec: + command: + - sh + - -c + - "touch /tmp/rprobe.txt" + - "rm /tmp/rprobe.txt" + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: KAFKA_HEAP_OPTS + value: "{{ .Values.kafkaHeapOptions }}" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /var/run/docker.sock + name: docker-socket + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: docker-socket + hostPath: + path: /var/run/docker.sock + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml similarity index 77% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml rename to kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml index 704d97b464..2fbd884ab8 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-mirrormaker/values.yaml @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,22 +22,31 @@ global: readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + persistence: {} + ubuntuInitRepository: registry.hub.docker.com ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/datarouter-prov:1.0.3 +image: onap/dmaap/kafka111:0.0.5 pullPolicy: Always +ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 + +zookeeper: + name: message-router-zookeeper + port: 2181 + +messagerouter: + container: message-router # flag to enable debugging - application support required debugEnabled: false -# application configuration - see parent values chart - # default number of instances replicaCount: 1 +kafkaHeapOptions: -Xmx4G -Xms2G nodeSelector: {} @@ -44,25 +54,30 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 30 - periodSeconds: 10 + initialDelaySeconds: 60 + periodSeconds: 20 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 30 - periodSeconds: 10 + initialDelaySeconds: 60 + periodSeconds: 20 -## Persist data to a persitent volume -persistence: - enabled: false + +service: + type: NodePort + name: message-router-mirrormaker + portName: message-router-mirrormaker + internalPort: 9092 + + ingress: enabled: false # Resource Limit flavor -By Default using small -flavor: small +flavor: large # Segregation for Different environment (Small and Large) resources: small: @@ -80,3 +95,4 @@ resources: cpu: 1000m memory: 2Gi unlimited: {} + diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/.helmignore b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/Chart.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/Chart.yaml similarity index 97% rename from kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/Chart.yaml rename to kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/Chart.yaml index 138c18c523..a6a73b5d3d 100644 --- a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/Chart.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/Chart.yaml @@ -16,5 +16,5 @@ apiVersion: v1 description: ONAP Dmaap Message Router Zookeeper Service name: message-router-zookeeper -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/dmaap/charts/message-router/templates/NOTES.txt b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/NOTES.txt similarity index 100% rename from kubernetes/dmaap/charts/message-router/templates/NOTES.txt rename to kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/NOTES.txt diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/_zkquorum.tpl b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/_zkquorum.tpl new file mode 100644 index 0000000000..9af910eb89 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/_zkquorum.tpl @@ -0,0 +1,34 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- /* + Calculate the maximum number of zk server down in order to guarantee ZK quorum. + For guaranteeing ZK quorum we need half of the server + 1 up. + + div in go template cast return an int64 + so we need to know if it is an even number or an odd. + For this we are doing (n/2)*2=n? + if true it is even else it is even +*/ -}} +{{- define "zk.maxUnavailable" -}} +{{- $halfReplica := div .Values.replicaCount 2 -}} + {{/* divide by 2 and multiply by 2 in order to know if it is an even number*/}} + {{if eq (mul $halfReplica 2) (int .Values.replicaCount) }} + {{- toYaml (sub $halfReplica 1) -}} + {{else}} + {{- toYaml $halfReplica -}} + {{end}} +{{- end -}} diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/templates/poddisruptionbudget.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml similarity index 90% rename from kubernetes/dmaap/charts/message-router/charts/message-router-kafka/templates/poddisruptionbudget.yaml rename to kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml index 0bc64e7682..5a370cdc4a 100644 --- a/kubernetes/dmaap/charts/message-router/charts/message-router-kafka/templates/poddisruptionbudget.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml @@ -24,5 +24,5 @@ metadata: spec: selector: matchLabels: - app: {{ include "common.fullname" . }} - maxUnavailable: 1 + app: {{ include "common.name" . }} + maxUnavailable: {{ include "zk.maxUnavailable" . }} diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/templates/pv.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/pv.yaml similarity index 100% rename from kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/templates/pv.yaml rename to kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/pv.yaml diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/templates/service.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/service.yaml similarity index 100% rename from kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/templates/service.yaml rename to kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/service.yaml diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml similarity index 95% rename from kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/templates/statefulset.yaml rename to kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml index 14f27949a7..b2f9f13e67 100644 --- a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml @@ -48,6 +48,10 @@ spec: values: - {{ include "common.name" . }} topologyKey: "kubernetes.io/hostname" + {{- if .Values.nodeAffinity }} + nodeAffinity: + {{ toYaml .Values.nodeAffinity | indent 10 }} + {{- end }} initContainers: - name: {{ include "common.name" . }}-seed-topics-apikeys command: @@ -111,6 +115,10 @@ spec: readOnly: true - mountPath: /var/lib/zookeeper/data name: zookeeper-data + {{- if .Values.tolerations }} + tolerations: + {{ toYaml .Values.tolerations | indent 10 }} + {{- end }} volumes: - name: localtime hostPath: diff --git a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml similarity index 97% rename from kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/values.yaml rename to kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml index 7b9e9eb58a..37a1babe17 100644 --- a/kubernetes/dmaap/charts/message-router/charts/message-router-zookeeper/values.yaml +++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/values.yaml @@ -30,7 +30,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/zookeeper:1.0.0 +image: onap/dmaap/zookeeper:3.0.0 pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 @@ -49,8 +49,12 @@ replicaCount: 3 nodeSelector: {} +nodeAffinity: {} + affinity: {} +tolerations: {} + # probe configuration parameters liveness: initialDelaySeconds: 10 @@ -126,4 +130,4 @@ resources: requests: cpu: 1000m memory: 2Gi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/dmaap/charts/message-router/requirements.yaml b/kubernetes/dmaap/components/message-router/requirements.yaml similarity index 97% rename from kubernetes/dmaap/charts/message-router/requirements.yaml rename to kubernetes/dmaap/components/message-router/requirements.yaml index 96141ba881..a13c53da2c 100644 --- a/kubernetes/dmaap/charts/message-router/requirements.yaml +++ b/kubernetes/dmaap/components/message-router/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/dmaap/charts/message-router/resources/config/dmaap/MsgRtrApi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties similarity index 95% rename from kubernetes/dmaap/charts/message-router/resources/config/dmaap/MsgRtrApi.properties rename to kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties index d40d2a1468..8e446610d4 100755 --- a/kubernetes/dmaap/charts/message-router/resources/config/dmaap/MsgRtrApi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties @@ -149,17 +149,18 @@ maxcontentlength=10000 #AAF Properties msgRtr.namespace.aaf=org.onap.dmaap.mr.topic msgRtr.topicfactory.aaf=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic: -enforced.topic.name.AAF=org.onap +enforced.topic.name.AAF=org.onap.dmaap.mr forceAAF=false transidUEBtopicreqd=false defaultNSforUEB=org.onap.dmaap.mr ############################################################################## #Mirror Maker Agent -msgRtr.mirrormakeradmin.aaf=com.onap.dmaap.mr.dev.mirrormaker|*|admin -msgRtr.mirrormakeruser.aaf=com.onap.dmaap.mr.dev.mirrormaker|*|user -msgRtr.mirrormakeruser.aaf.create=com.onap.dmaap.mr.dev.topicFactory|:com.onap.dmaap.mr.dev.topic: + +msgRtr.mirrormakeradmin.aaf=org.onap.dmaap.mr.mirrormaker|*|admin +msgRtr.mirrormakeruser.aaf=org.onap.dmaap.mr.mirrormaker|*|user +msgRtr.mirrormakeruser.aaf.create=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic: msgRtr.mirrormaker.timeout=15000 -msgRtr.mirrormaker.topic=com.onap.dmaap.mr.prod.mm.agent +msgRtr.mirrormaker.topic=org.onap.dmaap.mr.mirrormakeragent msgRtr.mirrormaker.consumergroup=mmagentserver msgRtr.mirrormaker.consumerid=1 diff --git a/kubernetes/dmaap/charts/message-router/resources/config/dmaap/cadi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties similarity index 86% rename from kubernetes/dmaap/charts/message-router/resources/config/dmaap/cadi.properties rename to kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties index a79bb8d40a..948577aaa7 100755 --- a/kubernetes/dmaap/charts/message-router/resources/config/dmaap/cadi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties @@ -1,4 +1,4 @@ -aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 +aaf_locate_url=https://aaf-locate:8095 aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 aaf_env=DEV aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm @@ -17,4 +17,4 @@ cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US cadi_loglevel=INFO cadi_protocols=TLSv1.1,TLSv1.2 cadi_latitude=37.78187 -cadi_longitude=-122.26147 \ No newline at end of file +cadi_longitude=-122.26147 diff --git a/kubernetes/dmaap/charts/message-router/resources/config/dmaap/mykey b/kubernetes/dmaap/components/message-router/resources/config/dmaap/mykey similarity index 100% rename from kubernetes/dmaap/charts/message-router/resources/config/dmaap/mykey rename to kubernetes/dmaap/components/message-router/resources/config/dmaap/mykey diff --git a/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json b/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json new file mode 100644 index 0000000000..9e732d2af8 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/mr_clusters/san-francisco.json @@ -0,0 +1,6 @@ +{ + "dcaeLocationName": "san-francisco", + "fqdn": "message-router", + "topicProtocol": "http", + "topicPort": "3904" +} diff --git a/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json b/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json new file mode 100644 index 0000000000..d2910b8398 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/topics/PM_MAPPER.json @@ -0,0 +1,14 @@ +{ + "topicName": "PM_MAPPER", + "topicDescription": "The PM Mapper will be publishing perf3gpp VES events to this topic", + "owner": "pm-mapper", + "txenabled": false, + "clients": [{ + "dcaeLocationName": "san-francisco", + "clientIdentity": "dcae@dcae.onap.org", + "action": [ + "pub", + "view" + ] + }] +} diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_READY.json b/kubernetes/dmaap/components/message-router/resources/topics/PNF_READY.json similarity index 100% rename from kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_READY.json rename to kubernetes/dmaap/components/message-router/resources/topics/PNF_READY.json diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_REGISTRATION.json b/kubernetes/dmaap/components/message-router/resources/topics/PNF_REGISTRATION.json similarity index 100% rename from kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/PNF_REGISTRATION.json rename to kubernetes/dmaap/components/message-router/resources/topics/PNF_REGISTRATION.json diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/README b/kubernetes/dmaap/components/message-router/resources/topics/README similarity index 100% rename from kubernetes/dmaap/charts/dmaap-bus-controller/resources/topics/README rename to kubernetes/dmaap/components/message-router/resources/topics/README diff --git a/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json b/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json new file mode 100644 index 0000000000..7ae77cd8a8 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/topics/mirrormakeragent.json @@ -0,0 +1,42 @@ +{ + "topicName": "mirrormakeragent", + "topicDescription": "the topic used to provision the MM agent whitelist", + "replicationCase": "REPLICATION_NONE", + "owner": "dmaap", + "txenabled": false, + "partitionCount": "1", + "clients": [ + { + "dcaeLocationName": "san-francisco", + "clientIdentity": "dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org", + "action": [ + "pub", + "sub", + "view" + ] + + }, + { + "dcaeLocationName": "san-francisco", + "clientIdentity": "dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org", + "action": [ + "pub", + "sub", + "view" + ] + + }, + { + "dcaeLocationName": "san-francisco", + "clientIdentity": "demo@people.osaaf.org", + "action": [ + "pub", + "sub", + "view" + ] + + } + + ] +} + diff --git a/kubernetes/dmaap/components/message-router/templates/NOTES.txt b/kubernetes/dmaap/components/message-router/templates/NOTES.txt new file mode 100644 index 0000000000..a44d0f76ee --- /dev/null +++ b/kubernetes/dmaap/components/message-router/templates/NOTES.txt @@ -0,0 +1,34 @@ +# Copyright © 2018 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/dmaap/charts/message-router/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/templates/configmap.yaml similarity index 64% rename from kubernetes/dmaap/charts/message-router/templates/configmap.yaml rename to kubernetes/dmaap/components/message-router/templates/configmap.yaml index 1ed788893f..e2e0da51fd 100644 --- a/kubernetes/dmaap/charts/message-router/templates/configmap.yaml +++ b/kubernetes/dmaap/components/message-router/templates/configmap.yaml @@ -38,3 +38,30 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/dmaap/cadi.properties").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dbc-mrclusters + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/mr_clusters/*.json").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-dbc-topics + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/topics/*.json").AsConfig . | indent 2 }} + diff --git a/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml b/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml new file mode 100644 index 0000000000..6d246de87f --- /dev/null +++ b/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml @@ -0,0 +1,71 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-post-install + labels: + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + "helm.sh/hook": post-install + "helm.sh/hook-weight": "-4" + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + name: {{ include "common.fullname" . }} + labels: + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + spec: + restartPolicy: Never + containers: + - name: post-install-job + image: "{{ include "common.repository" . }}/{{ .Values.global.clientImage }}" + imagePullPolicy: "Always" + env: + - name: DELAY + value: "30" + - name: PROTO + value: "http" + - name: PORT + value: "8080" + - name: REQUESTID + value: "{{.Chart.Name}}-post-install" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + +# NOTE: on the following several configMaps, careful to include / at end +# since there may be more than one file in each mountPath +# NOTE: the basename of the subdirectory of mountPath is important - it matches the DBCL API URI + - name: {{ include "common.fullname" . }}-dbc-mrclusters + mountPath: /opt/app/config/mr_clusters/ + - name: {{ include "common.fullname" . }}-dbc-topics + mountPath: /opt/app/config/topics/ + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-dbc-mrclusters + configMap: + name: {{ include "common.fullname" . }}-dbc-mrclusters + - name: {{ include "common.fullname" . }}-dbc-topics + configMap: + name: {{ include "common.fullname" . }}-dbc-topics + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/charts/message-router/templates/secrets.yaml b/kubernetes/dmaap/components/message-router/templates/secrets.yaml similarity index 100% rename from kubernetes/dmaap/charts/message-router/templates/secrets.yaml rename to kubernetes/dmaap/components/message-router/templates/secrets.yaml diff --git a/kubernetes/dmaap/charts/message-router/templates/service.yaml b/kubernetes/dmaap/components/message-router/templates/service.yaml similarity index 100% rename from kubernetes/dmaap/charts/message-router/templates/service.yaml rename to kubernetes/dmaap/components/message-router/templates/service.yaml diff --git a/kubernetes/dmaap/charts/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml similarity index 99% rename from kubernetes/dmaap/charts/message-router/templates/statefulset.yaml rename to kubernetes/dmaap/components/message-router/templates/statefulset.yaml index bdd134ac64..7bf88f5f8e 100644 --- a/kubernetes/dmaap/charts/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -68,7 +68,7 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: enableCadi - value: "false" + value: "true" volumeMounts: - mountPath: /etc/localtime name: localtime diff --git a/kubernetes/dmaap/charts/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml similarity index 98% rename from kubernetes/dmaap/charts/message-router/values.yaml rename to kubernetes/dmaap/components/message-router/values.yaml index 5d01e55077..10ce59c0ac 100644 --- a/kubernetes/dmaap/charts/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/dmaap/dmaap-mr:1.1.9 +image: onap/dmaap/dmaap-mr:1.1.11 pullPolicy: Always kafka: diff --git a/kubernetes/dmaap/requirements.yaml b/kubernetes/dmaap/requirements.yaml index ea2fba4bb5..3507bd87cd 100644 --- a/kubernetes/dmaap/requirements.yaml +++ b/kubernetes/dmaap/requirements.yaml @@ -15,5 +15,21 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' + - name: message-router + version: ~4.x-0 + repository: 'file://components/message-router' + condition: message-router.enabled + - name: dmaap-bc + version: ~4.x-0 + repository: 'file://components/dmaap-bc' + condition: dmaap-bc.enabled + - name: dmaap-dr-node + version: ~4.x-0 + repository: 'file://components/dmaap-dr-node' + condition: dmaap-dr-node.enabled + - name: dmaap-dr-prov + version: ~4.x-0 + repository: 'file://components/dmaap-dr-prov' + condition: dmaap-dr-prov.enabled diff --git a/kubernetes/dmaap/resources/config/log/filebeat/filebeat.yml b/kubernetes/dmaap/resources/config/log/filebeat/filebeat.yml new file mode 100644 index 0000000000..f1cf7394b6 --- /dev/null +++ b/kubernetes/dmaap/resources/config/log/filebeat/filebeat.yml @@ -0,0 +1,60 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 The Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +filebeat.prospectors: +#it is mandatory, in our case it's log +- input_type: log + #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. + paths: + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log + - /opt/app/datartr/logs/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive + ignore_older: 48h + # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit + clean_inactive: 96h + + +# Name of the registry file. If a relative path is used, it is considered relative to the +# data path. Else full qualified file name. +#filebeat.registry_file: ${path.data}/registry + + +output.logstash: + #List of logstash server ip addresses with port number. + #But, in our case, this will be the loadbalancer IP address. + #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. + hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + #If enable will do load balancing among available Logstash, automatically. + loadbalance: true + + #The list of root certificates for server verifications. + #If certificate_authorities is empty or not set, the trusted + #certificate authorities of the host system are used. + #ssl.certificate_authorities: $ssl.certificate_authorities + + #The path to the certificate for SSL client authentication. If the certificate is not specified, + #client authentication is not available. + #ssl.certificate: $ssl.certificate + + #The client certificate key used for client authentication. + #ssl.key: $ssl.key + + #The passphrase used to decrypt an encrypted key stored in the configured key file + #ssl.key_passphrase: $ssl.key_passphrase \ No newline at end of file diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/configmap.yaml b/kubernetes/dmaap/templates/configmap.yaml similarity index 52% rename from kubernetes/vvp/charts/vvp-ci-uwsgi/templates/configmap.yaml rename to kubernetes/dmaap/templates/configmap.yaml index 1d340532a4..bdd3b0a31e 100644 --- a/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/configmap.yaml +++ b/kubernetes/dmaap/templates/configmap.yaml @@ -1,30 +1,26 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada # +# ============LICENSE_START======================================================= +# Copyright (C) 2019 Nordix Foundation. +# ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-settings - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/ci/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-secret + name: {{ .Release.Name }}-dmaap-filebeat-configmap namespace: {{ include "common.namespace" . }} -type: Opaque data: - admin_password: "Y2lhZG1pbnBhc3M=" +{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }} diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index 6ded7d1d1e..e7b39af1ad 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -22,3 +22,17 @@ global: readinessImage: readiness-check:2.0.0 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + clientImage: onap/dmaap/dbc-client:1.0.5 +# application configuration +config: + logstashServiceName: log-ls + logstashPort: 5044 + +message-router: + enabled: true +dmaap-bc: + enabled: true +dmaap-dr-node: + enabled: true +dmaap-dr-prov: + enabled: true diff --git a/kubernetes/esr/Chart.yaml b/kubernetes/esr/Chart.yaml index 05e13965af..0f48961e81 100644 --- a/kubernetes/esr/Chart.yaml +++ b/kubernetes/esr/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP External System Register name: esr -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/esr/charts/esr-gui/Chart.yaml b/kubernetes/esr/charts/esr-gui/Chart.yaml index eb9f0ab598..dfc1e26418 100644 --- a/kubernetes/esr/charts/esr-gui/Chart.yaml +++ b/kubernetes/esr/charts/esr-gui/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP External System Register GUI name: esr-gui -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/esr/charts/esr-server/Chart.yaml b/kubernetes/esr/charts/esr-server/Chart.yaml index 5f772f8366..c9718f28a7 100644 --- a/kubernetes/esr/charts/esr-server/Chart.yaml +++ b/kubernetes/esr/charts/esr-server/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP External System Register GUI name: esr-server -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/esr/charts/esr-server/requirements.yaml b/kubernetes/esr/charts/esr-server/requirements.yaml index 8a6ec399e1..9ebc9b9df1 100644 --- a/kubernetes/esr/charts/esr-server/requirements.yaml +++ b/kubernetes/esr/charts/esr-server/requirements.yaml @@ -14,7 +14,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/esr/requirements.yaml b/kubernetes/esr/requirements.yaml index e57547871c..68a7d9ec14 100644 --- a/kubernetes/esr/requirements.yaml +++ b/kubernetes/esr/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh index 9195f161f6..a07c7f4ce1 100755 --- a/kubernetes/helm/plugins/deploy/deploy.sh +++ b/kubernetes/helm/plugins/deploy/deploy.sh @@ -39,6 +39,7 @@ Flags: --set-string stringArray set STRING values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2) -f, --values valueFiles specify values in a YAML file or a URL(can specify multiple) (default []) --verbose enables full helm install/upgrade output during deploy + --set-last-applied set the last-applied-configuration annotation on all objects.This annotation is required to restore services using Ark/Veloro backup restore. EOF } @@ -66,7 +67,6 @@ generate_overrides() { fi done } - resolve_deploy_flags() { flags=($1) n=${#flags[*]} @@ -75,7 +75,8 @@ resolve_deploy_flags() { if [[ $PARAM == "-f" || \ $PARAM == "--values" || \ $PARAM == "--set" || \ - $PARAM == "--set-string" ]]; then + $PARAM == "--set-string" || \ + $PARAM == "--version" ]]; then # skip param and its value i=$((i + 1)) else @@ -108,6 +109,12 @@ deploy() { FLAGS="$(echo $FLAGS| sed -n 's/--verbose//p')" VERBOSE="true" fi + # determine if set-last-applied flag is enabled + SET_LAST_APPLIED="false" + if [[ $FLAGS = *"--set-last-applied"* ]]; then + FLAGS="$(echo $FLAGS| sed -n 's/--set-last-applied//p')" + SET_LAST_APPLIED="true" + fi if [[ $FLAGS = *"--dry-run"* ]]; then VERBOSE="true" FLAGS="$FLAGS --debug" @@ -116,12 +123,18 @@ deploy() { # should pass all flags instead NAMESPACE="$(echo $FLAGS | sed -n 's/.*\(namespace\).\s*/\1/p' | cut -c10- | cut -d' ' -f1)" + VERSION="$(echo $FLAGS | sed -n 's/.*\(version\).\s*/\1/p' | cut -c8- | cut -d' ' -f1)" + + if [ ! -z $VERSION ]; then + VERSION="--version $VERSION" + fi + # Remove all override values passed in as arguments. These will be used during dry run # to resolve computed override values. Remaining flags will be passed on during # actual upgrade/install of parent and subcharts. DEPLOY_FLAGS=$(resolve_deploy_flags "$FLAGS") - # determine if upgrading individual subchart or entire parent + subcharts + # determine if upgrading individual subchart or entire parent + subcharts SUBCHART_RELEASE="$(cut -d'-' -f2 <<<"$RELEASE")" if [[ ! -d "$CACHE_SUBCHART_DIR/$SUBCHART_RELEASE" ]]; then SUBCHART_RELEASE= @@ -148,7 +161,7 @@ deploy() { rm -rf $CHART_DIR/charts/*.tgz else echo "fetching $CHART_URL" - helm fetch $CHART_URL --untar --untardir $CACHE_DIR + helm fetch $CHART_URL --untar --untardir $CACHE_DIR $VERSION fi # move out subcharts to process separately @@ -183,6 +196,12 @@ deploy() { else echo "release \"$RELEASE\" deployed" fi + # Add annotation last-applied-configuration if set-last-applied flag is set + if [[ $SET_LAST_APPLIED == "true" ]]; then + helm get manifest ${RELEASE} \ + | kubectl apply set-last-applied --create-annotation -n onap -f - \ + > $LOG_FILE.log 2>&1 + fi fi # upgrade/install each "enabled" subchart @@ -209,6 +228,12 @@ deploy() { else echo "release \"${RELEASE}-${subchart}\" deployed" fi + # Add annotation last-applied-configuration if set-last-applied flag is set + if [[ $SET_LAST_APPLIED == "true" ]]; then + helm get manifest "${RELEASE}-${subchart}" \ + | kubectl apply set-last-applied --create-annotation -n onap -f - \ + > $LOG_FILE.log 2>&1 + fi fi else array=($(helm ls -q | grep "${RELEASE}-${subchart}")) @@ -238,4 +263,4 @@ case "${1:-"help"}" in ;; esac -exit 0 \ No newline at end of file +exit 0 diff --git a/kubernetes/helm/starters/onap-app/Chart.yaml b/kubernetes/helm/starters/onap-app/Chart.yaml index b7628cba81..b3472d4d98 100644 --- a/kubernetes/helm/starters/onap-app/Chart.yaml +++ b/kubernetes/helm/starters/onap-app/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: name: -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/helm/starters/onap-app/requirements.yaml b/kubernetes/helm/starters/onap-app/requirements.yaml index 896eaf4baa..1d30dfd918 100644 --- a/kubernetes/helm/starters/onap-app/requirements.yaml +++ b/kubernetes/helm/starters/onap-app/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/log/Chart.yaml b/kubernetes/log/Chart.yaml index 9dbdad51e7..09edd37565 100644 --- a/kubernetes/log/Chart.yaml +++ b/kubernetes/log/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Logging ElasticStack name: log -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/log/charts/log-elasticsearch/Chart.yaml b/kubernetes/log/charts/log-elasticsearch/Chart.yaml index 88edfd089a..b5275ebbff 100644 --- a/kubernetes/log/charts/log-elasticsearch/Chart.yaml +++ b/kubernetes/log/charts/log-elasticsearch/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Logging Elasticsearch name: log-elasticsearch -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/log/charts/log-elasticsearch/requirements.yaml b/kubernetes/log/charts/log-elasticsearch/requirements.yaml index 897df32ce0..0ba9e4746c 100644 --- a/kubernetes/log/charts/log-elasticsearch/requirements.yaml +++ b/kubernetes/log/charts/log-elasticsearch/requirements.yaml @@ -15,5 +15,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/log/charts/log-kibana/Chart.yaml b/kubernetes/log/charts/log-kibana/Chart.yaml index 14a4eb7ac3..20384764c9 100644 --- a/kubernetes/log/charts/log-kibana/Chart.yaml +++ b/kubernetes/log/charts/log-kibana/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Logging Kibana name: log-kibana -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/log/charts/log-kibana/requirements.yaml b/kubernetes/log/charts/log-kibana/requirements.yaml index 897df32ce0..0ba9e4746c 100644 --- a/kubernetes/log/charts/log-kibana/requirements.yaml +++ b/kubernetes/log/charts/log-kibana/requirements.yaml @@ -15,5 +15,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/log/charts/log-logstash/Chart.yaml b/kubernetes/log/charts/log-logstash/Chart.yaml index 99f93b404d..51bf8780a1 100644 --- a/kubernetes/log/charts/log-logstash/Chart.yaml +++ b/kubernetes/log/charts/log-logstash/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Logging Logstash name: log-logstash -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/log/charts/log-logstash/requirements.yaml b/kubernetes/log/charts/log-logstash/requirements.yaml index 897df32ce0..0ba9e4746c 100644 --- a/kubernetes/log/charts/log-logstash/requirements.yaml +++ b/kubernetes/log/charts/log-logstash/requirements.yaml @@ -15,5 +15,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/log/requirements.yaml b/kubernetes/log/requirements.yaml index 220dc4619b..fae2fe2fe7 100644 --- a/kubernetes/log/requirements.yaml +++ b/kubernetes/log/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/msb/Chart.yaml b/kubernetes/msb/Chart.yaml index 69b2040150..a0714aa465 100644 --- a/kubernetes/msb/Chart.yaml +++ b/kubernetes/msb/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP MicroServices Bus name: msb -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/msb/charts/kube2msb/Chart.yaml b/kubernetes/msb/charts/kube2msb/Chart.yaml index 9e73ac66d2..3290f4de33 100644 --- a/kubernetes/msb/charts/kube2msb/Chart.yaml +++ b/kubernetes/msb/charts/kube2msb/Chart.yaml @@ -14,4 +14,4 @@ apiVersion: v1 description: ONAP MicroServices Bus Kube2MSB Registrator name: kube2msb -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/msb/charts/kube2msb/requirements.yaml b/kubernetes/msb/charts/kube2msb/requirements.yaml index ec2438e7c5..2d2a9f0c02 100644 --- a/kubernetes/msb/charts/kube2msb/requirements.yaml +++ b/kubernetes/msb/charts/kube2msb/requirements.yaml @@ -13,5 +13,5 @@ # limitations under the License. dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/msb/charts/msb-consul/Chart.yaml b/kubernetes/msb/charts/msb-consul/Chart.yaml index 234d08f588..ce0088e07f 100644 --- a/kubernetes/msb/charts/msb-consul/Chart.yaml +++ b/kubernetes/msb/charts/msb-consul/Chart.yaml @@ -14,4 +14,4 @@ apiVersion: v1 description: ONAP MicroServices Bus Consul name: msb-consul -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/msb/charts/msb-consul/requirements.yaml b/kubernetes/msb/charts/msb-consul/requirements.yaml index ec2438e7c5..2d2a9f0c02 100644 --- a/kubernetes/msb/charts/msb-consul/requirements.yaml +++ b/kubernetes/msb/charts/msb-consul/requirements.yaml @@ -13,5 +13,5 @@ # limitations under the License. dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/msb/charts/msb-consul/values.yaml b/kubernetes/msb/charts/msb-consul/values.yaml index 79a26404c6..3cb5c74c14 100644 --- a/kubernetes/msb/charts/msb-consul/values.yaml +++ b/kubernetes/msb/charts/msb-consul/values.yaml @@ -22,7 +22,7 @@ global: ################################################################# # application image dockerHubRepository: registry.hub.docker.com -image: library/consul:0.9.3 +image: library/consul:1.4.3 pullPolicy: Always istioSidecar: true @@ -76,4 +76,4 @@ resources: requests: cpu: 20m memory: 100Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/msb/charts/msb-discovery/Chart.yaml b/kubernetes/msb/charts/msb-discovery/Chart.yaml index 52bdb8621b..88e0aa6bb7 100644 --- a/kubernetes/msb/charts/msb-discovery/Chart.yaml +++ b/kubernetes/msb/charts/msb-discovery/Chart.yaml @@ -14,4 +14,4 @@ apiVersion: v1 description: ONAP MicroServices Bus Discovery name: msb-discovery -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/msb/charts/msb-discovery/requirements.yaml b/kubernetes/msb/charts/msb-discovery/requirements.yaml index ec2438e7c5..2d2a9f0c02 100644 --- a/kubernetes/msb/charts/msb-discovery/requirements.yaml +++ b/kubernetes/msb/charts/msb-discovery/requirements.yaml @@ -13,5 +13,5 @@ # limitations under the License. dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/msb/charts/msb-discovery/values.yaml b/kubernetes/msb/charts/msb-discovery/values.yaml index 42bf084324..d0e9d96ce7 100644 --- a/kubernetes/msb/charts/msb-discovery/values.yaml +++ b/kubernetes/msb/charts/msb-discovery/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/msb/msb_discovery:1.2.1 +image: onap/msb/msb_discovery:1.2.3-STAGING-latest pullPolicy: Always istioSidecar: true @@ -78,4 +78,4 @@ resources: requests: cpu: 400m memory: 400Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/msb/charts/msb-eag/Chart.yaml b/kubernetes/msb/charts/msb-eag/Chart.yaml index b0b2876ba4..c9f7c905e7 100644 --- a/kubernetes/msb/charts/msb-eag/Chart.yaml +++ b/kubernetes/msb/charts/msb-eag/Chart.yaml @@ -14,4 +14,4 @@ apiVersion: v1 description: ONAP MicroServices Bus Internal API Gateway name: msb-eag -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/msb/charts/msb-eag/requirements.yaml b/kubernetes/msb/charts/msb-eag/requirements.yaml index ec2438e7c5..2d2a9f0c02 100644 --- a/kubernetes/msb/charts/msb-eag/requirements.yaml +++ b/kubernetes/msb/charts/msb-eag/requirements.yaml @@ -13,5 +13,5 @@ # limitations under the License. dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/msb/charts/msb-eag/values.yaml b/kubernetes/msb/charts/msb-eag/values.yaml index fabbed28a1..e58e51bacb 100644 --- a/kubernetes/msb/charts/msb-eag/values.yaml +++ b/kubernetes/msb/charts/msb-eag/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/msb/msb_apigateway:1.2.1 +image: onap/msb/msb_apigateway:1.2.4-STAGING-latest pullPolicy: Always istioSidecar: true @@ -82,4 +82,4 @@ resources: requests: cpu: 200m memory: 400Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/msb/charts/msb-iag/Chart.yaml b/kubernetes/msb/charts/msb-iag/Chart.yaml index 3b928abe0c..870d95179a 100644 --- a/kubernetes/msb/charts/msb-iag/Chart.yaml +++ b/kubernetes/msb/charts/msb-iag/Chart.yaml @@ -14,4 +14,4 @@ apiVersion: v1 description: ONAP MicroServices Bus Internal API Gateway name: msb-iag -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/msb/charts/msb-iag/requirements.yaml b/kubernetes/msb/charts/msb-iag/requirements.yaml index ec2438e7c5..2d2a9f0c02 100644 --- a/kubernetes/msb/charts/msb-iag/requirements.yaml +++ b/kubernetes/msb/charts/msb-iag/requirements.yaml @@ -13,5 +13,5 @@ # limitations under the License. dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/msb/charts/msb-iag/values.yaml b/kubernetes/msb/charts/msb-iag/values.yaml index 07eb045c14..d091a84164 100644 --- a/kubernetes/msb/charts/msb-iag/values.yaml +++ b/kubernetes/msb/charts/msb-iag/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/msb/msb_apigateway:1.2.1 +image: onap/msb/msb_apigateway:1.2.4-STAGING-latest pullPolicy: Always istioSidecar: true @@ -82,4 +82,4 @@ resources: requests: cpu: 100m memory: 400Mi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/msb/requirements.yaml b/kubernetes/msb/requirements.yaml index ec2438e7c5..2d2a9f0c02 100644 --- a/kubernetes/msb/requirements.yaml +++ b/kubernetes/msb/requirements.yaml @@ -13,5 +13,5 @@ # limitations under the License. dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/multicloud/Chart.yaml b/kubernetes/multicloud/Chart.yaml index 9145a5a495..9b90b2b321 100644 --- a/kubernetes/multicloud/Chart.yaml +++ b/kubernetes/multicloud/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP multicloud broker name: multicloud -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-azure/Chart.yaml b/kubernetes/multicloud/charts/multicloud-azure/Chart.yaml index d4b60c68b9..825eaf6305 100644 --- a/kubernetes/multicloud/charts/multicloud-azure/Chart.yaml +++ b/kubernetes/multicloud/charts/multicloud-azure/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP multicloud Azure plugin name: multicloud-azure -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-ocata/Chart.yaml b/kubernetes/multicloud/charts/multicloud-ocata/Chart.yaml index abdb131632..ba8b70acfd 100644 --- a/kubernetes/multicloud/charts/multicloud-ocata/Chart.yaml +++ b/kubernetes/multicloud/charts/multicloud-ocata/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP multicloud OpenStack Ocata Plugin name: multicloud-ocata -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-ocata/values.yaml b/kubernetes/multicloud/charts/multicloud-ocata/values.yaml index 8cc6b3baab..2642b5a172 100644 --- a/kubernetes/multicloud/charts/multicloud-ocata/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-ocata/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-ocata:1.2.2 +image: onap/multicloud/openstack-ocata:1.3.0-SNAPSHOT pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/charts/multicloud-pike/Chart.yaml b/kubernetes/multicloud/charts/multicloud-pike/Chart.yaml index cdcfb72f5e..6c71dea0ab 100644 --- a/kubernetes/multicloud/charts/multicloud-pike/Chart.yaml +++ b/kubernetes/multicloud/charts/multicloud-pike/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP multicloud OpenStack Pike Plugin name: multicloud-pike -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-pike/values.yaml b/kubernetes/multicloud/charts/multicloud-pike/values.yaml index eedef28483..c39d41f879 100644 --- a/kubernetes/multicloud/charts/multicloud-pike/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-pike/values.yaml @@ -23,7 +23,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-pike:1.2.2 +image: onap/multicloud/openstack-pike:1.3.0-SNAPSHOT pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/charts/multicloud-prometheus/Chart.yaml b/kubernetes/multicloud/charts/multicloud-prometheus/Chart.yaml index fb82c2cb03..6e54b93e5b 100644 --- a/kubernetes/multicloud/charts/multicloud-prometheus/Chart.yaml +++ b/kubernetes/multicloud/charts/multicloud-prometheus/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Multicloud Prometheus name: multicloud-prometheus -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/Chart.yaml b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/Chart.yaml index 846ea6f292..6dae8efa2d 100644 --- a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/Chart.yaml +++ b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-alertmanager/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Multicloud Prometheus Alert Manager name: prometheus-alertmanager -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/Chart.yaml b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/Chart.yaml index efcd4328b3..77970b8e13 100644 --- a/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/Chart.yaml +++ b/kubernetes/multicloud/charts/multicloud-prometheus/charts/prometheus-grafana/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Multicloud Grafana for Prometheus name: prometheus-grafana -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/.helmignore b/kubernetes/multicloud/charts/multicloud-starlingx/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/vvp/charts/vvp-gitlab/Chart.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/Chart.yaml similarity index 82% rename from kubernetes/vvp/charts/vvp-gitlab/Chart.yaml rename to kubernetes/multicloud/charts/multicloud-starlingx/Chart.yaml index 4598d6754a..1305d419bb 100644 --- a/kubernetes/vvp/charts/vvp-gitlab/Chart.yaml +++ b/kubernetes/multicloud/charts/multicloud-starlingx/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright (c) 2019 Intel Corporation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: holds all customers files in repos -name: vvp-gitlab +description: ONAP multicloud OpenStack Starlingx Plugin +name: multicloud-starlingx version: 3.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml b/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml new file mode 100644 index 0000000000..30445572d9 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/resources/config/log/log.yml @@ -0,0 +1,47 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +version: 1 +disable_existing_loggers: False + +loggers: + starlingx: + handlers: [starlingx_handler] + level: "DEBUG" + propagate: False + newton_base: + handlers: [starlingx_handler] + level: "DEBUG" + propagate: False + common: + handlers: [starlingx_handler] + level: "DEBUG" + propagate: False + +handlers: + starlingx_handler: + level: "DEBUG" + class: "logging.handlers.RotatingFileHandler" + filename: "/var/log/onap/multicloud/openstack/starlingx/starlingx.log" + formatter: "mdcFormat" + maxBytes: 1024*1024*50 + backupCount: 10 + +formatters: + standard: + format: "%(asctime)s|||||%(name)s||%(thread)||%(funcName)s||%(levelname)s||%(message)s" + mdcFormat: + format: "%(asctime)s|||||%(name)s||%(thread)s||%(funcName)s||%(levelname)s||%(message)s||||%(mdc)s \t" + mdcfmt: "{requestID} {invocationID} {serviceName} {serviceIP}" + datefmt: "%Y-%m-%d %H:%M:%S" + (): onaplogging.mdcformatter.MDCFormatter diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/templates/NOTES.txt b/kubernetes/multicloud/charts/multicloud-starlingx/templates/NOTES.txt new file mode 100644 index 0000000000..746215b541 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/templates/NOTES.txt @@ -0,0 +1,34 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/templates/configmap.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/templates/configmap.yaml new file mode 100644 index 0000000000..3e8a3fcae1 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/templates/configmap.yaml @@ -0,0 +1,28 @@ +{{/* +# Copyright (c) 2019 Intel Corporation. +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log-configmap + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }} diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml new file mode 100644 index 0000000000..0ccc3f9f95 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/templates/deployment.yaml @@ -0,0 +1,110 @@ +{{/* +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + name: {{ include "common.name" . }} + annotations: + sidecar.istio.io/inject: "{{.Values.istioSidecar}}" + spec: + containers: + - env: + - name: MSB_ADDR + value: "{{ .Values.config.msbgateway }}.{{ include "common.namespace" . }}" + - name: MSB_PORT + value: "{{ .Values.config.msbPort }}" + - name: AAI_ADDR + value: aai.{{ include "common.namespace" . }} + - name: AAI_PORT + value: "{{ .Values.config.aai.port }}" + - name: AAI_SCHEMA_VERSION + value: "{{ .Values.config.aai.schemaVersion }}" + - name: AAI_USERNAME + value: "{{ .Values.config.aai.username }}" + - name: AAI_PASSWORD + value: "{{ .Values.config.aai.password }}" + name: {{ include "common.name" . }} + volumeMounts: + - mountPath: /var/log/onap + name: starlingx-log + - mountPath: /opt/starlingx/starlingx/pub/config/log.yml + name: starlingx-logconfig + subPath: log.yml + resources: +{{ include "common.resources" . | indent 12 }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + httpGet: + path: /api/multicloud-starlingx/v0/swagger.json + port: {{ .Values.service.internalPort }} + scheme: HTTP + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + successThreshold: {{ .Values.liveness.successThreshold }} + failureThreshold: {{ .Values.liveness.failureThreshold }} + {{ end }} + # side car containers + - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: filebeat-onap + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + - mountPath: /var/log/onap + name: starlingx-log + - mountPath: /usr/share/filebeat/data + name: starlingx-data-filebeat + + volumes: + - name: starlingx-log + emptyDir: {} + - name: starlingx-data-filebeat + emptyDir: {} + - name: filebeat-conf + configMap: + name: multicloud-filebeat-configmap + - name: starlingx-logconfig + configMap: + name: {{ include "common.fullname" . }}-log-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + restartPolicy: Always diff --git a/kubernetes/multicloud/charts/multicloud-starlingx/templates/service.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/templates/service.yaml new file mode 100644 index 0000000000..f6925d9961 --- /dev/null +++ b/kubernetes/multicloud/charts/multicloud-starlingx/templates/service.yaml @@ -0,0 +1,60 @@ +{{/* +# Copyright (c) 2019 Intel Corporation. +# # +# # Licensed under the Apache License, Version 2.0 (the "License"); +# # you may not use this file except in compliance with the License. +# # You may obtain a copy of the License at +# # +# # http://www.apache.org/licenses/LICENSE-2.0 +# # +# # Unless required by applicable law or agreed to in writing, software +# # distributed under the License is distributed on an "AS IS" BASIS, +# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# # See the License for the specific language governing permissions and +# # limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "multicloud-starlingx", + "version": "v0", + "url": "/api/multicloud-starlingx/v0", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange": "1" + }, + { + "serviceName": "multicloud-starlingx", + "version": "v1", + "url": "/api/multicloud-starlingx/v1", + "protocol": "REST", + "port": "{{ .Values.service.externalPort }}", + "visualRange": "1" + } + ]' +spec: + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: {{ .Values.service.type }} diff --git a/kubernetes/vvp/charts/vvp-gitlab/values.yaml b/kubernetes/multicloud/charts/multicloud-starlingx/values.yaml similarity index 55% rename from kubernetes/vvp/charts/vvp-gitlab/values.yaml rename to kubernetes/multicloud/charts/multicloud-starlingx/values.yaml index 4855c8873e..2ca696c704 100644 --- a/kubernetes/vvp/charts/vvp-gitlab/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-starlingx/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright (c) 2019 Intel Corporation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,24 +16,30 @@ # Global configuration defaults. ################################################################# global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 + nodePortPrefixExt: 304 ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/vvp/gitlab:1.0.0 +image: onap/multicloud/openstack-starlingx:1.3.0-SNAPSHOT pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false +#Istio sidecar injection policy +istioSidecar: false +# application configuration +config: + msbgateway: msb-iag + msbPort: 80 + aai: + port: 8443 + schemaVersion: v13 + username: AAI + password: AAI + +# default number of instances replicaCount: 1 nodeSelector: {} @@ -42,22 +48,40 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 5 enabled: true -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - service: type: NodePort - internalPort1: 80 - internalPort2: 22 - portName1: web - portName2: ssh + name: multicloud-starlingx + portName: multicloud-starlingx + externalPort: 9009 + internalPort: 9009 + nodePort: 85 ingress: enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 4Gi + requests: + cpu: 10m + memory: 1Gi + large: + limits: + cpu: 2 + memory: 8Gi + requests: + cpu: 20m + memory: 2Gi + unlimited: {} diff --git a/kubernetes/multicloud/charts/multicloud-vio/Chart.yaml b/kubernetes/multicloud/charts/multicloud-vio/Chart.yaml index f3f9db414c..ae7dba61ec 100644 --- a/kubernetes/multicloud/charts/multicloud-vio/Chart.yaml +++ b/kubernetes/multicloud/charts/multicloud-vio/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP multicloud VIO plugin name: multicloud-vio -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-windriver/Chart.yaml b/kubernetes/multicloud/charts/multicloud-windriver/Chart.yaml index 2dc23d0ea0..fa0ea64e0d 100644 --- a/kubernetes/multicloud/charts/multicloud-windriver/Chart.yaml +++ b/kubernetes/multicloud/charts/multicloud-windriver/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP multicloud OpenStack WindRiver Plugin name: multicloud-windriver -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/multicloud/charts/multicloud-windriver/values.yaml b/kubernetes/multicloud/charts/multicloud-windriver/values.yaml index c453ed5a19..234ad3f0f6 100644 --- a/kubernetes/multicloud/charts/multicloud-windriver/values.yaml +++ b/kubernetes/multicloud/charts/multicloud-windriver/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/multicloud/openstack-windriver:1.2.2 +image: onap/multicloud/openstack-windriver:1.3.0-SNAPSHOT pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/multicloud/requirements.yaml b/kubernetes/multicloud/requirements.yaml index 897df32ce0..0ba9e4746c 100644 --- a/kubernetes/multicloud/requirements.yaml +++ b/kubernetes/multicloud/requirements.yaml @@ -15,5 +15,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/multicloud/resources/config/provider-plugin.json b/kubernetes/multicloud/resources/config/provider-plugin.json index 2bc98943a5..65ed86c110 100644 --- a/kubernetes/multicloud/resources/config/provider-plugin.json +++ b/kubernetes/multicloud/resources/config/provider-plugin.json @@ -12,6 +12,11 @@ "extra_info_hint": "", "provider_plugin": "multicloud-pike" }, + "starlingx": { + "version": "starlingx", + "extra_info_hint": "", + "provider_plugin": "multicloud-starlingx" + }, "ocata": { "version": "ocata", "extra_info_hint": "", diff --git a/kubernetes/nbi/Chart.yaml b/kubernetes/nbi/Chart.yaml index 0fffb98e36..76b668ef6d 100644 --- a/kubernetes/nbi/Chart.yaml +++ b/kubernetes/nbi/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Northbound Interface name: nbi -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/nbi/charts/mariadb/Chart.yaml b/kubernetes/nbi/charts/mariadb/Chart.yaml index 10bbe080c2..96b11ea7f1 100644 --- a/kubernetes/nbi/charts/mariadb/Chart.yaml +++ b/kubernetes/nbi/charts/mariadb/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP NBI MariaDB Service name: mariadb -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/nbi/charts/mariadb/requirements.yaml b/kubernetes/nbi/charts/mariadb/requirements.yaml index f8074990af..ce3bc4618a 100644 --- a/kubernetes/nbi/charts/mariadb/requirements.yaml +++ b/kubernetes/nbi/charts/mariadb/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/nbi/requirements.yaml b/kubernetes/nbi/requirements.yaml index 1ec9012c65..d9dd0bc677 100644 --- a/kubernetes/nbi/requirements.yaml +++ b/kubernetes/nbi/requirements.yaml @@ -15,12 +15,12 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: mongo - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/nbi/templates/deployment.yaml b/kubernetes/nbi/templates/deployment.yaml index de260e3df8..712da12bcd 100644 --- a/kubernetes/nbi/templates/deployment.yaml +++ b/kubernetes/nbi/templates/deployment.yaml @@ -92,6 +92,8 @@ spec: - name: SO_HEADER_AUTHORIZATION value: {{ .Values.so_authorization }} {{- end }} + - name: DMAAP_HOST + value: "http://message-router.{{ include "common.namespace" . }}:3904" - name: LOGGING_LEVEL_ORG_ONAP_NBI value: {{ .Values.config.loglevel }} - name: MSB_ENABLED diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index ac5d3266d5..9f50620ab6 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -28,7 +28,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/externalapi/nbi:3.0.1 +image: onap/externalapi/nbi:3.0.2 pullPolicy: Always sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU= aai_authorization: Basic QUFJOkFBSQ== @@ -85,7 +85,7 @@ affinity: {} # probe configuration parameters liveness: httpGet: - path: /nbi/api/v3/status + path: /nbi/api/v4/status port: 8080 initialDelaySeconds: 180 periodSeconds: 30 @@ -95,7 +95,7 @@ liveness: readiness: httpGet: - path: /nbi/api/v3/status + path: /nbi/api/v4/status port: 8080 initialDelaySeconds: 185 periodSeconds: 30 diff --git a/kubernetes/onap/Chart.yaml b/kubernetes/onap/Chart.yaml index 1396f8546b..82228a8b10 100644 --- a/kubernetes/onap/Chart.yaml +++ b/kubernetes/onap/Chart.yaml @@ -14,11 +14,10 @@ apiVersion: v1 name: onap -version: 3.0.0 -appVersion: Casablanca +version: 4.0.0 +appVersion: Dublin description: Open Network Automation Platform (ONAP) home: https://www.onap.org/ sources: - https://gerrit.onap.org/r/#/admin/projects/ -icon: https://wiki.onap.org/download/thumbnails/1015829/onap_704x271%20copy.png?version=1&modificationDate=1488326334000&api=v2 -tillerVersion: "~2.9.1" +icon: https://wiki.onap.org/download/thumbnails/1015829/onap_704x271%20copy.png?version=1&modificationDate=1488326334000&api=v2 \ No newline at end of file diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml index 4e18dc95a3..43794d286d 100644 --- a/kubernetes/onap/requirements.yaml +++ b/kubernetes/onap/requirements.yaml @@ -18,121 +18,125 @@ # > helm repo add local http://127.0.0.1:8879 dependencies: - name: aaf - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: aaf.enabled - name: aai - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: aai.enabled - name: appc - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: appc.enabled + - name: cassandra + version: ~4.x-0 + repository: '@local' + condition: cassandra.enabled - name: clamp - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: clamp.enabled - name: cli - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: cli.enabled - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' - name: consul - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: consul.enabled - name: contrib - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: contrib.enabled - name: dcaegen2 - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: dcaegen2.enabled - name: dmaap - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: dmaap.enabled - name: esr - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: esr.enabled - name: log - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: log.enabled - name: sniro-emulator - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: sniro-emulator.enabled + - name: mariadb-galera + version: ~4.x-0 + repository: '@local' + condition: mariadb-galera.enabled - name: msb - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: msb.enabled - name: multicloud - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: multicloud.enabled - name: nbi - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: nbi.enabled - name: pnda - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: pnda.enabled - name: policy - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: policy.enabled - name: pomba - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: pomba.enabled - name: portal - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: portal.enabled - name: oof - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: oof.enabled - name: robot - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: robot.enabled - name: sdc - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: sdc.enabled - name: sdnc - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: sdnc.enabled - name: so - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: so.enabled - name: uui - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: uui.enabled - name: vfc - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: vfc.enabled - name: vid - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: vid.enabled - name: vnfsdk - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: vnfsdk.enabled - - name: vvp - version: ~3.0.0 - repository: '@local' - condition: vvp.enabled diff --git a/kubernetes/onap/resources/environments/dev.yaml b/kubernetes/onap/resources/environments/dev.yaml index 6be1a0073c..fa8619ed93 100644 --- a/kubernetes/onap/resources/environments/dev.yaml +++ b/kubernetes/onap/resources/environments/dev.yaml @@ -59,6 +59,9 @@ aai: replicaCount: 1 appc: enabled: false +cassandra: + enabled: false + replicaCount: 1 clamp: enabled: false cli: @@ -81,6 +84,8 @@ sniro-emulator: enabled: false oof: enabled: false +mariadb-galera: + enabled: false msb: enabled: false multicloud: diff --git a/kubernetes/onap/resources/environments/disable-allcharts.yaml b/kubernetes/onap/resources/environments/disable-allcharts.yaml index d45111427e..27588fa4a8 100644 --- a/kubernetes/onap/resources/environments/disable-allcharts.yaml +++ b/kubernetes/onap/resources/environments/disable-allcharts.yaml @@ -31,6 +31,8 @@ aai: enabled: false appc: enabled: false +cassandra: + enabled: false clamp: enabled: false cli: @@ -49,6 +51,8 @@ log: enabled: false sniro-emulator: enabled: false +mariadb-galera: + enabled: false msb: enabled: false multicloud: @@ -79,5 +83,3 @@ vid: enabled: false vnfsdk: enabled: false -vvp: - enabled: false diff --git a/kubernetes/onap/resources/environments/minimal-onap.yaml b/kubernetes/onap/resources/environments/minimal-onap.yaml index e5cb97193f..989174c1c4 100644 --- a/kubernetes/onap/resources/environments/minimal-onap.yaml +++ b/kubernetes/onap/resources/environments/minimal-onap.yaml @@ -51,6 +51,9 @@ aaf: enabled: false appc: enabled: false +cassandra: + enabled: false + replicaCount: 1 clamp: enabled: false cli: @@ -67,6 +70,8 @@ esr: enabled: false log: enabled: false +mariadb-galera: + enabled: true msb: enabled: false multicloud: @@ -171,5 +176,3 @@ vfc: enabled: false vnfsdk: enabled: false -vvp: - enabled: false diff --git a/kubernetes/onap/resources/environments/public-cloud.yaml b/kubernetes/onap/resources/environments/public-cloud.yaml index 489176b0a5..d751534bd9 100644 --- a/kubernetes/onap/resources/environments/public-cloud.yaml +++ b/kubernetes/onap/resources/environments/public-cloud.yaml @@ -50,6 +50,11 @@ aai: initialDelaySeconds: 120 readiness: initialDelaySeconds: 120 +cassandra: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 clamp: liveness: initialDelaySeconds: 60 @@ -148,3 +153,10 @@ uui: initialDelaySeconds: 120 readiness: initialDelaySeconds: 120 +mariadb-galera: + mariadb-galera-server: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml new file mode 100644 index 0000000000..9f9f166e91 --- /dev/null +++ b/kubernetes/onap/resources/overrides/onap-all.yaml @@ -0,0 +1,73 @@ +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################### +# This override file enables helm charts for all ONAP applications. +################################################################### +aaf: + enabled: true +aai: + enabled: true +appc: + enabled: true +cassandra: + enabled: true +clamp: + enabled: true +cli: + enabled: true +consul: + enabled: true +contrib: + enabled: true +dcaegen2: + enabled: true +dmaap: + enabled: true +esr: + enabled: true +log: + enabled: true +sniro-emulator: + enabled: true +oof: + enabled: true +msb: + enabled: true +multicloud: + enabled: true +nbi: + enabled: true +policy: + enabled: true +pomba: + enabled: true +portal: + enabled: true +robot: + enabled: true +sdc: + enabled: true +sdnc: + enabled: true +so: + enabled: true +uui: + enabled: true +vfc: + enabled: true +vid: + enabled: true +vnfsdk: + enabled: true diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 1ca2b8470a..6b283dbc94 100644 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -58,11 +58,11 @@ global: # to customize the ONAP deployment. ################################################################# aaf: - enabled: true + enabled: false aai: - enabled: true + enabled: false appc: - enabled: true + enabled: false config: openStackType: OpenStackProvider openStackName: OpenStack @@ -71,67 +71,71 @@ appc: openStackDomain: default openStackUserName: admin openStackEncryptedPassword: admin +cassandra: + enabled: false clamp: - enabled: true + enabled: false cli: - enabled: true + enabled: false consul: - enabled: true + enabled: false contrib: - enabled: true + enabled: false dcaegen2: - enabled: true + enabled: false pnda: enabled: false dmaap: - enabled: true + enabled: false esr: - enabled: true + enabled: false log: - enabled: true + enabled: false sniro-emulator: - enabled: true + enabled: false oof: - enabled: true + enabled: false +mariadb-galera: + enabled: false msb: - enabled: true + enabled: false multicloud: - enabled: true + enabled: false nbi: - enabled: true + enabled: false config: # openstack configuration openStackRegion: "Yolo" openStackVNFTenantId: "1234" policy: - enabled: true + enabled: false pomba: - enabled: true + enabled: false portal: - enabled: true + enabled: false robot: - enabled: true + enabled: false config: # openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" sdc: - enabled: true + enabled: false sdnc: - enabled: true + enabled: false replicaCount: 1 mysql: replicaCount: 1 so: - enabled: true + enabled: false replicaCount: 1 liveness: # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container - enabled: true + enabled: false # so server configuration config: @@ -149,12 +153,10 @@ so: config: mariadbRootPassword: password uui: - enabled: true + enabled: false vfc: - enabled: true + enabled: false vid: - enabled: true + enabled: false vnfsdk: - enabled: true -vvp: enabled: false diff --git a/kubernetes/oof/Chart.yaml b/kubernetes/oof/Chart.yaml index 5fb5b6fad0..a623d59c69 100755 --- a/kubernetes/oof/Chart.yaml +++ b/kubernetes/oof/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Optimization Framework name: oof -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-cmso/Chart.yaml b/kubernetes/oof/charts/oof-cmso/Chart.yaml index eb5e97b58f..253f3503b6 100644 --- a/kubernetes/oof/charts/oof-cmso/Chart.yaml +++ b/kubernetes/oof/charts/oof-cmso/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: Chart for Change Management Service Orchestrator (CMSO) name: oof-cmso -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/Chart.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/Chart.yaml new file mode 100644 index 0000000000..78fedfdef2 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Chart for Change Management Service Orchestrator (CMSO) Optimizer +name: oof-cmso-optimizer +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/cadi.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/cadi.properties new file mode 100644 index 0000000000..9a6b91c602 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/cadi.properties @@ -0,0 +1,21 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START============================================== +# Copyright (c) 2019 AT&T Intellectual Property. +# ======================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain a +# copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# or implied. See the License for the specific language governing +# permissions and limitations under the License. +# ============LICENSE_END================================================= +# +#------------------------------------------------------------------------------- +cadi_loglevel=DEBUG +cadi_prop_files=src/main/resources/aaf/org.onap.oof.props + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/liquibase.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/liquibase.properties new file mode 100644 index 0000000000..32d77bb663 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/liquibase.properties @@ -0,0 +1,43 @@ +### +# Copyright (c) 2019 AT&T Intellectual Property. +# Modifications Copyright (c) 2018 IBM. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the ââ?¬Å"Licenseââ?¬); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +### +spring.datasource.jdbcUrl=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA}?createDatabaseIfNotExist=true +spring.datasource.driver-class-name=org.mariadb.jdbc.Driver +spring.datasource.username=${DB_USERNAME} +spring.datasource.password=${DB_PASSWORD} + +spring.datasource.initialize=false +spring.datasource.tomcat.max-wait=10000 +spring.datasource.tomcat.initialSize=5 +spring.datasource.tomcat.max-active=25 +spring.datasource.tomcat.test-on-borrow=true + + +changeLogFile=optimizer-liquibase-changeLog.xml diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/logback.xml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/logback.xml new file mode 100644 index 0000000000..e4386fd249 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/logback.xml @@ -0,0 +1,253 @@ + + + + + + + + + + + + + + + + + + + + INFO + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + + + + INFO + + ${logDirectory}/error2.log + true + + ${defaultPattern} + + + ${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + 10MB + + + + + ${logDirectory}/debug.log + true + + ${debugPattern} + + + ${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + + + + ${logDirectory}/audit.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/audit.%i.log.zip + + + + 10MB + + + + 256 + + + + + ${logDirectory}/metric.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| + %msg%n + + + 10 + ${logDirectory}/metric.%i.log.zip + + + + 10MB + + + + 256 + + + + + + ${logDirectory}/security.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/security.%i.log.zip + + + + 10MB + + + + 256 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties new file mode 100644 index 0000000000..83ed89a844 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/resources/config/optimizer.properties @@ -0,0 +1,54 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START============================================== +# Copyright (c) 2019 AT&T Intellectual Property. +# ======================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain a +# copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# or implied. See the License for the specific language governing +# permissions and limitations under the License. +# ============LICENSE_END================================================= +# +#------------------------------------------------------------------------------- +spring.datasource.url=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA} +spring.datasource.driver-class-name=org.mariadb.jdbc.Driver +spring.datasource.username=${DB_USERNAME} +spring.datasource.password=${DB_PASSWORD} +cmso.database.password=${DB_PASSWORD} + +spring.datasource.initialize=false +spring.datasource.tomcat.max-wait=10000 +spring.datasource.tomcat.initialSize=5 +spring.datasource.tomcat.max-active=25 +spring.datasource.tomcat.test-on-borrow=true + +spring.jpa.show-sql=false +spring.jpa.hibernate.ddl-auto=none +spring.jpa.hibernate.naming.strategy=org.hibernate.cfg.EJB3NamingStrategy +spring.jpa.database-platform=org.hibernate.dialect.MySQL5InnoDBDialect +spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl +spring.jpa.hibernate.id.new_generator_mappings=false +hibernate.id.new_generator_mappings=false + +logging.level.org.hibernate.SQL=WARN +logging.level.org.hibernate=WARN +#------------------------------------------------------------------------------- + + +cmso.topology.create.request.url=http://${TOPOLOGY_HOST}:${TOPOLOGY_PORT}/topology/v1/current +cmso.ticket.create.request.url=http://${TICKETMGT_HOST}:${TICKETMGT_PORT}/ticketmgt/v1/activetickets +cmso.local.policy.folder=data/policies + +cmso.minizinc.command.exe=/mz-dist/bin/minizinc +cmso.minizinc.command.solver=OSICBC +cmso.minizinc.command.timelimit=60000 +cmso.minizinc.command.mzn=scripts/minizinc/generic_attributes.mzn + +mechid.user=oof@oof.onap.org +mechid.pass=changeit diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/NOTES.txt b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/NOTES.txt new file mode 100644 index 0000000000..1103affff1 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/NOTES.txt @@ -0,0 +1,32 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/configmap.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/configmap.yaml new file mode 100644 index 0000000000..c4397359dc --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/configmap.yaml @@ -0,0 +1,26 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml new file mode 100644 index 0000000000..4e418bf756 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml @@ -0,0 +1,146 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.mariadb.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + - name: db-init + image: "{{ include "common.repository" . }}/{{ .Values.dbinit.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: DB_HOST + value: {{ .Values.config.db_host }}.{{.Release.Namespace}} + - name: DB_PORT + value: {{ .Values.config.db_port | quote}} + - name: DB_USERNAME + value: {{ .Values.config.db_root }} + - name: DB_SCHEMA + value: {{ .Values.config.mysqlDatabase }} + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-cmso-db + key: db-root-password + terminationMessagePolicy: File + volumeMounts: + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: TOPOLOGY_HOST + value: {{ .Values.config.topology_host }}.{{.Release.Namespace}} + - name: TOPOLOGY_PORT + value: {{ .Values.config.topology_port | quote}} + - name: TICKETMGT_HOST + value: {{ .Values.config.ticketmgt_host }}.{{.Release.Namespace}} + - name: TICKETMGT_PORT + value: {{ .Values.config.ticketmgt_port | quote}} + - name: DB_HOST + value: {{ .Values.config.db_host }}.{{.Release.Namespace}} + - name: DB_PORT + value: {{ .Values.config.db_port | quote}} + - name: DB_USERNAME + value: {{ .Values.config.db_root }} + - name: DB_SCHEMA + value: {{ .Values.config.mysqlDatabase }} + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name}}-cmso-db + key: db-root-password + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/debug-logs + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }} + items: + - key: logback.xml + path: logback.xml + - key: cadi.properties + path: cadi.properties + - key: optimizer.properties + path: optimizer.properties + - key: liquibase.properties + path: liquibase.properties + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/vvp/charts/vvp-redis/templates/service.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/service.yaml similarity index 72% rename from kubernetes/vvp/charts/vvp-redis/templates/service.yaml rename to kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/service.yaml index e46ab4b030..1624a08b27 100644 --- a/kubernetes/vvp/charts/vvp-redis/templates/service.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/service.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,16 +19,21 @@ metadata: namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} {{- end}} - name: {{ .Values.service.portName | default "http" }} selector: app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml new file mode 100644 index 0000000000..be32774bc1 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml @@ -0,0 +1,115 @@ +# Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: # global defaults + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + +subChartsOnly: + enabled: true + +# application image +repository: nexus3.onap.org:10001 +image: onap/optf-cmso-optimizer:latest +pullPolicy: Always + +#init container image +dbinit: + image: onap/optf-cmso-dbinit:latest + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + + +service: + type: ClusterIP + name: oof-cmso-optimizer + portName: cmso + internalPort: 7997 + externalPort: 7997 + #nodePort: 23 + # as of 20181022 port 23 is reserved for cmso + # see https://wiki.onap.org/display/DW/OOM+NodePort+List + + +config: + db_root: root + db_user: cmso-admin + mysqlDatabase: optimizer + db_host: oof-cmso-dbhost + db_port: 3306 + topology_host: oof-cmso-topology + topology_port: 7998 + ticketmgt_host: oof-cmso-ticketmgt + ticketmgt_port: 7999 + +mariadb: + nameOverride: cmso-db + +ingress: + enabled: false + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + small: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + large: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/Chart.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/Chart.yaml index 1af0d049fe..2cfc9e78b9 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/Chart.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: Chart for Change Management Service Orchestrator (CMSO) Service name: oof-cmso-service -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cadi.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cadi.properties new file mode 100644 index 0000000000..9a6b91c602 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cadi.properties @@ -0,0 +1,21 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START============================================== +# Copyright (c) 2019 AT&T Intellectual Property. +# ======================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain a +# copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# or implied. See the License for the specific language governing +# permissions and limitations under the License. +# ============LICENSE_END================================================= +# +#------------------------------------------------------------------------------- +cadi_loglevel=DEBUG +cadi_prop_files=src/main/resources/aaf/org.onap.oof.props + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties index cf1d35e105..ce94f573f6 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/cmso.properties @@ -1,7 +1,7 @@ #------------------------------------------------------------------------------- -# Copyright © 2017-2018 AT&T Intellectual Property. -# Modifications Copyright © 2018 IBM. +# Copyright (c) 2017-2018 AT&T Intellectual Property. +# Modifications Copyright (c) 2018 IBM. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ # # # Unless otherwise specified, all documentation contained herein is licensed -# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?); +# under the Creative Commons License, Attribution 4.0 Intl. (the ???License???); # you may not use this documentation except in compliance with the License. # You may obtain a copy of the License at # @@ -29,9 +29,8 @@ # See the License for the specific language governing permissions and # limitations under the License. #------------------------------------------------------------------------------- -### -### MySQL DB. +#------------------------------------------------------------------------------- spring.datasource.url=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA} spring.datasource.driver-class-name=org.mariadb.jdbc.Driver spring.datasource.username=${DB_USERNAME} @@ -44,7 +43,7 @@ spring.datasource.tomcat.initialSize=5 spring.datasource.tomcat.max-active=25 spring.datasource.tomcat.test-on-borrow=true -spring.jpa.show-sql=true +spring.jpa.show-sql=false spring.jpa.hibernate.ddl-auto=none spring.jpa.hibernate.naming.strategy=org.hibernate.cfg.EJB3NamingStrategy spring.jpa.database-platform=org.hibernate.dialect.MySQL5InnoDBDialect @@ -52,9 +51,9 @@ spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.Ph spring.jpa.hibernate.id.new_generator_mappings=false hibernate.id.new_generator_mappings=false -logging.level.org.hibernate.SQL=TRACE - -logging.level.org.hibernate=TRACE +logging.level.org.hibernate.SQL=WARN +logging.level.org.hibernate=WARN +#------------------------------------------------------------------------------- # cmso.aaf.enabled=false @@ -95,10 +94,10 @@ so.polling.interval.ms=10000 ## loopback settings so.url=http://localhost:8080/cmso/v1/loopbacktest/onap/so/infra/orchestrationRequests/v7 -so.user=cmso@onap.org -so.pass=enc:bfodXf8qRfCqMvlxVBYNWQ== +so.user=oof@oof.onap.org +so.pass=changeit -mechid.user=cmso@onap.org -mechid.pass=enc:bfodXf8qRfCqMvlxVBYNWQ== +mechid.user=oof@oof.onap.org +mechid.pass=changeit cmso.dispatch.url=http://localhost:8089 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties index b222d7bf59..498a1e5870 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/resources/config/optimizer.properties @@ -1,6 +1,6 @@ #------------------------------------------------------------------------------- -# Copyright © 2017-2018 AT&T Intellectual Property. -# Modifications Copyright © 2018 IBM. +# Copyright (c) 2017-2018 AT&T Intellectual Property. +# Modifications Copyright ? 2018 IBM. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,7 +16,7 @@ # # # Unless otherwise specified, all documentation contained herein is licensed -# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?); +# under the Creative Commons License, Attribution 4.0 Intl. (the ???License???); # you may not use this documentation except in compliance with the License. # You may obtain a copy of the License at # @@ -29,6 +29,6 @@ # limitations under the License. #------------------------------------------------------------------------------- -cmso.optimizer.url=http://localhost:8080/cmso/v1/loopbacktest/optimizer -cmso.optimizer.callbackurl=http://localhost:8080/cmso/v1/optimizerCallback - +cmso.optimizer.request.url=$http://${OPTIMIZER_HOST}:${OPTIMIZER_PORT}/optimizer/v1/optimize/schedule +cmso.optimizer.status.url=http://${OPTIMIZER_HOST}:${OPTIMIZER_PORT}/optimizer/v1/optimize/schedule +cmso.optimizer.health.url=http://${OPTIMIZER_HOST}:${OPTIMIZER_PORT}/optimizer/v1/health?checkInterfaces=true \ No newline at end of file diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml index dd080be98e..350708f078 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 AT&T +# Copyright (c) 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -86,6 +86,10 @@ spec: secretKeyRef: name: {{ .Release.Name}}-cmso-db key: user-password + - name: OPTIMIZER_HOST + value: {{ .Values.config.optimizer_host }}.{{.Release.Namespace}} + - name: OPTIMIZER_PORT + value: {{ .Values.config.optimizer_port | quote}} ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -128,6 +132,8 @@ spec: path: logback.xml - key: cmso.properties path: cmso.properties + - key: cadi.properties + path: cadi.properties - key: optimizer.properties path: optimizer.properties - key: ticketmgt.properties diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml index 98c6b4a050..6df3049b1b 100644 --- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 AT&T +# Copyright © 2018-2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,12 +25,12 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/optf-cmso-service:1.0.1 +image: onap/optf-cmso-service:latest pullPolicy: Always #init container image dbinit: - image: onap/optf-cmso-dbinit:1.0.1 + image: onap/optf-cmso-dbinit:latest # flag to enable debugging - application support required debugEnabled: false @@ -75,6 +75,8 @@ config: mysqlDatabase: cmso db_host: oof-cmso-dbhost db_port: 3306 + optimizer_host: oof-cmso-optimizer + optimizer_port: 7997 mariadb: nameOverride: cmso-db diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/Chart.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/Chart.yaml new file mode 100644 index 0000000000..e99b3bea31 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Chart for Change Management Service Orchestrator (CMSO) Ticket Management +name: oof-cmso-ticketmgt +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/cadi.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/cadi.properties new file mode 100644 index 0000000000..9a6b91c602 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/cadi.properties @@ -0,0 +1,21 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START============================================== +# Copyright (c) 2019 AT&T Intellectual Property. +# ======================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain a +# copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# or implied. See the License for the specific language governing +# permissions and limitations under the License. +# ============LICENSE_END================================================= +# +#------------------------------------------------------------------------------- +cadi_loglevel=DEBUG +cadi_prop_files=src/main/resources/aaf/org.onap.oof.props + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/logback.xml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/logback.xml new file mode 100644 index 0000000000..e4386fd249 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/logback.xml @@ -0,0 +1,253 @@ + + + + + + + + + + + + + + + + + + + + INFO + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + + + + INFO + + ${logDirectory}/error2.log + true + + ${defaultPattern} + + + ${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + 10MB + + + + + ${logDirectory}/debug.log + true + + ${debugPattern} + + + ${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + + + + ${logDirectory}/audit.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/audit.%i.log.zip + + + + 10MB + + + + 256 + + + + + ${logDirectory}/metric.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| + %msg%n + + + 10 + ${logDirectory}/metric.%i.log.zip + + + + 10MB + + + + 256 + + + + + + ${logDirectory}/security.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/security.%i.log.zip + + + + 10MB + + + + 256 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties new file mode 100644 index 0000000000..5ca252f9bc --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/resources/config/ticketmgt.properties @@ -0,0 +1,30 @@ +#------------------------------------------------------------------------------- +# Copyright © 2017-2019 AT&T Intellectual Property. +# Modifications Copyright © 2018 IBM. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +#------------------------------------------------------------------------------- diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/NOTES.txt b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/NOTES.txt new file mode 100644 index 0000000000..1103affff1 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/NOTES.txt @@ -0,0 +1,32 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/configmap.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/configmap.yaml new file mode 100644 index 0000000000..c4397359dc --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/configmap.yaml @@ -0,0 +1,26 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml new file mode 100644 index 0000000000..e01034e8d2 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml @@ -0,0 +1,84 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/debug-logs + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }} + items: + - key: logback.xml + path: logback.xml + - key: ticketmgt.properties + path: ticketmgt.properties + - key: cadi.properties + path: cadi.properties + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/vvp/templates/service.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/service.yaml similarity index 72% rename from kubernetes/vvp/templates/service.yaml rename to kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/service.yaml index 4f5287c608..1624a08b27 100644 --- a/kubernetes/vvp/templates/service.yaml +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/service.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,16 +19,21 @@ metadata: namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} - targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} {{- end}} - name: {{ .Values.service.portName | default "http" }} selector: app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml new file mode 100644 index 0000000000..f19b8e2b1b --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml @@ -0,0 +1,101 @@ +# Copyright (c) 2019 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: # global defaults + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + +subChartsOnly: + enabled: true + +# application image +repository: nexus3.onap.org:10001 +image: onap/optf-cmso-ticketmgt:latest +pullPolicy: Always + + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + + +service: + type: ClusterIP + name: oof-cmso-ticketmgt + portName: cmso-ticketmgt + internalPort: 7999 + externalPort: 7999 + #nodePort: 23 + # as of 20181022 port 23 is reserved for cmso + # see https://wiki.onap.org/display/DW/OOM+NodePort+List + + +config: + + +ingress: + enabled: false + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + small: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + large: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/Chart.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/Chart.yaml new file mode 100644 index 0000000000..258d9ee317 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Chart for Change Management Service Orchestrator (CMSO) Service +name: oof-cmso-topology +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/cadi.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/cadi.properties new file mode 100644 index 0000000000..9a6b91c602 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/cadi.properties @@ -0,0 +1,21 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START============================================== +# Copyright (c) 2019 AT&T Intellectual Property. +# ======================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain a +# copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# or implied. See the License for the specific language governing +# permissions and limitations under the License. +# ============LICENSE_END================================================= +# +#------------------------------------------------------------------------------- +cadi_loglevel=DEBUG +cadi_prop_files=src/main/resources/aaf/org.onap.oof.props + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/logback.xml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/logback.xml new file mode 100644 index 0000000000..e4386fd249 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/logback.xml @@ -0,0 +1,253 @@ + + + + + + + + + + + + + + + + + + + + INFO + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + + + + INFO + + ${logDirectory}/error2.log + true + + ${defaultPattern} + + + ${outputDirectory}/cmso/error.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + 10MB + + + + + ${logDirectory}/debug.log + true + + ${debugPattern} + + + ${outputDirectory}/cmso/debug.%d{yyyy-MM-dd}.%i.log.zip + 50MB + 30 + 10GB + + + + + + ${logDirectory}/audit.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/audit.%i.log.zip + + + + 10MB + + + + 256 + + + + + ${logDirectory}/metric.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| + %msg%n + + + 10 + ${logDirectory}/metric.%i.log.zip + + + + 10MB + + + + 256 + + + + + + ${logDirectory}/security.log + true + + %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n + + + + 10 + ${logDirectory}/security.%i.log.zip + + + + 10MB + + + + 256 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Audit-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.log + + ${logDirectory}/Perform-${lrmRVer}-${lrmRO}-${Pid}.%i.log.zip + + 1 + 9 + + + 5MB + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties new file mode 100644 index 0000000000..5ca252f9bc --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/resources/config/topology.properties @@ -0,0 +1,30 @@ +#------------------------------------------------------------------------------- +# Copyright © 2017-2019 AT&T Intellectual Property. +# Modifications Copyright © 2018 IBM. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +#------------------------------------------------------------------------------- diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/NOTES.txt b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/NOTES.txt new file mode 100644 index 0000000000..1103affff1 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/NOTES.txt @@ -0,0 +1,32 @@ +# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/configmap.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/configmap.yaml new file mode 100644 index 0000000000..c4397359dc --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/configmap.yaml @@ -0,0 +1,26 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml new file mode 100644 index 0000000000..02f398301f --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml @@ -0,0 +1,84 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/logs + - name: {{ include "common.fullname" . }}-logs + mountPath: /share/debug-logs + - name: {{ include "common.fullname" . }}-config + mountPath: /share/etc/config + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-config + configMap: + name: {{ include "common.fullname" . }} + items: + - key: logback.xml + path: logback.xml + - key: cadi.properties + path: cadi.properties + - key: topology.properties + path: topology.properties + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/service.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/service.yaml new file mode 100644 index 0000000000..1624a08b27 --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml new file mode 100644 index 0000000000..0d50827dcb --- /dev/null +++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml @@ -0,0 +1,100 @@ +# Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: # global defaults + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + +subChartsOnly: + enabled: true + +# application image +repository: nexus3.onap.org:10001 +image: onap/optf-cmso-topology:latest +pullPolicy: Always + + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + + +service: + type: ClusterIP + name: oof-cmso-topology + portName: cmso-topology + internalPort: 7998 + externalPort: 7998 + #nodePort: 23 + # as of 20181022 port 23 is reserved for cmso + # see https://wiki.onap.org/display/DW/OOM+NodePort+List + + +config: + +ingress: + enabled: false + +#resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +resources: + small: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + large: + limits: + cpu: 1 + memory: 1.2Gi + requests: + cpu: 10m + memory: 800Mi + unlimited: {} diff --git a/kubernetes/oof/charts/oof-cmso/requirements.yaml b/kubernetes/oof/charts/oof-cmso/requirements.yaml index 2a3bb70ff1..a1b9f7ab3e 100644 --- a/kubernetes/oof/charts/oof-cmso/requirements.yaml +++ b/kubernetes/oof/charts/oof-cmso/requirements.yaml @@ -14,11 +14,11 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: mariadb-galera - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/oof/charts/oof-has/Chart.yaml b/kubernetes/oof/charts/oof-has/Chart.yaml index 89b14a2a5f..4000b12075 100755 --- a/kubernetes/oof/charts/oof-has/Chart.yaml +++ b/kubernetes/oof/charts/oof-has/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Homing and Allocation Service name: oof-has -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-api/Chart.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-api/Chart.yaml index 0ba7fbd1aa..ad7698034b 100755 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-api/Chart.yaml +++ b/kubernetes/oof/charts/oof-has/charts/oof-has-api/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Homing and Allocation Servicei - API name: oof-has-api -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-controller/Chart.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-controller/Chart.yaml index 13126b461d..64f13ed172 100755 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-controller/Chart.yaml +++ b/kubernetes/oof/charts/oof-has/charts/oof-has-controller/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Homing and Allocation Sservice - Controller name: oof-has-controller -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-data/Chart.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-data/Chart.yaml index 018f3a0a02..21e82c7dba 100755 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-data/Chart.yaml +++ b/kubernetes/oof/charts/oof-has/charts/oof-has-data/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Homing and Allocation Service - Data Component name: oof-has-data -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-reservation/Chart.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-reservation/Chart.yaml index 3ec9a3d597..e6594a4110 100755 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-reservation/Chart.yaml +++ b/kubernetes/oof/charts/oof-has/charts/oof-has-reservation/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Homing and Allocation Sevice - Reservation Component name: oof-has-reservation -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-solver/Chart.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-solver/Chart.yaml index 8c96f7f46a..f4a594bbf4 100755 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-solver/Chart.yaml +++ b/kubernetes/oof/charts/oof-has/charts/oof-has-solver/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Homing and Allocation Service - Solver Component name: oof-has-solver -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/oof/charts/oof-has/requirements.yaml b/kubernetes/oof/charts/oof-has/requirements.yaml index cda496bd87..ca6d2b1595 100755 --- a/kubernetes/oof/charts/oof-has/requirements.yaml +++ b/kubernetes/oof/charts/oof-has/requirements.yaml @@ -15,8 +15,8 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' - name: music - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/oof/requirements.yaml b/kubernetes/oof/requirements.yaml index 14f1f9a82d..f8b0466960 100755 --- a/kubernetes/oof/requirements.yaml +++ b/kubernetes/oof/requirements.yaml @@ -15,5 +15,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/pnda/Chart.yaml b/kubernetes/pnda/Chart.yaml index e23c5d6df2..5a661813ba 100644 --- a/kubernetes/pnda/Chart.yaml +++ b/kubernetes/pnda/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP DCAE PNDA name: pnda -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/pnda/charts/dcae-pnda-bootstrap/Chart.yaml b/kubernetes/pnda/charts/dcae-pnda-bootstrap/Chart.yaml index e252d404ae..0286bd74dd 100644 --- a/kubernetes/pnda/charts/dcae-pnda-bootstrap/Chart.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-bootstrap/Chart.yaml @@ -17,4 +17,4 @@ apiVersion: v1 description: ONAP DCAE PNDA Bootstrap name: dcae-pnda-bootstrap -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/pnda/charts/dcae-pnda-bootstrap/requirements.yaml b/kubernetes/pnda/charts/dcae-pnda-bootstrap/requirements.yaml index f06f73574a..d195f831da 100644 --- a/kubernetes/pnda/charts/dcae-pnda-bootstrap/requirements.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-bootstrap/requirements.yaml @@ -16,5 +16,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml b/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml index e22b8d26e7..d01c1548c2 100644 --- a/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-bootstrap/values.yaml @@ -38,7 +38,6 @@ pnda: osUser: centos nameserver: 8.8.8.8 ntp: pool.ntp.org - mirrorNodePort: 88 apps: fsType: local networkCidr: 10.0.0.0/16 diff --git a/kubernetes/pnda/charts/dcae-pnda-mirror/Chart.yaml b/kubernetes/pnda/charts/dcae-pnda-mirror/Chart.yaml index feb310420c..94754f7923 100644 --- a/kubernetes/pnda/charts/dcae-pnda-mirror/Chart.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-mirror/Chart.yaml @@ -17,4 +17,4 @@ apiVersion: v1 description: ONAP DCAE PNDA Mirror name: dcae-pnda-mirror -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/pnda/charts/dcae-pnda-mirror/requirements.yaml b/kubernetes/pnda/charts/dcae-pnda-mirror/requirements.yaml index f06f73574a..d195f831da 100644 --- a/kubernetes/pnda/charts/dcae-pnda-mirror/requirements.yaml +++ b/kubernetes/pnda/charts/dcae-pnda-mirror/requirements.yaml @@ -16,5 +16,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/pnda/requirements.yaml b/kubernetes/pnda/requirements.yaml index f06f73574a..d195f831da 100644 --- a/kubernetes/pnda/requirements.yaml +++ b/kubernetes/pnda/requirements.yaml @@ -16,5 +16,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/policy/Chart.yaml b/kubernetes/policy/Chart.yaml index a987866644..e56e4fabac 100644 --- a/kubernetes/policy/Chart.yaml +++ b/kubernetes/policy/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Policy Administration Point name: policy -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/policy/charts/brmsgw/Chart.yaml b/kubernetes/policy/charts/brmsgw/Chart.yaml index 22bd5c1981..01bff49818 100644 --- a/kubernetes/policy/charts/brmsgw/Chart.yaml +++ b/kubernetes/policy/charts/brmsgw/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Policy BRMS GW name: brmsgw -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/policy/charts/brmsgw/requirements.yaml b/kubernetes/policy/charts/brmsgw/requirements.yaml index e57547871c..68a7d9ec14 100644 --- a/kubernetes/policy/charts/brmsgw/requirements.yaml +++ b/kubernetes/policy/charts/brmsgw/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/policy/charts/brmsgw/values.yaml b/kubernetes/policy/charts/brmsgw/values.yaml index d7c9535cf2..0001d9a841 100644 --- a/kubernetes/policy/charts/brmsgw/values.yaml +++ b/kubernetes/policy/charts/brmsgw/values.yaml @@ -26,7 +26,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pe:1.3.4 +image: onap/policy-pe:1.4-SNAPSHOT-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/drools/Chart.yaml b/kubernetes/policy/charts/drools/Chart.yaml index c676641241..31c8b6d3c1 100644 --- a/kubernetes/policy/charts/drools/Chart.yaml +++ b/kubernetes/policy/charts/drools/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Drools Policy Engine name: drools -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml b/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml index 51713f0bcd..1125e49a9d 100644 --- a/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml +++ b/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Policy Nexus name: nexus -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml b/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml index e57547871c..68a7d9ec14 100644 --- a/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml +++ b/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/policy/charts/drools/requirements.yaml b/kubernetes/policy/charts/drools/requirements.yaml index e57547871c..68a7d9ec14 100644 --- a/kubernetes/policy/charts/drools/requirements.yaml +++ b/kubernetes/policy/charts/drools/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/policy/charts/drools/resources/config/drools/settings.xml b/kubernetes/policy/charts/drools/resources/config/drools/settings.xml deleted file mode 100755 index 2057e94f24..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/drools/settings.xml +++ /dev/null @@ -1,95 +0,0 @@ - - - - - - - - - policy-profile - - true - - - - - policy-nexus-snapshots - http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/snapshots/ - - false - always - - - true - always - - - - - policy-nexus-releases - http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/releases/ - - true - always - - - false - always - - - - - - - - - policy-profile - - - - - policy-nexus-snapshots - admin - admin123 - - - policy-nexus-releases - admin - admin123 - - - - diff --git a/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml b/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml deleted file mode 100644 index 4b058f1e4b..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml +++ /dev/null @@ -1,103 +0,0 @@ - - - - - - - - - - - - - - - - ${logDir}/${errorLog}.log - - ${logDir}/${errorLog}.%i.log.zip - 1 - 5 - - - WARN - - - 15MB - - - ${errorPattern} - - - - - - - - - ${logDir}/${debugLog}.log - - ${logDir}/${debugLog}.%i.log.zip - 1 - 9 - - - 20MB - - - ${debugPattern} - - - - - - - - - ${logDir}/${networkLog}.log - - ${logDir}/${networkLog}.%i.log.zip - 1 - 9 - - - 15MB - - - ${networkPattern} - - - - - - - - - - - - - - - - - - - - - diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/apps-install.sh b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/apps-install.sh deleted file mode 100644 index 9fa52123e9..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/apps-install.sh +++ /dev/null @@ -1,125 +0,0 @@ -#!/bin/bash -# -# ============LICENSE_START======================================================= -# ONAP -# ================================================================================ -# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# - -# ################################# -# Usage -# ################################# - -function usage { - echo - echo "Usage: $(basename $0) " - echo "Example: $(basename $0) controlloop 1.2.0 /opt/policy/config/drools" - echo -} - -# ################################# -# snapshot url computation -# ################################# - -function url_snapshot { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} --" - set -x - fi - - APP_URL="${APP_URL}/snapshots/org/onap/policy/drools-applications/${APP_NAME}/packages/apps-${APP_NAME}/${APP_VERSION}" - - local APP_METADATA_URL="${APP_URL}/maven-metadata.xml" - local APP_SNAPSHOT_VERSION=$(curl --silent "${APP_METADATA_URL}" | grep -Po "(?<=).*(?=)" | sort -V | tail -1) - - if [[ -z ${APP_SNAPSHOT_VERSION} ]]; then - echo "ERROR: cannot compute SNAPSHOT version" - usage - exit 1 - fi - - APP_URL="${APP_URL}/apps-${APP_NAME}-${APP_SNAPSHOT_VERSION}.zip" -} - -# ################################# -# release url computation -# ################################# - -function url_release { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} --" - set -x - fi - - APP_URL="${APP_URL}/releases/org/onap/policy/drools-applications/${APP_NAME}/packages/apps-${APP_NAME}/${APP_VERSION}/apps-${APP_NAME}-${APP_VERSION}.zip" -} - -# ################################# -# Main -# ################################# - -if [[ $DEBUG == y ]]; then - set -x -fi - -APP_NAME=$1 -if [[ -z ${APP_NAME} ]]; then - echo "ERROR: no APPLICATION NAME provided (ie. controlloop)" - usage - exit 1 -fi - -APP_VERSION=$2 -if [[ -z ${APP_VERSION} ]]; then - echo "ERROR: no APPLICATION VERSION provided" - usage - exit 1 -fi - -DOWNLOAD_DIR=$3 -if [[ -z ${DOWNLOAD_DIR} ]]; then - echo "ERROR: no DOWNLOAD DIRECTORY provided" - usage - exit 1 -fi - -if [[ ! -d ${DOWNLOAD_DIR} ]]; then - echo "ERROR: ${DOWNLOAD_DIR} is not a directory" - usage - exit 1 -fi - -APP_GROUP_ID="org.onap.policy.drools-applications.${APP_NAME}.packages" -APP_ARTIFACT_ID="apps-${APP_NAME}" -APP_BASE_URL="https://nexus.onap.org/content/repositories" - -APP_URL="${APP_BASE_URL}" - -if [[ ${APP_VERSION} =~ \-SNAPSHOT$ ]]; then - url_snapshot -else - url_release -fi - -wget "${APP_URL}" -O "${DOWNLOAD_DIR}"/apps-"${APP_NAME}".zip -if [[ $? != 0 ]]; then - echo "ERROR: cannot download ${DOWNLOAD_DIR}/apps-${APP_NAME}.zip" - exit 1 -fi - -echo "APP ${APP_NAME} stored at ${DOWNLOAD_DIR}/apps-${APP_NAME}.zip" -ls -l "${DOWNLOAD_DIR}"/apps-"${APP_NAME}".zip diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf index cff0deec5a..841aa3a6a7 100644 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf @@ -12,11 +12,15 @@ # See the License for the specific language governing permissions and # limitations under the License. +# JVM options + +JVM_OPTIONS=-server -Xms1024m -Xmx2048m + # SYSTEM software configuration POLICY_HOME=/opt/app/policy POLICY_LOGS=/var/log/onap/policy/pdpd -JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64 +JAVA_HOME=/usr/lib/jvm/java-1.8-openjdk KEYSTORE_PASSWD=Pol1cy_0nap TRUSTSTORE_PASSWD=Pol1cy_0nap @@ -58,6 +62,12 @@ PDPD_CONFIGURATION_CONSUMER_GROUP= PDPD_CONFIGURATION_CONSUMER_INSTANCE= PDPD_CONFIGURATION_PARTITION_KEY= +# PAP-PDP configuration channel + +POLICY_PDP_PAP_TOPIC=POLICY-PDP-PAP +POLICY_PDP_PAP_API_KEY= +POLICY_PDP_PAP_API_SECRET= + # PAP PAP_HOST={{.Values.global.pap.nameOverride}} diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-preinstall.sh b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-preinstall.sh deleted file mode 100644 index a8de4fc2c1..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-preinstall.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# -# ============LICENSE_START======================================================= -# ONAP -# ================================================================================ -# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# - -# ################################# -# Usage -# ################################# - -function usage { - echo - echo "Usage: $(basename $0)" - echo -} - -if [[ ${DEBUG} == y ]]; then - set -x -fi - -if [[ -z ${BUILD_VERSION} ]]; then - echo "no BUILD_VERSION available as environment variable"" - usage - exit 1 -fi - -if [[ -z ${POLICY_INSTALL} ]]; then - echo "no POLICY_INSTALL available as environment variable"" - usage - exit 2 -fi - -CONFIG_DIR=$(dirname "$0") -echo "invoking ${CONFIG_DIR}/apps-install.sh for controlloop ${BUILD_VERSION} at ${POLICY_INSTALL}" -export DEBUG=y -bash ${CONFIG_DIR}/apps-install.sh controlloop ${BUILD_VERSION} ${POLICY_INSTALL} -unzip -o ${POLICY_INSTALL}/app*.zip -d ${POLICY_INSTALL} diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh deleted file mode 100644 index 5f504e2c65..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh +++ /dev/null @@ -1,71 +0,0 @@ -#! /bin/bash -xv - -# Copyright © 2017-2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -"${POLICY_HOME}"/bin/features enable healthcheck -"${POLICY_HOME}"/bin/features enable distributed-locking - -"${POLICY_HOME}"/bin/db-migrator -s pooling -o upgrade - -# make sure the PDPD-CONFIGURATION anonymous topic is created -# so not to lose any configuration updates - -echo -echo "testing publish to PDPD-CONFIGURATION topic" -echo - -curl --silent --connect-timeout 15 -X POST --header "Content-Type: application/json" -d "{}" http://message-router:3904/events/PDPD-CONFIGURATION - -echo -echo "testing subscribe to PDPD-CONFIGURATION topic " -echo - -curl --silent --connect-timeout 15 -X GET http://message-router:3904/events/PDPD-CONFIGURATION/1/1?timeout=5000 - -# for resiliency/scalability scenarios, check to see -# if there's an amsterdam artifact already deployed -# by brmsgw. If so, update the amsterdam controller -# coordinates. In the future, a more sophisticated -# solution will be put in place, that will required -# coordination among policy components. - -echo -echo "checking if there are amsterdam policies already deployed .." -echo - -AMSTERDAM_VERSION=$(curl --silent --connect-timeout 20 -X GET "http://nexus:8081/nexus/service/local/artifact/maven/resolve?r=releases&g=org.onap.policy-engine.drools.amsterdam&a=policy-amsterdam-rules&v=RELEASE" | grep -Po "(?<=).*(?=)") - -if [[ -z ${AMSTERDAM_VERSION} ]]; then - echo "no amsterdam policies have been found .." - exit 0 -fi - -echo -echo "The latest deployed amsterdam artifact in nexus has version ${AMSTERDAM_VERSION}" -echo - -sed -i.INSTALL -e "s/^rules.artifactId=.*/rules.artifactId=policy-amsterdam-rules/g" \ - -e "s/^rules.groupId=.*/rules.groupId=org.onap.policy-engine.drools.amsterdam/g" \ - -e "s/^rules.version=.*/rules.version=${AMSTERDAM_VERSION}/g" "${POLICY_HOME}"/config/amsterdam-controller.properties - -echo -echo "amsterdam controller will be started brained with maven coordinates:" -echo - -grep "^rules" "${POLICY_HOME}"/config/amsterdam-controller.properties - -echo -echo diff --git a/kubernetes/policy/charts/drools/templates/configmap.yaml b/kubernetes/policy/charts/drools/templates/configmap.yaml index 16053d39e7..1f9503130c 100644 --- a/kubernetes/policy/charts/drools/templates/configmap.yaml +++ b/kubernetes/policy/charts/drools/templates/configmap.yaml @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2018-2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,14 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-settings-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/drools/settings.xml").AsConfig . | indent 2 }} ---- apiVersion: v1 kind: ConfigMap metadata: @@ -28,12 +20,3 @@ metadata: namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/config/opt/policy/config/drools/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-log-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/log/drools/logback.xml").AsConfig . | indent 2 }} - diff --git a/kubernetes/policy/charts/drools/templates/statefulset.yaml b/kubernetes/policy/charts/drools/templates/statefulset.yaml index 4a7f8e2b1d..beacbabd06 100644 --- a/kubernetes/policy/charts/drools/templates/statefulset.yaml +++ b/kubernetes/policy/charts/drools/templates/statefulset.yaml @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2018-2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -59,10 +59,6 @@ spec: ports: - containerPort: {{ .Values.service.externalPort }} - containerPort: {{ .Values.service.externalPort2 }} - command: - - /bin/bash - - -c - - ./do-start.sh {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -91,30 +87,8 @@ spec: - mountPath: /tmp/policy-install/config/base.conf name: drools-config subPath: base.conf - - mountPath: /tmp/policy-install/config/policy-management.conf - name: drools-config - subPath: policy-management.conf - - mountPath: /tmp/policy-install/config/drools-tweaks.sh - name: drools-config - subPath: drools-tweaks.sh - - mountPath: /tmp/policy-install/config/apps-install.sh - name: drools-config - subPath: apps-install.sh - - mountPath: /tmp/policy-install/config/drools-preinstall.sh - name: drools-config - subPath: drools-preinstall.sh - - mountPath: /usr/share/maven/conf/settings.xml - name: drools-settingsxml - subPath: settings.xml - mountPath: /var/log/onap name: policy-logs - - mountPath: /tmp/logback.xml - name: policy-logback - subPath: logback.xml - lifecycle: - postStart: - exec: - command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/config/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -147,12 +121,6 @@ spec: emptyDir: {} - name: policy-data-filebeat emptyDir: {} - - name: policy-logback - configMap: - name: {{ include "common.fullname" . }}-log-configmap - - name: drools-settingsxml - configMap: - name: {{ include "common.fullname" . }}-settings-configmap - name: drools-config configMap: name: {{ include "common.fullname" . }}-configmap @@ -163,18 +131,6 @@ spec: - key: feature-pooling-dmaap.conf path: feature-pooling-dmaap.conf mode: 0755 - - key: policy-management.conf - path: policy-management.conf - mode: 0755 - - key: drools-tweaks.sh - path: drools-tweaks.sh - mode: 0755 - - key: apps-install.sh - path: apps-install.sh - mode: 0755 - - key: drools-preinstall.sh - path: drools-preinstall.sh - mode: 0755 - name: drools-secret secret: secretName: {{ include "common.fullname" . }}-secret diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml index 2451ceac1a..fdb73e1485 100644 --- a/kubernetes/policy/charts/drools/values.yaml +++ b/kubernetes/policy/charts/drools/values.yaml @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2018-2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-drools:1.3.4 +image: onap/policy-pdpd-cl:1.4-SNAPSHOT-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/mariadb/Chart.yaml b/kubernetes/policy/charts/mariadb/Chart.yaml index e8e6bb1d1a..a6493b4a7f 100644 --- a/kubernetes/policy/charts/mariadb/Chart.yaml +++ b/kubernetes/policy/charts/mariadb/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Policy MariaDB Service name: mariadb -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/policy/charts/mariadb/requirements.yaml b/kubernetes/policy/charts/mariadb/requirements.yaml index e57547871c..68a7d9ec14 100644 --- a/kubernetes/policy/charts/mariadb/requirements.yaml +++ b/kubernetes/policy/charts/mariadb/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/policy/charts/pdp/Chart.yaml b/kubernetes/policy/charts/pdp/Chart.yaml index 7963667ba7..5c228c67c3 100644 --- a/kubernetes/policy/charts/pdp/Chart.yaml +++ b/kubernetes/policy/charts/pdp/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Policy PDP name: pdp -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/policy/charts/pdp/requirements.yaml b/kubernetes/policy/charts/pdp/requirements.yaml index e57547871c..68a7d9ec14 100644 --- a/kubernetes/policy/charts/pdp/requirements.yaml +++ b/kubernetes/policy/charts/pdp/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/policy/charts/pdp/values.yaml b/kubernetes/policy/charts/pdp/values.yaml index 1b2d494546..6794681452 100644 --- a/kubernetes/policy/charts/pdp/values.yaml +++ b/kubernetes/policy/charts/pdp/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pe:1.3.4 +image: onap/policy-pe:1.4-SNAPSHOT-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/policy-apex-pdp/Chart.yaml b/kubernetes/policy/charts/policy-apex-pdp/Chart.yaml index 95cfc9f3c6..592180fa18 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/Chart.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: ONAP Policy APEX PDP name: policy-apex-pdp -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/policy/charts/policy-apex-pdp/requirements.yaml b/kubernetes/policy/charts/policy-apex-pdp/requirements.yaml index 9f02100f08..e4bbf69f3c 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/requirements.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/requirements.yaml @@ -18,5 +18,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/policy/charts/policy-apex-pdp/values.yaml b/kubernetes/policy/charts/policy-apex-pdp/values.yaml index b84b769660..95b2d2c28d 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-apex-pdp:2.0.3 +image: onap/policy-apex-pdp:2.1-SNAPSHOT-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/policy-api/Chart.yaml b/kubernetes/policy/charts/policy-api/Chart.yaml new file mode 100644 index 0000000000..a50c8d9a58 --- /dev/null +++ b/kubernetes/policy/charts/policy-api/Chart.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +description: ONAP Policy Design API +name: policy-api +version: 4.0.0 diff --git a/kubernetes/policy/charts/policy-api/requirements.yaml b/kubernetes/policy/charts/policy-api/requirements.yaml new file mode 100644 index 0000000000..768bdb372d --- /dev/null +++ b/kubernetes/policy/charts/policy-api/requirements.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +dependencies: + - name: common + version: ~4.x-0 + repository: '@local' diff --git a/kubernetes/policy/charts/policy-api/resources/config/config.json b/kubernetes/policy/charts/policy-api/resources/config/config.json new file mode 100644 index 0000000000..9fef1998d1 --- /dev/null +++ b/kubernetes/policy/charts/policy-api/resources/config/config.json @@ -0,0 +1,26 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +{ + "name":"ApiGroup", + "restServerParameters":{ + "host":"0.0.0.0", + "port":6969, + "userName":"healthcheck", + "password":"zb!XztG34" + } +} diff --git a/kubernetes/policy/charts/policy-api/templates/configmap.yaml b/kubernetes/policy/charts/policy-api/templates/configmap.yaml new file mode 100644 index 0000000000..d90b0c93dc --- /dev/null +++ b/kubernetes/policy/charts/policy-api/templates/configmap.yaml @@ -0,0 +1,25 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-api/templates/deployment.yaml b/kubernetes/policy/charts/policy-api/templates/deployment.yaml new file mode 100644 index 0000000000..2d16b5e857 --- /dev/null +++ b/kubernetes/policy/charts/policy-api/templates/deployment.yaml @@ -0,0 +1,66 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/opt/app/policy/api/bin/policy-api.sh"] + args: ["/opt/app/policy/api/etc/mounted/config.json"] + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/policy/api/etc/mounted + name: apiconfig + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: apiconfig + configMap: + name: {{ include "common.fullname" . }}-configmap + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/policy-api/templates/service.yaml b/kubernetes/policy/charts/policy-api/templates/service.yaml new file mode 100644 index 0000000000..81789f26ca --- /dev/null +++ b/kubernetes/policy/charts/policy-api/templates/service.yaml @@ -0,0 +1,43 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.internalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/policy/charts/policy-api/values.yaml b/kubernetes/policy/charts/policy-api/values.yaml new file mode 100644 index 0000000000..92960a2d56 --- /dev/null +++ b/kubernetes/policy/charts/policy-api/values.yaml @@ -0,0 +1,68 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 304 + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/policy-api:2.0.0-SNAPSHOT-latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 20 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 20 + periodSeconds: 10 + +service: + type: ClusterIP + name: policy-api + portName: policy-api + internalPort: 6969 + nodePort: 40 + +ingress: + enabled: false + +resources: {} diff --git a/kubernetes/policy/charts/policy-common/Chart.yaml b/kubernetes/policy/charts/policy-common/Chart.yaml index 62f31facfc..8c5553d4fb 100644 --- a/kubernetes/policy/charts/policy-common/Chart.yaml +++ b/kubernetes/policy/charts/policy-common/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Policy Common name: policy-common -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/policy/charts/policy-common/requirements.yaml b/kubernetes/policy/charts/policy-common/requirements.yaml index e57547871c..68a7d9ec14 100644 --- a/kubernetes/policy/charts/policy-common/requirements.yaml +++ b/kubernetes/policy/charts/policy-common/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf index 93dad89255..44e754b90b 100644 --- a/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf +++ b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64 +JAVA_HOME=/usr/lib/jvm/java-1.8-openjdk POLICY_HOME=/opt/app/policy POLICY_LOGS=/var/log/onap KEYSTORE_PASSWD=Pol1cy_0nap diff --git a/kubernetes/policy/charts/policy-distribution/Chart.yaml b/kubernetes/policy/charts/policy-distribution/Chart.yaml index f840d06bfe..40abc9188d 100644 --- a/kubernetes/policy/charts/policy-distribution/Chart.yaml +++ b/kubernetes/policy/charts/policy-distribution/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: ONAP Policy Distribution name: policy-distribution -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/policy/charts/policy-distribution/requirements.yaml b/kubernetes/policy/charts/policy-distribution/requirements.yaml index 9f02100f08..e4bbf69f3c 100644 --- a/kubernetes/policy/charts/policy-distribution/requirements.yaml +++ b/kubernetes/policy/charts/policy-distribution/requirements.yaml @@ -18,5 +18,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/policy/charts/policy-distribution/values.yaml b/kubernetes/policy/charts/policy-distribution/values.yaml index 240c266cb4..65f02cba46 100644 --- a/kubernetes/policy/charts/policy-distribution/values.yaml +++ b/kubernetes/policy/charts/policy-distribution/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-distribution:2.0.3 +image: onap/policy-distribution:2.1.0-SNAPSHOT-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/charts/policy-pap/Chart.yaml b/kubernetes/policy/charts/policy-pap/Chart.yaml new file mode 100644 index 0000000000..dccf45d77e --- /dev/null +++ b/kubernetes/policy/charts/policy-pap/Chart.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +description: ONAP Policy Administration (PAP) +name: policy-pap +version: 4.0.0 diff --git a/kubernetes/policy/charts/policy-pap/requirements.yaml b/kubernetes/policy/charts/policy-pap/requirements.yaml new file mode 100644 index 0000000000..849db8393f --- /dev/null +++ b/kubernetes/policy/charts/policy-pap/requirements.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +dependencies: + - name: common + version: ~4.x-0 + repository: '@local' diff --git a/kubernetes/policy/charts/policy-pap/resources/config/config.json b/kubernetes/policy/charts/policy-pap/resources/config/config.json new file mode 100644 index 0000000000..81451037de --- /dev/null +++ b/kubernetes/policy/charts/policy-pap/resources/config/config.json @@ -0,0 +1,26 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +{ + "name":"PapGroup", + "restServerParameters":{ + "host":"0.0.0.0", + "port":6969, + "userName":"healthcheck", + "password":"zb!XztG34" + } +} diff --git a/kubernetes/policy/charts/policy-pap/templates/NOTES.txt b/kubernetes/policy/charts/policy-pap/templates/NOTES.txt new file mode 100644 index 0000000000..170b03e6db --- /dev/null +++ b/kubernetes/policy/charts/policy-pap/templates/NOTES.txt @@ -0,0 +1,37 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/policy/charts/policy-pap/templates/configmap.yaml b/kubernetes/policy/charts/policy-pap/templates/configmap.yaml new file mode 100644 index 0000000000..56180768a1 --- /dev/null +++ b/kubernetes/policy/charts/policy-pap/templates/configmap.yaml @@ -0,0 +1,26 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }} + diff --git a/kubernetes/policy/charts/policy-pap/templates/deployment.yaml b/kubernetes/policy/charts/policy-pap/templates/deployment.yaml new file mode 100644 index 0000000000..5bec94b102 --- /dev/null +++ b/kubernetes/policy/charts/policy-pap/templates/deployment.yaml @@ -0,0 +1,66 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/opt/app/policy/pap/bin/policy-pap.sh"] + args: ["/opt/app/policy/pap/etc/mounted/config.json"] + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/policy/pap/etc/mounted + name: papconfig + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: papconfig + configMap: + name: {{ include "common.fullname" . }}-configmap + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/policy-pap/templates/service.yaml b/kubernetes/policy/charts/policy-pap/templates/service.yaml new file mode 100644 index 0000000000..f4a31149f9 --- /dev/null +++ b/kubernetes/policy/charts/policy-pap/templates/service.yaml @@ -0,0 +1,36 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + clusterIP: None diff --git a/kubernetes/policy/charts/policy-pap/values.yaml b/kubernetes/policy/charts/policy-pap/values.yaml new file mode 100644 index 0000000000..4736d1a739 --- /dev/null +++ b/kubernetes/policy/charts/policy-pap/values.yaml @@ -0,0 +1,66 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +global: + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/policy-pap:2.0.0-SNAPSHOT-latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 20 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 20 + periodSeconds: 10 + +service: + type: ClusterIP + name: policy-pap + portName: policy-pap + internalPort: 6969 + +ingress: + enabled: false + +resources: {} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/Chart.yaml b/kubernetes/policy/charts/policy-xacml-pdp/Chart.yaml new file mode 100644 index 0000000000..be4325e6b2 --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/Chart.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +description: ONAP Policy XACML PDP +name: policy-xacml-pdp +version: 4.0.0 diff --git a/kubernetes/policy/charts/policy-xacml-pdp/requirements.yaml b/kubernetes/policy/charts/policy-xacml-pdp/requirements.yaml new file mode 100644 index 0000000000..768bdb372d --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/requirements.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +dependencies: + - name: common + version: ~4.x-0 + repository: '@local' diff --git a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json new file mode 100644 index 0000000000..7fb864bb31 --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/config.json @@ -0,0 +1,26 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +{ + "name":"XacmlPdpGroup", + "restServerParameters":{ + "host":"0.0.0.0", + "port":6969, + "userName":"healthcheck", + "password":"zb!XztG34" + } +} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml new file mode 100644 index 0000000000..d90b0c93dc --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml @@ -0,0 +1,25 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml new file mode 100644 index 0000000000..20b2afbf50 --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml @@ -0,0 +1,66 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/opt/app/policy/pdpx/bin/policy-pdpx.sh"] + args: ["/opt/app/policy/pdpx/etc/mounted/config.json"] + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/policy/pdpx/etc/mounted + name: pdpxconfig + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: pdpxconfig + configMap: + name: {{ include "common.fullname" . }}-configmap + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/service.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/service.yaml new file mode 100644 index 0000000000..c02dbfd0af --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/service.yaml @@ -0,0 +1,37 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/values.yaml b/kubernetes/policy/charts/policy-xacml-pdp/values.yaml new file mode 100644 index 0000000000..fcfbab2471 --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/values.yaml @@ -0,0 +1,67 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +global: + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/policy-xacml-pdp:2.0.0-SNAPSHOT-latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 20 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 20 + periodSeconds: 10 + +service: + type: ClusterIP + name: policy-xacml-pdp + portName: policy-xacml-pdp + externalPort: 6969 + internalPort: 6969 + +ingress: + enabled: false + +resources: {} diff --git a/kubernetes/policy/requirements.yaml b/kubernetes/policy/requirements.yaml index e57547871c..68a7d9ec14 100644 --- a/kubernetes/policy/requirements.yaml +++ b/kubernetes/policy/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/policy/resources/config/pe/push-policies.sh b/kubernetes/policy/resources/config/pe/push-policies.sh index 9074b9a63a..a9a8687824 100644 --- a/kubernetes/policy/resources/config/pe/push-policies.sh +++ b/kubernetes/policy/resources/config/pe/push-policies.sh @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada, AT&T -# Modifications Copyright © 2018 AT&T. All rights reserved. +# Modifications Copyright © 2018-2019 AT&T. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,7 +23,7 @@ echo "Upload BRMS Param Template" sleep 2 -wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-applications/plain/controlloop/templates/archetype-cl-amsterdam/src/main/resources/archetype-resources/src/main/resources/__closedLoopControlName__.drl?h=casablanca +wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-applications/plain/controlloop/templates/archetype-cl-amsterdam/src/main/resources/archetype-resources/src/main/resources/__closedLoopControlName__.drl sleep 2 diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 521a229078..48a5dcae1b 100644 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -41,7 +41,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pe:1.3.4 +image: onap/policy-pe:1.4-SNAPSHOT-latest pullPolicy: Always subChartsOnly: @@ -117,4 +117,4 @@ resources: requests: cpu: 20m memory: 2Gi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/pomba/Chart.yaml b/kubernetes/pomba/Chart.yaml index 0124bc1943..b1899fd72d 100644 --- a/kubernetes/pomba/Chart.yaml +++ b/kubernetes/pomba/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Post Orchestration Model Based Audit name: pomba -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/pomba/charts/pomba-aaictxbuilder/Chart.yaml b/kubernetes/pomba/charts/pomba-aaictxbuilder/Chart.yaml index f64eb73ba4..7ec60c580c 100644 --- a/kubernetes/pomba/charts/pomba-aaictxbuilder/Chart.yaml +++ b/kubernetes/pomba/charts/pomba-aaictxbuilder/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP POMBA AAI Context Builder name: pomba-aaictxbuilder -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/pomba/charts/pomba-aaictxbuilder/requirements.yaml b/kubernetes/pomba/charts/pomba-aaictxbuilder/requirements.yaml index cf4086962c..509eaddf3d 100644 --- a/kubernetes/pomba/charts/pomba-aaictxbuilder/requirements.yaml +++ b/kubernetes/pomba/charts/pomba-aaictxbuilder/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/application.properties b/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/application.properties index 41ec250ac8..e171d173aa 100644 --- a/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/application.properties +++ b/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/application.properties @@ -43,7 +43,7 @@ aai.readTimeout={{ .Values.config.aaiReadTimeout }} http.userId={{ .Values.config.httpUserId }} http.password={{ .Values.config.httpPassword }} -aai.searchNodeQuery=/aai/v11/search/nodes-query?search-node-type=service-instance&filter=service-instance-id:EQUALS: +aai.searchNodeQuery=/aai/v13/nodes/service-instance/{0} #Servlet context parameters server.context_parameters.p-name=value #context parameter with p-name as key and value as value. diff --git a/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/logback.xml b/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/logback.xml index 9991b8b1b0..0a4b616453 100644 --- a/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/logback.xml +++ b/kubernetes/pomba/charts/pomba-aaictxbuilder/resources/config/logback.xml @@ -1,235 +1,31 @@ - - - - - - - - - INFO - - - %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n - - - - - - - INFO - - ${logDirectory}/error.log - true - - %date{"yyyy-MM-dd'T'HH:mm:ss,SSSXXX", UTC}|%X{RequestId}|%.20thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%.-5level|%X{ErrorCode}|%X{ErrorDescription}|%msg%n - - - 10 - ${logDirectory}/error.%i.log.zip - - - - 10MB - - - - - ${logDirectory}/debug.log - true - - %date{"yyyy-MM-dd'T'HH:mm:ss,SSSXXX",UTC}|%X{RequestId}|%.20thread|%.-5level|%logger{36}|%msg%n - - - ${logDirectory}/debug.%d{yyyy-MM-dd}.%i.log.zip - - 10MB - - 5 - - - - - ${logDirectory}/audit.log - true - - %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n - - - - 10 - ${logDirectory}/audit.%i.log.zip - - - - 10MB - - - - 256 - - - - - ${logDirectory}/metric.log - true - - %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| - %msg%n - - - 10 - ${logDirectory}/metric.%i.log.zip - - - - 10MB - - - - 256 - - - - - - ${logDirectory}/security.log - true - - %X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%.20thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n - - - - 10 - ${logDirectory}/security.%i.log.zip - - - - 10MB - - - - 256 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${logDirectory}/Audit.log - - ${logDirectory}/Audit.%i.log.zip - - 1 - 9 - - - 5MB - - - "%d [%thread] %-5level %logger{1024} - %msg%n" - - - - - - ${logDirectory}/Perform.log - - ${logDirectory}/Perform.%i.log.zip - - 1 - 9 - - - 5MB - - - "%d [%thread] %-5level %logger{1024} - %msg%n" - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + ${pattern} + + + + /opt/app/logs/EELF/output.log + + ${pattern} + + + + + + + + + + diff --git a/kubernetes/pomba/charts/pomba-aaictxbuilder/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-aaictxbuilder/templates/deployment.yaml index 6d46e9de09..d8210b32fc 100644 --- a/kubernetes/pomba/charts/pomba-aaictxbuilder/templates/deployment.yaml +++ b/kubernetes/pomba/charts/pomba-aaictxbuilder/templates/deployment.yaml @@ -56,15 +56,20 @@ spec: name: localtime readOnly: true - name: {{ include "common.fullname" . }}-logs - mountPath: /var/log/onap + mountPath: /opt/app/logs + readOnly: false - mountPath: /opt/app/config/logback.xml name: {{ include "common.fullname" . }}-log-conf subPath: logback.xml + - name: {{ include "common.fullname" . }}-logs-eelf + mountPath: /opt/app/logs/EELF + readOnly: false - mountPath: /opt/app/config/application.properties name: {{ include "common.fullname" . }}-config subPath: application.properties readOnly: true + resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -87,7 +92,7 @@ spec: - name: {{ include "common.fullname" . }}-data-filebeat mountPath: /usr/share/filebeat/data - name: {{ include "common.fullname" . }}-logs - mountPath: /var/log/onap + mountPath: /opt/app/logs volumes: - name: localtime @@ -106,7 +111,8 @@ spec: emptyDir: {} - name: {{ include "common.fullname" . }}-logs emptyDir: {} - + - name: {{ include "common.fullname" . }}-logs-eelf + emptyDir: {} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/pomba/charts/pomba-aaictxbuilder/values.yaml b/kubernetes/pomba/charts/pomba-aaictxbuilder/values.yaml index b612389407..f6e13eb482 100644 --- a/kubernetes/pomba/charts/pomba-aaictxbuilder/values.yaml +++ b/kubernetes/pomba/charts/pomba-aaictxbuilder/values.yaml @@ -54,14 +54,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 #Example service definition with external, internal and node ports. diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/Chart.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/Chart.yaml index 28bd0ec88a..77182fb07e 100644 --- a/kubernetes/pomba/charts/pomba-contextaggregator/Chart.yaml +++ b/kubernetes/pomba/charts/pomba-contextaggregator/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP POMBA Context Aggregator name: pomba-contextaggregator -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/requirements.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/requirements.yaml index 896eaf4baa..1d30dfd918 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/requirements.yaml +++ b/kubernetes/pomba/charts/pomba-contextaggregator/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/resources/bin/pre_start.sh b/kubernetes/pomba/charts/pomba-contextaggregator/resources/bin/pre_start.sh deleted file mode 100644 index 8a76cdd929..0000000000 --- a/kubernetes/pomba/charts/pomba-contextaggregator/resources/bin/pre_start.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh - -# Get the list of topic from curl ressult -dmaap_mr_host=message-router -dmaap_mr_port=3904 -temp_output_file=".tmpoutput" -curl -X GET http://$dmaap_mr_host:$dmaap_mr_port/topics > $temp_output_file - -# Test topic POA-AUDIT-INIT, POA-AUDIT-RESULT, POA-RULE-VALIDATION -TOPICS="POA-AUDIT-INIT POA-RULE-VALIDATION POA-AUDIT-RESULT" -for i_topic in $TOPICS -do - echo "Looping ... topic: $i_topic" - if grep -iFq "$i_topic" $temp_output_file - then - # code if found - echo "$i_topic found." - else - # code if not found - echo "$i_topic NOT found." - curl -X POST -H "content-type: application/json" --data '{"event":"create topic"}' http://$dmaap_mr_host:$dmaap_mr_port/events/$i_topic - fi -done - -# remove the temp file -rm -f $temp_output_file diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/aai.properties b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/aai.properties index 5d1e583370..db72a01a5e 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/aai.properties +++ b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/aai.properties @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs +# Copyright © 2018 Amdocs # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties index 9a27a6c8c8..77789f49bd 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties +++ b/kubernetes/pomba/charts/pomba-contextaggregator/resources/config/builders/sdc.properties @@ -24,4 +24,4 @@ key.manager.factory.algorithm=SunX509 security.protocol=TLS connection.timeout.ms=60000 read.timeout.ms=60000 -base.uri=/sdccontextbuilder/service/context +base.uri=/sdccontextbuilder/v2/service/context diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml index b984c52b15..6225338c76 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml +++ b/kubernetes/pomba/charts/pomba-contextaggregator/templates/configmap.yaml @@ -30,16 +30,8 @@ data: --- apiVersion: v1 kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-pre-start-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/bin/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-log namespace: {{ include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} \ No newline at end of file +{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml index 33e82ea5dc..589b2f2275 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml +++ b/kubernetes/pomba/charts/pomba-contextaggregator/templates/deployment.yaml @@ -78,10 +78,6 @@ spec: - mountPath: /opt/app/config/builders name: {{ include "common.fullname" . }}-config-builders readOnly: true - - mountPath: /opt/app/bin/pre_start.sh - name: {{ include "common.fullname" . }}-pre-start - subPath: pre_start.sh - readOnly: false - name: {{ include "common.fullname" . }}-logs mountPath: /opt/app/logs readOnly: false @@ -102,6 +98,20 @@ spec: affinity: {{- toYaml .Values.affinity | indent 10 }} {{- end }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + volumes: - name: localtime hostPath: @@ -112,10 +122,11 @@ spec: - name: {{ include "common.fullname" . }}-config-builders configMap: name: {{ include "common.fullname" . }}-configmap-builders - - name: {{ include "common.fullname" . }}-pre-start + - name: {{ include "common.fullname" . }}-filebeat-conf configMap: - name: {{ include "common.fullname" . }}-pre-start-configmap - defaultMode: 0777 + name: {{ .Release.Name }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} - name: {{ include "common.fullname" . }}-logs emptyDir: {} - name: {{ include "common.fullname" . }}-log-conf diff --git a/kubernetes/common/controller-blueprints/templates/service.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/templates/service.yaml similarity index 76% rename from kubernetes/common/controller-blueprints/templates/service.yaml rename to kubernetes/pomba/charts/pomba-contextaggregator/templates/service.yaml index 438ca19699..defd063d2f 100644 --- a/kubernetes/common/controller-blueprints/templates/service.yaml +++ b/kubernetes/pomba/charts/pomba-contextaggregator/templates/service.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2018 Amdocs, Bell Canada +# Copyright © 2018 Amdocs # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -22,24 +22,13 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} - annotations: -# Example MSB registration annotation -# msb.onap.org/service-info: '[ -# { -# "serviceName": "controller-blueprints", -# "version": "v1", -# "url": "/ecomp/mso/infra", -# "protocol": "REST" -# "port": "8080", -# "visualRange":"1" -# } -# ]' spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} + #Example internal target port if required + #targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} name: {{ .Values.service.portName | default "http" }} {{- else -}} @@ -49,4 +38,4 @@ spec: {{- end}} selector: app: {{ include "common.name" . }} - release: {{ .Release.Name }} \ No newline at end of file + release: {{ .Release.Name }} diff --git a/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml b/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml index d2a0aa1de6..40d40b3611 100755 --- a/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml +++ b/kubernetes/pomba/charts/pomba-contextaggregator/values.yaml @@ -55,14 +55,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 enabled: false @@ -75,8 +75,8 @@ service: #Services may use any combination of ports depending on the 'type' of #service being defined. - #type: ClusterIP - #externalPort: 9529 + type: ClusterIP + externalPort: 9529 internalPort: 9529 #nodePort: # optional port name override - default can be defined in service.yaml diff --git a/kubernetes/pomba/charts/pomba-data-router/Chart.yaml b/kubernetes/pomba/charts/pomba-data-router/Chart.yaml index 6bc19c5aad..5d91c65360 100644 --- a/kubernetes/pomba/charts/pomba-data-router/Chart.yaml +++ b/kubernetes/pomba/charts/pomba-data-router/Chart.yaml @@ -14,4 +14,4 @@ apiVersion: v1 description: ONAP POMBA Data-Router name: pomba-data-router -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/pomba/charts/pomba-data-router/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-data-router/templates/deployment.yaml index cb5c210da9..71f3ac2d93 100644 --- a/kubernetes/pomba/charts/pomba-data-router/templates/deployment.yaml +++ b/kubernetes/pomba/charts/pomba-data-router/templates/deployment.yaml @@ -127,6 +127,20 @@ spec: port: {{ .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + volumes: - name: localtime hostPath: @@ -142,6 +156,11 @@ spec: path: data-router.properties - key: schemaIngest.properties path: schemaIngest.properties + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ .Release.Name }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} - name: {{ include "common.fullname" . }}-dynamic-route configMap: name: {{ include "common.fullname" . }}-dynamic diff --git a/kubernetes/pomba/charts/pomba-data-router/values.yaml b/kubernetes/pomba/charts/pomba-data-router/values.yaml index d92e75c705..5815b9667a 100644 --- a/kubernetes/pomba/charts/pomba-data-router/values.yaml +++ b/kubernetes/pomba/charts/pomba-data-router/values.yaml @@ -27,7 +27,7 @@ global: # application image repository: nexus3.onap.org:10001 -image: onap/data-router:1.3.1 +image: onap/data-router:1.3.3 pullPolicy: Always restartPolicy: Always diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/Chart.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/Chart.yaml index a198fb42fa..e62e7fdeba 100644 --- a/kubernetes/pomba/charts/pomba-elasticsearch/Chart.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP POMBA Elasticsearch name: pomba-elasticsearch -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/requirements.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/requirements.yaml index 896eaf4baa..1d30dfd918 100644 --- a/kubernetes/pomba/charts/pomba-elasticsearch/requirements.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml b/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml index f3d2aaa311..00eb921779 100644 --- a/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml +++ b/kubernetes/pomba/charts/pomba-elasticsearch/values.yaml @@ -29,7 +29,7 @@ busyboxImage: library/busybox:latest # application image loggingRepository: docker.elastic.co -image: elasticsearch/elasticsearch:6.3.1 +image: elasticsearch/elasticsearch:6.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/pomba/charts/pomba-kibana/Chart.yaml b/kubernetes/pomba/charts/pomba-kibana/Chart.yaml index 667059f147..d732104cbf 100644 --- a/kubernetes/pomba/charts/pomba-kibana/Chart.yaml +++ b/kubernetes/pomba/charts/pomba-kibana/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP POMBA Kibana name: pomba-kibana -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/pomba/charts/pomba-kibana/requirements.yaml b/kubernetes/pomba/charts/pomba-kibana/requirements.yaml index 896eaf4baa..1d30dfd918 100644 --- a/kubernetes/pomba/charts/pomba-kibana/requirements.yaml +++ b/kubernetes/pomba/charts/pomba-kibana/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-kibana/resources/config/validationsDump.json b/kubernetes/pomba/charts/pomba-kibana/resources/config/validationsDump.json deleted file mode 100644 index ae01e9679f..0000000000 --- a/kubernetes/pomba/charts/pomba-kibana/resources/config/validationsDump.json +++ /dev/null @@ -1,192 +0,0 @@ -{ - "service-validations": { - "mappings": { - "default": { - "properties": { - "modelInvariantId": { - "type": "text" - }, - "modelName": { - "type": "text" - }, - "modelVersionId": { - "type": "text" - }, - "result": { - "type": "text" - }, - "serviceInstanceId": { - "type": "text" - }, - "validationId": { - "type": "text" - }, - "validationTimestamp": { - "type": "date", - "format": "MMM d y HH:m:s||dd-MM-yyyy HH:mm:ss||yyyy-MM-dd'T'HH:mm:ss.SSSZZ||MM/dd/yyyy||yyyyMMdd'T'HHmmssZ" - }, - "violations": { - "type": "nested", - "properties": { - "category": { - "type": "text" - }, - "errorMessage": { - "type": "text" - }, - "modelName": { - "type": "text" - }, - "severity": { - "type": "text" - }, - "validationRule": { - "type": "text" - }, - "violationDetails": { - "properties": { - "context-list-aai-vf-list[*]": { - "properties": { - "invariant-id": { - "type": "text" - }, - "name": { - "type": "text" - }, - "nf-naming-code": { - "type": "text" - }, - "type": { - "type": "text" - }, - "uuid": { - "type": "text" - }, - "vf-module-list": { - "properties": { - "invariant-id": { - "type": "text" - }, - "max-instances": { - "type": "long" - }, - "min-instances": { - "type": "long" - }, - "uuid": { - "type": "text" - } - } - }, - "vnfc-list": { - "properties": { - "name": { - "type": "text" - }, - "nfc-naming-code": { - "type": "text" - } - } - } - } - }, - "context-list-aai-vf-list[*]-name": { - "type": "text" - }, - "context-list-aai-vf-list[*]-type": { - "type": "text" - }, - "context-list-aai-vf[*]-name": { - "type": "text" - }, - "context-list-aai-vf[*]-type": { - "type": "text" - }, - "context-list-sdc-service-name": { - "type": "text" - }, - "context-list-sdc-vf-list[*]": { - "properties": { - "invariant-id": { - "type": "text" - }, - "name": { - "type": "text" - }, - "type": { - "type": "text" - }, - "uuid": { - "type": "text" - }, - "vf-module-list": { - "properties": { - "invariant-id": { - "type": "text" - }, - "max-instances": { - "type": "long" - }, - "min-instances": { - "type": "long" - }, - "uuid": { - "type": "text" - } - } - }, - "vnfc-list": { - "properties": { - "invariant-id": { - "type": "text" - }, - "name": { - "type": "text" - }, - "nfc-naming-code": { - "type": "text" - }, - "uuid": { - "type": "text" - } - } - } - } - }, - "context-list-sdnc-vf-list[*]-name": { - "type": "text" - }, - "context-list-sdnc-vf-list[*]-type": { - "type": "text" - }, - "context-list-sdnc-vf[*]-name": { - "type": "text" - }, - "context-list-sdnc-vf[*]-type": { - "type": "text" - } - } - }, - "violationId": { - "type": "text" - }, - "violationTimestamp": { - "type": "date", - "format": "MMM d y HH:m:s||dd-MM-yyyy HH:mm:ss||yyyy-MM-dd'T'HH:mm:ss.SSSZZ||MM/dd/yyyy||yyyyMMdd'T'HHmmssZ" - }, - "violationType": { - "type": "text" - } - } - }, - "client": { - "type": "text" - }, - "requestId": { - "type": "text" - } - } - } - } - } -} diff --git a/kubernetes/pomba/charts/pomba-kibana/resources/config/violationsDump.json b/kubernetes/pomba/charts/pomba-kibana/resources/config/violationsDump.json deleted file mode 100644 index 790f8c7f7d..0000000000 --- a/kubernetes/pomba/charts/pomba-kibana/resources/config/violationsDump.json +++ /dev/null @@ -1,48 +0,0 @@ -{ - "service-violations": { - "mappings": { - "default": { - "properties": { - "category": { - "type": "text" - }, - "message": { - "type": "text" - }, - "modelInvariantId": { - "type": "text" - }, - "modelVersionId": { - "type": "text" - }, - "serviceInstanceId": { - "type": "text" - }, - "severity": { - "type": "text" - }, - "validationId": { - "type": "text" - }, - "validationRule": { - "type": "text" - }, - "validationTimestamp": { - "type": "date", - "format": "MMM d y HH:m:s||dd-MM-yyyy HH:mm:ss||yyyy-MM-dd'T'HH:mm:ss.SSSZZ||MM/dd/yyyy||yyyyMMdd'T'HHmmssZ" - }, - "violationId": { - "type": "text" - }, - "violationTimestamp": { - "type": "date", - "format": "MMM d y HH:m:s||dd-MM-yyyy HH:mm:ss||yyyy-MM-dd'T'HH:mm:ss.SSSZZ||MM/dd/yyyy||yyyyMMdd'T'HHmmssZ" - }, - "violationType": { - "type": "text" - } - } - } - } - } -} \ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-kibana/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-kibana/templates/deployment.yaml index 2bc9e796c9..58a0a90acf 100644 --- a/kubernetes/pomba/charts/pomba-kibana/templates/deployment.yaml +++ b/kubernetes/pomba/charts/pomba-kibana/templates/deployment.yaml @@ -79,40 +79,6 @@ spec: - mountPath: /config/default.json name: {{ include "common.fullname" . }} subPath: default.json - - args: - - --output=http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}/service-validations - - --input=/config/validationsDump.json - - --type=mapping - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.configRepository }}/{{ .Values.configImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-config-validation - volumeMounts: - - mountPath: /config/validationsDump.json - name: {{ include "common.fullname" . }} - subPath: validationsDump.json - - args: - - --output=http://{{.Values.config.elasticsearchServiceName}}.{{ include "common.namespace" . }}:{{.Values.config.elasticsearchPort}}/service-violations - - --input=/config/violationsDump.json - - --type=mapping - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.configRepository }}/{{ .Values.configImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-config-violation - volumeMounts: - - mountPath: /config/violationsDump.json - name: {{ include "common.fullname" . }} - subPath: violationsDump.json containers: - name: {{ include "common.name" . }} image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.image }}" @@ -175,10 +141,6 @@ spec: path: kibana.yml - key: default.json path: default.json - - key: validationsDump.json - path: validationsDump.json - - key: violationsDump.json - path: violationsDump.json - key: default-mapping.json path: default-mapping.json - name: {{ include "common.fullname" . }}-auth diff --git a/kubernetes/pomba/charts/pomba-kibana/values.yaml b/kubernetes/pomba/charts/pomba-kibana/values.yaml index fe50e47fda..53725b7798 100644 --- a/kubernetes/pomba/charts/pomba-kibana/values.yaml +++ b/kubernetes/pomba/charts/pomba-kibana/values.yaml @@ -34,7 +34,7 @@ busyboxImage: library/busybox:latest # application image loggingRepository: docker.elastic.co -image: kibana/kibana:6.3.1 +image: kibana/kibana:6.6.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/pomba/charts/pomba-networkdiscovery/Chart.yaml b/kubernetes/pomba/charts/pomba-networkdiscovery/Chart.yaml index 5ab80a70f4..eb27414348 100644 --- a/kubernetes/pomba/charts/pomba-networkdiscovery/Chart.yaml +++ b/kubernetes/pomba/charts/pomba-networkdiscovery/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP POMBA Network Discovery name: pomba-networkdiscovery -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/pomba/charts/pomba-networkdiscovery/requirements.yaml b/kubernetes/pomba/charts/pomba-networkdiscovery/requirements.yaml index 8f9493a9a7..1e8f79bc0e 100644 --- a/kubernetes/pomba/charts/pomba-networkdiscovery/requirements.yaml +++ b/kubernetes/pomba/charts/pomba-networkdiscovery/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties b/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties index a5aeb71ec1..f09dc05980 100644 --- a/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties +++ b/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties @@ -30,9 +30,10 @@ openstack.identity.url ={{ .Values.config.openstackIdentityUrl }} openstack.identity.user ={{ .Values.config.openstackUserId }} openstack.identity.password ={{ .Values.config.openstackPassword }} -openstack.types = vserver, l3-network +openstack.types = vserver, l3-network, port openstack.type.vserver.url = {{ .Values.config.openstackTypeVserverUrl }} openstack.type.l3-network.url = {{ .Values.config.openstackTypeL3NetworkUrl }} +openstack.type.port.url = {{ .Values.config.openstackTypePortUrl }} openstack.api.microversion = 2.42 diff --git a/kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml b/kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml index fdc44298e2..3a50130e24 100644 --- a/kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml +++ b/kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/network-discovery:1.4.1-latest +image: onap/network-discovery:1.5.0-SNAPSHOT-latest pullPolicy: Always # flag to enable debugging - application support required @@ -55,6 +55,7 @@ config: # Openstack Rest API URLs: openstackTypeVserverUrl: http://10.69.36.11:8774/v2.1/servers/{0} openstackTypeL3NetworkUrl: http://10.69.36.11:9696/v2.0/networks/{0} + openstackTypePortUrl: http://10.69.36.11:9696/v2.0/ports/{0} # default number of instances replicaCount: 1 @@ -65,14 +66,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 #Example service definition with external, internal and node ports. diff --git a/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/Chart.yaml b/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/Chart.yaml index 1ded7ec8e3..4479e0931f 100644 --- a/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/Chart.yaml +++ b/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP POMBA Network Discovery Context Builder name: pomba-networkdiscoveryctxbuilder -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/requirements.yaml b/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/requirements.yaml index cf4086962c..509eaddf3d 100644 --- a/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/requirements.yaml +++ b/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/values.yaml b/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/values.yaml index b45c24b9e9..6afe768b14 100644 --- a/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/values.yaml +++ b/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/values.yaml @@ -69,14 +69,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 #Example service definition with external, internal and node ports. diff --git a/kubernetes/pomba/charts/pomba-sdcctxbuilder/Chart.yaml b/kubernetes/pomba/charts/pomba-sdcctxbuilder/Chart.yaml index 4a49d84c07..c77e28d19f 100644 --- a/kubernetes/pomba/charts/pomba-sdcctxbuilder/Chart.yaml +++ b/kubernetes/pomba/charts/pomba-sdcctxbuilder/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP POMBA SDC Context Builder name: pomba-sdcctxbuilder -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/pomba/charts/pomba-sdcctxbuilder/requirements.yaml b/kubernetes/pomba/charts/pomba-sdcctxbuilder/requirements.yaml index 896eaf4baa..1d30dfd918 100644 --- a/kubernetes/pomba/charts/pomba-sdcctxbuilder/requirements.yaml +++ b/kubernetes/pomba/charts/pomba-sdcctxbuilder/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-sdcctxbuilder/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-sdcctxbuilder/templates/deployment.yaml index 6ae5ee3e4e..247c85fbe3 100644 --- a/kubernetes/pomba/charts/pomba-sdcctxbuilder/templates/deployment.yaml +++ b/kubernetes/pomba/charts/pomba-sdcctxbuilder/templates/deployment.yaml @@ -79,6 +79,19 @@ spec: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + volumes: - name: localtime hostPath: @@ -91,6 +104,11 @@ spec: - name: {{ include "common.fullname" . }}-log-conf configMap: name: {{ include "common.fullname" . }}-log + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ .Release.Name }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} - name: {{ include "common.fullname" . }}-logs-eelf emptyDir: {} imagePullSecrets: diff --git a/kubernetes/pomba/charts/pomba-sdcctxbuilder/values.yaml b/kubernetes/pomba/charts/pomba-sdcctxbuilder/values.yaml index 6d90256fd1..bddc349736 100644 --- a/kubernetes/pomba/charts/pomba-sdcctxbuilder/values.yaml +++ b/kubernetes/pomba/charts/pomba-sdcctxbuilder/values.yaml @@ -56,14 +56,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 #Example service definition with external, internal and node ports. diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/Chart.yaml b/kubernetes/pomba/charts/pomba-sdncctxbuilder/Chart.yaml index c9dad032aa..2acbe53495 100644 --- a/kubernetes/pomba/charts/pomba-sdncctxbuilder/Chart.yaml +++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP POMBA SDNC Context Builder name: pomba-sdncctxbuilder -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/requirements.yaml b/kubernetes/pomba/charts/pomba-sdncctxbuilder/requirements.yaml index cf4086962c..509eaddf3d 100644 --- a/kubernetes/pomba/charts/pomba-sdncctxbuilder/requirements.yaml +++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties b/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties index fcfe9dc412..24b443c57f 100644 --- a/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties +++ b/kubernetes/pomba/charts/pomba-sdncctxbuilder/resources/config/application.properties @@ -17,7 +17,7 @@ spring.mvc.urls=swagger,docs,prometheus,auditevents,info,heapdump,autoconfig,bea camel.springboot.xmlRoutes = file:config/dynamic/routes/*.route service.xml.beans = config/dynamic/conf/*.xml -server.contextPath=/sdnccontextbuilder/v1 +server.contextPath=/sdnccontextbuilder spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration #This property is used to set the Tomcat connector attributes.developers can define multiple attributes separated by comma @@ -53,9 +53,7 @@ aai.readTimeout={{ .Values.config.aaiReadTimeout }} aai.http.userId={{ .Values.config.aaiHttpUserId }} aai.http.password={{ .Values.config.aaiHttpPassword }} -aai.searchNodeQuery=/aai/v11/search/nodes-query?search-node-type=service-instance&filter=service-instance-id:EQUALS: -aai.customerQuery=/aai/v11/business/customers/customer/ -aai.serviceInstancePath=/aai/v11/business/customers/customer/{0}/service-subscriptions/service-subscription/{1}/service-instances/service-instance/{2} +aai.serviceInstanceQuery=/aai/v13/nodes/service-instance/{0} # SDNC REST Client Configuration sdnc.serviceName={{ .Values.config.sdncServiceName }}.{{.Release.Namespace}} @@ -66,6 +64,7 @@ sdnc.httpProtocol={{ .Values.config.sdncHttpProtocol }} sdnc.connectionTimeout={{ .Values.config.sdncConnectionTimeout }} sdnc.readTimeout={{ .Values.config.sdncReadTimeout }} sdnc.genericResourcePath=/restconf/config/GENERIC-RESOURCE-API:services/service/{0} +sdnc.portMirrorResourcePath=/restconf/config/GENERIC-RESOURCE-API:port-mirror-configurations/port-mirror-configuration/{0}/configuration-data/configuration-operation-information/port-mirror-configuration-request-input sdnc.vnfPath=/restconf/config/VNF-API:vnfs/vnf-list/{0} #Servlet context parameters diff --git a/kubernetes/pomba/charts/pomba-search-data/Chart.yaml b/kubernetes/pomba/charts/pomba-search-data/Chart.yaml index 1895998edb..bd5bdb6a68 100644 --- a/kubernetes/pomba/charts/pomba-search-data/Chart.yaml +++ b/kubernetes/pomba/charts/pomba-search-data/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP POMBA search-data name: pomba-search-data -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/pomba/charts/pomba-search-data/resources/config/es-payload-translation.json b/kubernetes/pomba/charts/pomba-search-data/resources/config/es-payload-translation.json index de8bacf4cb..58ed8f6428 100644 --- a/kubernetes/pomba/charts/pomba-search-data/resources/config/es-payload-translation.json +++ b/kubernetes/pomba/charts/pomba-search-data/resources/config/es-payload-translation.json @@ -1,19 +1,16 @@ { - "attr-translations": [{ - "from": "\"type\":\"string\",\"index\":\"analyzed\"", - "to": "\"type\":\"text\",\"index\":\"true\"" - }, + "attr-translations": [ { - "from": "\"type\":\"string\",\"index\":\"not_analyzed\"", - "to": "\"type\":\"keyword\",\"index\":\"true\"" + "query": "$..[?(@.type=='string' && @.index=='analyzed')]", + "update": {"type": "text", "index": true, "fielddata": true} }, { - "from": "\"type\":\"string\"", - "to": "\"type\":\"text\"" + "query": "$..[?(@.type=='string' && @.index=='not_analyzed')]", + "update": {"type": "keyword", "index": true} }, { - "from": "searchable", - "to": "index" + "query": "$..[?(@.type=='string' && !@.index)]", + "update": {"type": "text", "fielddata": true} } ] } \ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-search-data/values.yaml b/kubernetes/pomba/charts/pomba-search-data/values.yaml index 6a3659e82d..7404f71232 100644 --- a/kubernetes/pomba/charts/pomba-search-data/values.yaml +++ b/kubernetes/pomba/charts/pomba-search-data/values.yaml @@ -29,14 +29,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 service: diff --git a/kubernetes/pomba/charts/pomba-servicedecomposition/Chart.yaml b/kubernetes/pomba/charts/pomba-servicedecomposition/Chart.yaml index 98b2e9771c..153e98d105 100644 --- a/kubernetes/pomba/charts/pomba-servicedecomposition/Chart.yaml +++ b/kubernetes/pomba/charts/pomba-servicedecomposition/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP POMBA Network Discovery Service Decomposition name: pomba-servicedecomposition -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/pomba/charts/pomba-servicedecomposition/requirements.yaml b/kubernetes/pomba/charts/pomba-servicedecomposition/requirements.yaml index 653f6ac0f1..d64f5a31e1 100644 --- a/kubernetes/pomba/charts/pomba-servicedecomposition/requirements.yaml +++ b/kubernetes/pomba/charts/pomba-servicedecomposition/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/pomba/charts/pomba-servicedecomposition/resources/config/application.properties b/kubernetes/pomba/charts/pomba-servicedecomposition/resources/config/application.properties index 8c7d27cab0..bbf0901449 100644 --- a/kubernetes/pomba/charts/pomba-servicedecomposition/resources/config/application.properties +++ b/kubernetes/pomba/charts/pomba-servicedecomposition/resources/config/application.properties @@ -45,8 +45,9 @@ aai.httpProtocol={{ .Values.config.aaiHttpProtocol }} aai.securityProtocol=TLS aai.connectionTimeout=60000 aai.readTimeout=60000 -aai.resourceList=vnfc,vserver,l3-network +aai.resourceList=vnfc,vserver,l3-network,pserver aai.serviceInstancePath=/aai/v13/nodes/service-instance/{0} +aai.urlDepth=2 #Servlet context parameters server.context_parameters.p-name=value #context parameter with p-name as key and value as value. diff --git a/kubernetes/pomba/charts/pomba-servicedecomposition/resources/config/log/logback.xml b/kubernetes/pomba/charts/pomba-servicedecomposition/resources/config/log/logback.xml index 1f00cbddce..3b02684b68 100644 --- a/kubernetes/pomba/charts/pomba-servicedecomposition/resources/config/log/logback.xml +++ b/kubernetes/pomba/charts/pomba-servicedecomposition/resources/config/log/logback.xml @@ -1,30 +1,31 @@ - - - - - - - - - - - - - - ${pattern} - - - - output.log - - ${pattern} - - - - - - - - - - + + + + + + + + + + + + + + ${pattern} + + + + logs/EELF/output.log + + ${pattern} + + + + + + + + + + + \ No newline at end of file diff --git a/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml b/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml index 8923020c98..b1065c14a8 100644 --- a/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml +++ b/kubernetes/pomba/charts/pomba-servicedecomposition/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs +# Copyright © 2018 Amdocs # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -24,7 +24,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/service-decomposition:1.4.2 +image: onap/service-decomposition:1.5.0-SNAPSHOT-latest pullPolicy: Always # flag to enable debugging - application support required @@ -52,14 +52,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: true readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 #Example service definition with external, internal and node ports. diff --git a/kubernetes/pomba/charts/pomba-validation-service/Chart.yaml b/kubernetes/pomba/charts/pomba-validation-service/Chart.yaml index 3fbbb5d8b6..020409da0b 100644 --- a/kubernetes/pomba/charts/pomba-validation-service/Chart.yaml +++ b/kubernetes/pomba/charts/pomba-validation-service/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: POMBA Validaton-Service name: pomba-validation-service -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/pomba/charts/pomba-validation-service/requirements.yaml b/kubernetes/pomba/charts/pomba-validation-service/requirements.yaml index 9f23fac6f8..71fbbc5ce9 100644 --- a/kubernetes/pomba/charts/pomba-validation-service/requirements.yaml +++ b/kubernetes/pomba/charts/pomba-validation-service/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy b/kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy index 877e74c7e0..df75b31eab 100644 --- a/kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy +++ b/kubernetes/pomba/charts/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy @@ -25,130 +25,182 @@ entity { // NDCB-AAI comparison: Context level useRule { - name 'NDCB-AAI-attribute-comparison' + name 'Attribute-comparison' attributes 'context-list.ndcb', 'context-list.aai' } // NDCB-AAI comparison: Service entity useRule { - name 'NDCB-AAI-attribute-comparison' + name 'Attribute-comparison' attributes 'context-list.ndcb.service', 'context-list.aai.service' } - // NDCB-AAI comparison: VF list + // NDCB-AAI comparison: Context level network list useRule { - name 'NDCB-AAI-attribute-comparison' + name 'Attribute-comparison' + attributes 'context-list.ndcb.networkList[*]', 'context-list.aai.networkList[*]' + } + + // NDCB-AAI comparison: VNF list + useRule { + name 'Attribute-comparison' attributes 'context-list.ndcb.vnfList[*]', 'context-list.aai.vnfList[*]' } + // NDCB-AAI comparison: VNF network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].networkList[*]', 'context-list.aai.vnfList[*].networkList[*]' + } + // NDCB-AAI comparison: VF-Module list useRule { - name 'NDCB-AAI-attribute-comparison' + name 'Attribute-comparison' attributes 'context-list.ndcb.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]' } + // NDCB-AAI comparison: VF-Module network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]' + } + // NDCB-AAI comparison: VNFC list useRule { - name 'NDCB-AAI-attribute-comparison' + name 'Attribute-comparison' attributes 'context-list.ndcb.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]' } // NDCB-AAI comparison: VM list useRule { - name 'NDCB-AAI-attribute-comparison' + name 'Attribute-comparison' attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].vmList[*]' } - // NDCB-AAI comparison: Network list + // NDCB-AAI comparison: P-Interface list useRule { - name 'NDCB-AAI-attribute-comparison' - attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]' + name 'Attribute-comparison' + attributes 'context-list.ndcb.pnfList[*].pInterfaceList[*]', 'context-list.aai.pnfList[*].pInterfaceList[*]' } - + + // SDNC-AAI comparison: Context level useRule { - name 'SDNC-AAI-attribute-comparison' + name 'Attribute-comparison' attributes 'context-list.sdnc', 'context-list.aai' } // SDNC-AAI comparison: Service entity useRule { - name 'SDNC-AAI-attribute-comparison' + name 'Attribute-comparison' attributes 'context-list.sdnc.service', 'context-list.aai.service' } - // SDNC-AAI comparison: VF list + // SDNC-AAI comparison: Context level network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.networkList[*]', 'context-list.aai.networkList[*]' + } + + // SDNC-AAI comparison: VNF list useRule { - name 'SDNC-AAI-attribute-comparison' + name 'Attribute-comparison' attributes 'context-list.sdnc.vnfList[*]', 'context-list.aai.vnfList[*]' } + // SDNC-AAI comparison: VNF network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].networkList[*]', 'context-list.aai.vnfList[*].networkList[*]' + } + // SDNC-AAI comparison: VF-Module list useRule { - name 'SDNC-AAI-attribute-comparison' + name 'Attribute-comparison' attributes 'context-list.sdnc.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]' } + // SDNC-AAI comparison: VF-Module network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]' + } + // SDNC-AAI comparison: VNFC list useRule { - name 'SDNC-AAI-attribute-comparison' + name 'Attribute-comparison' attributes 'context-list.sdnc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]' } // SDNC-AAI comparison: VM list useRule { - name 'SDNC-AAI-attribute-comparison' + name 'Attribute-comparison' attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].vmList[*]' } - // SDNC-AAI comparison: Network list + // AAI-SDNC PNF name validation useRule { - name 'SDNC-AAI-attribute-comparison' - attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]' + name 'AAI-SDNC-pnf-name-check' + attributes 'context-list.aai.pnfList[*].name', 'context-list.sdnc.pnfList[*].name' } + // SDNC-NDCB comparison: Context level useRule { - name 'SDNC-NDCB-attribute-comparison' + name 'Attribute-comparison' attributes 'context-list.sdnc', 'context-list.ndcb' } // SDNC-NDCB comparison: Service entity useRule { - name 'SDNC-NDCB-attribute-comparison' + name 'Attribute-comparison' attributes 'context-list.sdnc.service', 'context-list.ndcb.service' } - // SDNC-NDCB comparison: VF list + // SDNC-NDCB comparison: Context level network list useRule { - name 'SDNC-NDCB-attribute-comparison' + name 'Attribute-comparison' + attributes 'context-list.sdnc.networkList[*]', 'context-list.ndcb.networkList[*]' + } + + // SDNC-NDCB comparison: VNF list + useRule { + name 'Attribute-comparison' attributes 'context-list.sdnc.vnfList[*]', 'context-list.ndcb.vnfList[*]' } + // SDNC-NDCB comparison: VNF network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].networkList[*]', 'context-list.ndcb.vnfList[*].networkList[*]' + } + // SDNC-NDCB comparison: VF-Module list useRule { - name 'SDNC-NDCB-attribute-comparison' + name 'Attribute-comparison' attributes 'context-list.sdnc.vnfList[*].vfModuleList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*]' } + // SDNC-NDCB comparison: VF-Module network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]' + } + // SDNC-NDCB comparison: VNFC list useRule { - name 'SDNC-NDCB-attribute-comparison' + name 'Attribute-comparison' attributes 'context-list.sdnc.vnfList[*].vnfcList[*]', 'context-list.ndcb.vnfList[*].vnfcList[*]' } // SDNC-NDCB comparison: VM list useRule { - name 'SDNC-NDCB-attribute-comparison' + name 'Attribute-comparison' attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*].vmList[*]' } - // SDNC-NDCB comparison: Network list - useRule { - name 'SDNC-NDCB-attribute-comparison' - attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]' - } - + + // SDC-AAI VNFC type useRule { name 'SDC-AAI-vnfc-type' @@ -236,249 +288,126 @@ rule { } rule { - name 'NDCB-AAI-attribute-comparison' - category 'Attribute Mismatch' - description 'Verify that all attributes in Network-Discovery are the same as in AAI' - errorText 'Error found with attribute "{0}"; Network-Discovery value does not match AAI value "{1}"' - severity 'ERROR' - attributes 'ndcbItems', 'aaiItems' - validate ''' - Closure getAttributes = { parsedData -> - java.util.Map attributeMap = new java.util.HashMap() - - def isAttributeDataQualityOk = { attribute -> - attribute.findResult{ k, v -> if(k.equals("dataQuality") ) {return v.get("status")}}.equals("ok") - } - - def addToMap = { attrKey, attrValue -> - java.util.Set values = attributeMap.get("$attrKey") - if(values == null) { - values = new java.util.HashSet() - attributeMap.put("$attrKey", values) - } - values.add("$attrValue") - } - - def addAttributeToMap = { attribute -> - if(isAttributeDataQualityOk(attribute)) { - String key, value - attribute.each { k, v -> - if(k.equals("name")) {key = "$v"} - if(k.equals("value")) {value = "$v"} - } - addToMap("$key", "$value") - } - } - - def processKeyValue = { key, value -> - if(value instanceof java.util.ArrayList) { - if(key.equals("attributeList")) { - value.each { - addAttributeToMap(it) - } - } - } else if(!(value instanceof groovy.json.internal.LazyMap)) { - // only add key-value attributes, skip the rest - addToMap("$key", "$value") - } - } - - if(parsedData instanceof java.util.ArrayList) { - parsedData.each { - it.each { key, value -> processKeyValue(key, value) } - } - } else { - parsedData.each { key, value -> processKeyValue(key, value) } - } - return attributeMap - } - - def slurper = new groovy.json.JsonSlurper() - java.util.Map ndcb = getAttributes(slurper.parseText(ndcbItems.toString())) - java.util.Map aai = getAttributes(slurper.parseText(aaiItems.toString())) - - boolean result = true - List details = new ArrayList<>(); - ndcb.any{ ndcbKey, ndcbValueList -> - def aaiValueList = aai.get("$ndcbKey") - aaiValueList.each{ aaiValue -> - if(!ndcbValueList.any{ it == "$aaiValue" }) { - result = false - details.add("$ndcbKey") - details.add("$aaiValue") - } - } - if(result == false) { - // break out of 'any' loop - return true - } - } - return new Tuple2(result, details) - ''' -} - -rule { - name 'SDNC-AAI-attribute-comparison' - category 'Attribute Mismatch' - description 'Verify that all attributes in SDN-C are the same as in AAI' - errorText 'Error found with attribute "{0}"; SDN-C value does not match AAI value "{1}"' - severity 'ERROR' - attributes 'sdncItems', 'aaiItems' - validate ''' - Closure getAttributes = { parsedData -> - java.util.Map attributeMap = new java.util.HashMap() - - def isAttributeDataQualityOk = { attribute -> - attribute.findResult{ k, v -> if(k.equals("dataQuality") ) {return v.get("status")}}.equals("ok") - } - - def addToMap = { attrKey, attrValue -> - java.util.Set values = attributeMap.get("$attrKey") - if(values == null) { - values = new java.util.HashSet() - attributeMap.put("$attrKey", values) - } - values.add("$attrValue") - } - - def addAttributeToMap = { attribute -> - if(isAttributeDataQualityOk(attribute)) { - String key, value - attribute.each { k, v -> - if(k.equals("name")) {key = "$v"} - if(k.equals("value")) {value = "$v"} - } - addToMap("$key", "$value") - } - } - - def processKeyValue = { key, value -> - if(value instanceof java.util.ArrayList) { - if(key.equals("attributeList")) { - value.each { - addAttributeToMap(it) - } - } - } else if(!(value instanceof groovy.json.internal.LazyMap)) { - // only add key-value attributes, skip the rest - addToMap("$key", "$value") - } - } - - if(parsedData instanceof java.util.ArrayList) { - parsedData.each { - it.each { key, value -> processKeyValue(key, value) } - } - } else { - parsedData.each { key, value -> processKeyValue(key, value) } - } - return attributeMap - } - - def slurper = new groovy.json.JsonSlurper() - java.util.Map sdnc = getAttributes(slurper.parseText(sdncItems.toString())) - java.util.Map aai = getAttributes(slurper.parseText(aaiItems.toString())) - - boolean result = true - List details = new ArrayList<>(); - sdnc.any{ sdncKey, sdncValueList -> - def aaiValueList = aai.get("$sdncKey") - aaiValueList.each{ aaiValue -> - if(!sdncValueList.any{ it == "$aaiValue" }) { - result = false - details.add("$sdncKey") - details.add("$aaiValue") - } - } - if(result == false) { - // break out of 'any' loop - return true - } - } - return new Tuple2(result, details) - ''' -} - - -rule { - name 'SDNC-NDCB-attribute-comparison' + name 'Attribute-comparison' category 'Attribute Mismatch' - description 'Verify that all attributes in SDN-C are the same as in Network Discovery' - errorText 'Error found with attribute "{0}"; SDN-C value does not match Network-Discovery value "{1}"' + description 'Determine all discrepancies between values for attributes with matching names from each model' + errorText 'Error found with attribute(s) and values: {0}' severity 'ERROR' - attributes 'sdncItems', 'ndcbItems' + attributes 'lhsObject', 'rhsObject' validate ''' - Closure getAttributes = { parsedData -> - java.util.Map attributeMap = new java.util.HashMap() - - def isAttributeDataQualityOk = { attribute -> - attribute.findResult{ k, v -> if(k.equals("dataQuality") ) {return v.get("status")}}.equals("ok") - } - - def addToMap = { attrKey, attrValue -> - java.util.Set values = attributeMap.get("$attrKey") - if(values == null) { - values = new java.util.HashSet() - attributeMap.put("$attrKey", values) - } - values.add("$attrValue") - } - - def addAttributeToMap = { attribute -> - if(isAttributeDataQualityOk(attribute)) { - String key, value - attribute.each { k, v -> - if(k.equals("name")) {key = "$v"} - if(k.equals("value")) {value = "$v"} - } - addToMap("$key", "$value") - } - } - - def processKeyValue = { key, value -> - if(value instanceof java.util.ArrayList) { - if(key.equals("attributeList")) { - value.each { - addAttributeToMap(it) - } - } - } else if(!(value instanceof groovy.json.internal.LazyMap)) { - // only add key-value attributes, skip the rest - addToMap("$key", "$value") - } - } - - if(parsedData instanceof java.util.ArrayList) { - parsedData.each { - it.each { key, value -> processKeyValue(key, value) } - } - } else { - parsedData.each { key, value -> processKeyValue(key, value) } - } - return attributeMap - } - - def slurper = new groovy.json.JsonSlurper() - java.util.Map sdnc = getAttributes(slurper.parseText(sdncItems.toString())) - java.util.Map ndcb = getAttributes(slurper.parseText(ndcbItems.toString())) - - boolean result = true - List details = new ArrayList<>(); - sdnc.any{ sdncKey, sdncValueList -> - def ndcbValueList = ndcb.get("$sdncKey") - ndcbValueList.each{ ndcbValue -> - if(!sdncValueList.any{ it == "$ndcbValue" }) { - result = false - details.add("$sdncKey") - details.add("$ndcbValue") - } - } - if(result == false) { - // break out of 'any' loop - return true - } - } - return new Tuple2(result, details) + // This closure extracts the given object's root level attributes and contents of the attribute list. + // Complex items like lists are excluded. + // Returns a map containing attribute names as keys, mapping to a list of values for each attribute. + Closure getAttributes = { parsedData -> + java.util.Map attributeMap = new java.util.HashMap() + + def isAttributeDataQualityOk = { attribute -> + attribute.findResult{ k, v -> if(k.equals("dataQuality") ) {return v.get("status")}}.equals("ok") + } + + def addToMap = { attrKey, attrValue -> + java.util.Set values = attributeMap.get("$attrKey") + if(values == null) { + values = new java.util.HashSet() + attributeMap.put("$attrKey", values) + } + values.add("$attrValue") + } + + def addAttributeToMap = { attribute -> + if(isAttributeDataQualityOk(attribute)) { + String key, value + attribute.each { k, v -> + if(k.equals("name")) {key = "$v"} + if(k.equals("value")) {value = "$v"} + } + addToMap("$key", "$value") + } + } + + def processKeyValue = { key, value -> + if(value instanceof java.util.ArrayList) { + if(key.equals("attributeList")) { + value.each { + addAttributeToMap(it) + } + } + } else if(!(value instanceof groovy.json.internal.LazyMap)) { + // only add key-value attributes, skip the rest + addToMap("$key", "$value") + } + } + + if(parsedData instanceof java.util.ArrayList) { + parsedData.each { + it.each { key, value -> processKeyValue(key, value) } + } + } else { + parsedData.each { key, value -> processKeyValue(key, value) } + } + return attributeMap + } + + // This closure compares all values for each key from the left map, to values of the same key from the right map. + // Returns a map of attributes with mismatched or missing values (i.e. attribute name mapped to list of failed values). + Closure compareAttributes = { java.util.Map left, java.util.Map right -> + java.util.Map violationMap = new java.util.HashMap() + left.each{ leftKey, leftValueList -> + def rightValueList = right.get("$leftKey") + rightValueList.each{ rightValue -> + if(!leftValueList.any{ it == "$rightValue" }) { + def existingValues = violationMap.get(leftKey) + if(existingValues) { + existingValues.add("$rightValue") + } else { + java.util.Set newValues = new HashSet() + newValues.add("$rightValue") + violationMap.put("$leftKey", newValues) + } + } + } + } + return violationMap + } + + // This closure merges the given maps into a new map. + // Returns a map containing all keys and their values from both maps. + Closure mergeMaps = { java.util.Map left, java.util.Map right -> + if(left.isEmpty() && right.isEmpty()) { + return [:] + } else if(left.isEmpty()) { + return right + } else if(right.isEmpty()) { + return left + } + java.util.Map merged = new java.util.HashMap() + merged.putAll(left) + right.each{ rightKey, rightValues -> + java.util.Set mergedValues = merged.get(rightKey) + if(mergedValues == null) { + merged.put(rightKey, rightValues) + } else { + mergedValues.addAll(rightValues) + } + } + return merged + } + + def slurper = new groovy.json.JsonSlurper() + java.util.Map lhsAttributes = getAttributes(slurper.parseText(lhsObject.toString())) + java.util.Map rhsAttributes = getAttributes(slurper.parseText(rhsObject.toString())) + + def leftToRight = compareAttributes(lhsAttributes, rhsAttributes) + def rightToLeft = compareAttributes(rhsAttributes, lhsAttributes) + def mergedResults = mergeMaps(leftToRight, rightToLeft) + + boolean success = true + List details = new ArrayList<>() + if(!mergedResults.isEmpty()) { + success = false + details.add(mergedResults.toString()) + } + return new Tuple2(success, details) ''' } @@ -514,3 +443,52 @@ rule { return new Tuple2(success, details) ''' } + +rule { + name 'AAI-SDNC-pnf-name-check' + category 'PNF Consistency' + description 'Validate that each PNF name in AAI matches a PNF name in the SDNC model' + errorText 'AAI PNF names do not match SDNC - {0}' + severity 'ERROR' + attributes 'aaiNames', 'sdncNames' + validate ''' + def addName = { values, key -> + values.add("$key") + } + + List errorReasons = new ArrayList(); + + if (aaiNames.size() != sdncNames.size()) { + errorReasons.add("Number of PNFs don't match; aai has ${aaiNames.size()}, sdnc has ${sdncNames.size()}") + return new Tuple2(false, errorReasons) + } + + // collect all the "name" values from AAI and SDNC into two Sets. + Set aaiNameSet = new java.util.HashSet() + aaiNames.each { + aValue -> addName(aaiNameSet, aValue) + } + + Set sdncNameSet = new java.util.HashSet() + sdncNames.each { + aValue -> addName(sdncNameSet, aValue) + } + + // Validate that the names match by comparing the size of the two Sets. + if (aaiNameSet.size() != sdncNameSet.size()) { + errorReasons.add("Number of distinct PNF names don't match; aai: ${aaiNameSet}, sdnc: ${sdncNameSet}") + return new Tuple2(false, errorReasons) + } + + Set combinedSet = new HashSet(); + combinedSet.addAll(aaiNameSet); + combinedSet.addAll(sdncNameSet); + if (combinedSet.size() != aaiNameSet.size()) { + errorReasons.add("PNF names don't match; aai names: ${aaiNameSet}, sdnc names: ${sdncNameSet}") + return new Tuple2(false, errorReasons) + } + + return true + + ''' +} diff --git a/kubernetes/pomba/charts/pomba-validation-service/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-validation-service/templates/deployment.yaml index df62915b64..d8864e276f 100644 --- a/kubernetes/pomba/charts/pomba-validation-service/templates/deployment.yaml +++ b/kubernetes/pomba/charts/pomba-validation-service/templates/deployment.yaml @@ -85,14 +85,34 @@ spec: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + # Filebeat sidecar container + - name: {{ include "common.name" . }}-filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: {{ include "common.fullname" . }}-filebeat-conf + mountPath: /usr/share/filebeat/filebeat.yml + subPath: filebeat.yml + - name: {{ include "common.fullname" . }}-data-filebeat + mountPath: /usr/share/filebeat/data + - name: {{ include "common.fullname" . }}-logs + mountPath: /opt/app/logs + volumes: - name: localtime hostPath: path: /etc/localtime + - name: {{ include "common.fullname" . }}-filebeat-conf + configMap: + name: {{ .Release.Name }}-pomba-filebeat-configmap + - name: {{ include "common.fullname" . }}-data-filebeat + emptyDir: {} - name: root-config-app-prop configMap: name: {{ include "common.fullname" . }}-root-config defaultMode: 0644 + - name: {{ include "common.fullname" . }}-logs + emptyDir: {} - name: properties configMap: name: {{ include "common.fullname" . }}-config-properties diff --git a/kubernetes/pomba/charts/pomba-validation-service/values.yaml b/kubernetes/pomba/charts/pomba-validation-service/values.yaml index 2cb175a265..d0b964e5e3 100644 --- a/kubernetes/pomba/charts/pomba-validation-service/values.yaml +++ b/kubernetes/pomba/charts/pomba-validation-service/values.yaml @@ -56,14 +56,14 @@ affinity: {} # probe configuration parameters liveness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container enabled: false readiness: - initialDelaySeconds: 10 + initialDelaySeconds: 30 periodSeconds: 10 enabled: false diff --git a/kubernetes/pomba/requirements.yaml b/kubernetes/pomba/requirements.yaml index 5359e3b505..845a5fe571 100644 --- a/kubernetes/pomba/requirements.yaml +++ b/kubernetes/pomba/requirements.yaml @@ -14,7 +14,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/pomba/resources/config/log/filebeat/filebeat.yml b/kubernetes/pomba/resources/config/log/filebeat/filebeat.yml index b0d4690754..768b1c59dc 100644 --- a/kubernetes/pomba/resources/config/log/filebeat/filebeat.yml +++ b/kubernetes/pomba/resources/config/log/filebeat/filebeat.yml @@ -3,9 +3,15 @@ filebeat.prospectors: - input_type: log #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. paths: + - /opt/app/logs/EELF/*/*.log + - /opt/app/logs/EELF/*.log - /var/log/onap/*/*/*/*.log - /var/log/onap/*/*/*.log - /var/log/onap/*/*.log + - /var/log/onap/*.log + - /logs/*/*.log + - /logs/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive ignore_older: 48h # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit diff --git a/kubernetes/portal/Chart.yaml b/kubernetes/portal/Chart.yaml index 84105d2db2..8ab304f5c0 100644 --- a/kubernetes/portal/Chart.yaml +++ b/kubernetes/portal/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Web Portal name: portal -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/portal/charts/portal-app/Chart.yaml b/kubernetes/portal/charts/portal-app/Chart.yaml index 01e83e8e28..0df66c88bd 100644 --- a/kubernetes/portal/charts/portal-app/Chart.yaml +++ b/kubernetes/portal/charts/portal-app/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Portal application name: portal-app -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks deleted file mode 100644 index 4b7e115d8c..0000000000 Binary files a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks and /dev/null differ diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 index df2f4f6cd3..c53a7ae9b3 100644 Binary files a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 and b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 differ diff --git a/kubernetes/portal/charts/portal-cassandra/Chart.yaml b/kubernetes/portal/charts/portal-cassandra/Chart.yaml index a899183ee8..1f0252b19c 100644 --- a/kubernetes/portal/charts/portal-cassandra/Chart.yaml +++ b/kubernetes/portal/charts/portal-cassandra/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Portal cassandra name: portal-cassandra -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/portal/charts/portal-mariadb/Chart.yaml b/kubernetes/portal/charts/portal-mariadb/Chart.yaml index 8a966214a5..f6cf25dfc2 100644 --- a/kubernetes/portal/charts/portal-mariadb/Chart.yaml +++ b/kubernetes/portal/charts/portal-mariadb/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: MariaDB Service name: portal-mariadb -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql b/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql index f34d247c88..e3fdb19778 100644 --- a/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql +++ b/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql @@ -72,4 +72,4 @@ update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS -- vid update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', ueb_key='2Re7Pvdkgw5aeAUD', auth_central = 'Y' , auth_namespace = 'org.onap.vid' where app_id = 6; -- aai sparky -update fn_app set app_username='aaiui', app_password='4LK69amiIFtuzcl6Gsv97Tt7MLhzo03aoOx7dTvdjKQ=', ueb_key='ueb_key' where app_id = 7; \ No newline at end of file +update fn_app set app_username='aaiui', app_password='4LK69amiIFtuzcl6Gsv97Tt7MLhzo03aoOx7dTvdjKQ=', ueb_key='ueb_key_7' where app_id = 7; \ No newline at end of file diff --git a/kubernetes/portal/charts/portal-sdk/Chart.yaml b/kubernetes/portal/charts/portal-sdk/Chart.yaml index 5eac1fc958..bb85ea68da 100644 --- a/kubernetes/portal/charts/portal-sdk/Chart.yaml +++ b/kubernetes/portal/charts/portal-sdk/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Portal software development kit name: portal-sdk -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/portal/charts/portal-widget/Chart.yaml b/kubernetes/portal/charts/portal-widget/Chart.yaml index 1e73c38e9e..b7617c933a 100644 --- a/kubernetes/portal/charts/portal-widget/Chart.yaml +++ b/kubernetes/portal/charts/portal-widget/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Portal widgets micro service application name: portal-widget -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/portal/charts/portal-zookeeper/Chart.yaml b/kubernetes/portal/charts/portal-zookeeper/Chart.yaml index fc02f4df58..b6bacff6a3 100644 --- a/kubernetes/portal/charts/portal-zookeeper/Chart.yaml +++ b/kubernetes/portal/charts/portal-zookeeper/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Zookeeper for ONAP Portal name: portal-zookeeper -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/portal/requirements.yaml b/kubernetes/portal/requirements.yaml index 897df32ce0..0ba9e4746c 100644 --- a/kubernetes/portal/requirements.yaml +++ b/kubernetes/portal/requirements.yaml @@ -15,5 +15,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/robot/Chart.yaml b/kubernetes/robot/Chart.yaml index 228ea3d4a4..6ccc7a3880 100644 --- a/kubernetes/robot/Chart.yaml +++ b/kubernetes/robot/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: A helm Chart for kubernetes-ONAP Robot name: robot -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/robot/demo-k8s.sh b/kubernetes/robot/demo-k8s.sh index 11d41a37b2..d253ec7f4f 100755 --- a/kubernetes/robot/demo-k8s.sh +++ b/kubernetes/robot/demo-k8s.sh @@ -173,6 +173,14 @@ do TAG="distributeVFWNG" shift ;; + distributeDemoVFWDT) + TAG="DistributeDemoVFWDT" + shift + ;; + instantiateDemoVFWDT) + TAG="instantiateVFWDT" + shift + ;; vfwclosedloop) TAG="vfwclosedloop" shift @@ -189,7 +197,7 @@ set -x POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot) -ETEHOME=/var/opt/OpenECOMP_ETE +ETEHOME=/var/opt/ONAP export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_demo_$key diff --git a/kubernetes/robot/ete-k8s.sh b/kubernetes/robot/ete-k8s.sh index c4059b90c7..aaa3bc83ac 100755 --- a/kubernetes/robot/ete-k8s.sh +++ b/kubernetes/robot/ete-k8s.sh @@ -33,7 +33,7 @@ POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot) TAGS="-i $2" -ETEHOME=/var/opt/OpenECOMP_ETE +ETEHOME=/var/opt/ONAP export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_$2 DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) diff --git a/kubernetes/robot/requirements.yaml b/kubernetes/robot/requirements.yaml index db85323b82..3ee610f486 100644 --- a/kubernetes/robot/requirements.yaml +++ b/kubernetes/robot/requirements.yaml @@ -14,7 +14,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_preload_parameters.py b/kubernetes/robot/resources/config/eteshare/config/integration_preload_parameters.py index 4bcd3d93d5..0ae1047529 100644 --- a/kubernetes/robot/resources/config/eteshare/config/integration_preload_parameters.py +++ b/kubernetes/robot/resources/config/eteshare/config/integration_preload_parameters.py @@ -30,8 +30,7 @@ GLOBAL_PRELOAD_PARAMETERS = { "cloud_env" : "${GLOBAL_INJECTED_CLOUD_ENV}", "install_script_version" : "${GLOBAL_INJECTED_SCRIPT_VERSION}", }, - -# ## + # ## # heat template parameter values for heat template instances created during Vnf-Orchestration test cases # ## "Vnf-Orchestration" : { @@ -40,40 +39,90 @@ GLOBAL_PRELOAD_PARAMETERS = { "unprotected_private_net_cidr" : "192.168.10.0/24", "protected_private_net_id" : "vofwl01_protected${hostid}", "protected_private_net_cidr" : "192.168.20.0/24", - "vfw_private_ip_0" : "192.168.10.100", - "vfw_private_ip_1" : "192.168.20.100", - "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.1", - "vpg_private_ip_0" : "192.168.10.200", - "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.2", - "vsn_private_ip_0" : "192.168.20.250", - "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.3", + "vfw_int_unprotected_private_ip_0" : "192.168.10.100", + "vfw_int_protected_private_ip_0" : "192.168.20.100", + "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.1", + "vfw_int_protected_private_floating_ip" : "192.168.10.200", + "vpg_int_unprotected_private_ip_0" : "192.168.10.200", + "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.2", + "vsn_int_protected_private_ip_0" : "192.168.20.250", + "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.3", "sec_group" : "{{ .Values.openStackSecurityGroup }}", 'vfw_name_0':'vofwl01fwl${hostid}', 'vpg_name_0':'vofwl01pgn${hostid}', "vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", "vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", + "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", + "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", 'vsn_name_0':'vofwl01snk${hostid}' }, "vfwsnk_preload.template": { + "int_unprotected_private_net_id" : "vofwlsnk_unprotected${hostid}", + "int_unprotected_private_subnet_id" : "vofwlsnk_unprotected_sub${hostid}", + "unprotected_private_net_cidr" : "192.168.10.0/24", + "int_protected_private_net_id" : "vofwlsnk_protected${hostid}", + "int_protected_private_subnet_id" : "vofwlsnk_protected_sub${hostid}", + "protected_private_net_cidr" : "192.168.20.0/24", + "vfw_int_unprotected_private_ip_0" : "192.168.10.100", + # this should be the same value as vpg_private_ip_0 + "vfw_int_protected_private_floating_ip" : "192.168.10.200", + "vfw_int_protected_private_ip_0" : "192.168.20.100", + "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.101", + "vsn_int_protected_private_ip_0" : "192.168.20.250", + "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.102", + "sec_group" : "{{ .Values.openStackSecurityGroup }}", + 'vfw_name_0':'vofwl01fwl${hostid}', + 'vsn_name_0':'vofwl01snk${hostid}', + "vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", + "vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", + "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + }, + "vpkg_preload.template": { + "unprotected_private_net_id" : "vofwlsnk_unprotected${hostid}", + "unprotected_private_subnet_id" : "vofwlsnk_unprotected_sub${hostid}", + "unprotected_private_net_cidr" : "192.168.10.0/24", + "protected_private_net_cidr" : "192.168.20.0/24", + "vfw_private_ip_0" : "192.168.10.100", + "vpg_unprotected_private_ip_0" : "192.168.10.200", + "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.103", + "vsn_private_ip_0" : "192.168.20.250", + "sec_group" : "{{ .Values.openStackSecurityGroup }}", + 'vpg_name_0':'vofwl01pgn${hostid}', + "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", + "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + }, + # vFWDT preload data + "vfwdt_vpkg_preload.template": { "unprotected_private_net_id" : "vofwlsnk_unprotected${hostid}", "unprotected_private_subnet_id" : "vofwlsnk_unprotected_sub${hostid}", "unprotected_private_net_cidr" : "192.168.10.0/24", - "protected_private_net_id" : "vofwlsnk_protected${hostid}", - "protected_private_subnet_id" : "vofwlsnk_protected_sub${hostid}", "protected_private_net_cidr" : "192.168.20.0/24", "vfw_private_ip_0" : "192.168.10.100", - "vfw_private_ip_1" : "192.168.20.100", - "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.101", "vpg_private_ip_0" : "192.168.10.200", + "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.103", "vsn_private_ip_0" : "192.168.20.250", - "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.102", "sec_group" : "{{ .Values.openStackSecurityGroup }}", - 'vfw_name_0':'vofwl01fwl${hostid}', - 'vsn_name_0':'vofwl01snk${hostid}', + 'vpg_name_0':'vofwl01pgn${hostid}', + "vfw_name_0": "vofwl01vfw${hostid}", + "vsn_name_0": "vofwl01snk${hostid}", "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "protected_private_net_id" : "vofwlsnk01_protected${hostid}", + "protected_private_subnet_id" : "vofwlsnk01_protected_sub${hostid}", + "ext_private_net_id": "onap_oam_ext", + "ext_private_subnet_id": "onap_oam_ext_sub", + "ext_private_net_cidr": "10.100.0.0/16", + "vfw_private_ip_1": "192.168.20.100", + "vfw_private_ip_2": "10.0.110.1", + "vfw_private_ip_3": "10.100.100.1", + "vsn_private_ip_1": "10.0.110.3", + "vsn_private_ip_0": "192.168.20.250", + "vsn_private_ip_2": "10.100.100.3", }, - "vpkg_preload.template": { + "vfwdt_vfwsnk0_preload.template": { "unprotected_private_net_id" : "vofwlsnk_unprotected${hostid}", "unprotected_private_subnet_id" : "vofwlsnk_unprotected_sub${hostid}", "unprotected_private_net_cidr" : "192.168.10.0/24", @@ -84,43 +133,95 @@ GLOBAL_PRELOAD_PARAMETERS = { "vsn_private_ip_0" : "192.168.20.250", "sec_group" : "{{ .Values.openStackSecurityGroup }}", 'vpg_name_0':'vofwl01pgn${hostid}', + "vsn_name_0": "vofwl01snk${hostid}", + "vfw_name_0": "vofwl01vfw${hostid}", + "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", + "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "protected_private_net_id" : "vofwlsnk01_protected${hostid}", + "protected_private_subnet_id" : "vofwlsnk01_protected_sub${hostid}", + "ext_private_net_id": "onap_oam_ext", + "ext_private_subnet_id": "onap_oam_ext_sub", + "ext_private_net_cidr": "10.100.0.0/16", + "vfw_private_ip_1": "192.168.20.100", + "vfw_private_ip_2": "10.0.110.1", + "vfw_private_ip_3": "10.100.100.1", + "vsn_private_ip_1": "10.0.110.3", + "vsn_private_ip_0": "192.168.20.250", + "vpg_private_ip_2": "10.100.100.2", + "vsn_private_ip_1": "10.0.110.3", + "vsn_private_ip_0": "192.168.20.250", + "vsn_private_ip_2": "10.100.100.3" + }, + "vfwdt_vfwsnk1_preload.template": { + "unprotected_private_net_id" : "vofwlsnk_unprotected${hostid}", + "unprotected_private_subnet_id" : "vofwlsnk_unprotected_sub${hostid}", + "unprotected_private_net_cidr" : "192.168.10.0/24", + "protected_private_net_cidr" : "192.168.20.0/24", + "vfw_private_ip_0" : "192.168.10.110", + "vpg_private_ip_0" : "192.168.10.200", + "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.103", + "vsn_private_ip_0" : "192.168.20.250", + "sec_group" : "{{ .Values.openStackSecurityGroup }}", + 'vpg_name_0':'vofwl01pgn${hostid}', + "vsn_name_0": "vofwl01snk${hostid}", + "vfw_name_0": "vofwl01vfw${hostid}", "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "protected_private_net_id" : "vofwlsnk01_protected${hostid}", + "protected_private_subnet_id" : "vofwlsnk01_protected_sub${hostid}", + "ext_private_net_id": "onap_oam_ext", + "ext_private_subnet_id": "onap_oam_ext_sub", + "ext_private_net_cidr": "10.100.0.0/16", + "vfw_private_ip_1": "192.168.20.110", + "vfw_private_ip_2": "10.0.110.4", + "vfw_private_ip_3": "10.100.100.4", + "vpg_private_ip_0": "192.168.10.200", + "vpg_private_ip_1": "10.0.110.2", + "vpg_private_ip_2": "10.100.100.2", + "vsn_private_ip_0": "192.168.20.240", + "vsn_private_ip_1": "10.0.110.5", + "vsn_private_ip_2": "10.100.100.5" }, "vlb_preload.template" : { "vlb_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}", "vlb_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", - "vlb_private_net_id" : "volb01_private${hostid}", - "pktgen_private_net_id" : "volb01_pktgen${hostid}", - "vlb_private_net_cidr" : "192.168.30.0/24", - "vlb_private_ip_0" : "192.168.30.100", - "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.4", - "vdns_private_ip_0" : "192.168.30.110", - "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.5", - "sec_group" : "{{ .Values.openStackSecurityGroup }}", + "vdns_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}", + "vdns_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}", + "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", 'vlb_name_0':'vovlblb${hostid}', 'vdns_name_0':'vovlbdns${hostid}', + "vpg_name_0" : "vovlbpgn${hostid}", + "vlb_private_net_id" : "volb01_private${hostid}", + "vlb_private_net_cidr" : "192.168.30.0/24", + "pktgen_private_net_id" : "volb01_pktgen${hostid}", "pktgen_private_net_cidr" : "192.168.9.0/24", - "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.7", + "vlb_int_private_ip_0" : "192.168.30.100", + "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.4", + "vlb_int_pktgen_private_ip_0" : "192.168.9.111", + "vdns_int_private_ip_0" : "192.168.30.110", + "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.5", + "vpg_int_pktgen_private_ip_0" : "192.168.9.110", + "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.7", + "sec_group" : "{{ .Values.openStackSecurityGroup }}", "pg_int" : "192.168.9.109", - "vpg_private_ip_0" : "192.168.9.110", - "vlb_private_ip_2" : "192.168.9.111", "vip" : "192.168.9.112", "gre_ipaddr" : "192.168.30.112", - "vpg_name_0" : "vovlbpgn${hostid}", "vnf_id" : "vLoadBalancer_${hostid}", "vf_module_id" : "vLoadBalancer" }, "dnsscaling_preload.template" : { - "vlb_private_net_id" : "volb01_private${hostid}", - "vlb_private_ip_0" : "192.168.30.100", - "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.4", - "vdns_private_ip_0" : "192.168.30.222", - "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.6", + "int_private_net_id" : "vLBMS_volb01_private${hostid}", + "int_private_subnet_id" : "vLBMS_volb01_private${hostid}_subnet", + "vlb_int_private_ip_0" : "192.168.30.100", + "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.4", + "vlb_int_pktgen_private_ip_0" : "192.168.9.111", + "vdns_int_private_ip_0" : "192.168.30.222", + "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.6", "sec_group" : "{{ .Values.openStackSecurityGroup }}", - 'scaling_vdns_name_0':'vovlbscaling${hostid}', - "vlb_private_net_cidr" : "192.168.10.0/24" + 'vdns_name_0':'vovlbscaling${hostid}', + "vlb_private_net_cidr" : "192.168.30.0/24" }, "vims_preload.template" : { "bono_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", @@ -149,90 +250,105 @@ GLOBAL_PRELOAD_PARAMETERS = { }, # heat template parameter values for heat template instances created during Closed-Loop test cases "Closed-Loop" : { - "vfw_preload.template": { + "vfw_preload.template": { "unprotected_private_net_id" : "clfwl01_unprotected${hostid}", "unprotected_private_net_cidr" : "192.168.110.0/24", "protected_private_net_id" : "clfwl01_protected${hostid}", "protected_private_net_cidr" : "192.168.120.0/24", - "vfw_private_ip_0" : "192.168.110.100", - "vfw_private_ip_1" : "192.168.120.100", - "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.11", - "vpg_private_ip_0" : "192.168.110.200", - "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.12", - "vsn_private_ip_0" : "192.168.120.250", - "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.13", + "vfw_int_unprotected_private_ip_0" : "192.168.110.100", + "vfw_int_protected_private_ip_0" : "192.168.120.100", + "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.11", + "vfw_int_protected_private_floating_ip" : "192.168.110.200", + "vpg_int_unprotected_private_ip_0" : "192.168.110.200", + "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.12", + "vsn_int_protected_private_ip_0" : "192.168.120.250", + "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.13", "sec_group" : "{{ .Values.openStackSecurityGroup }}", 'vfw_name_0':'clfwl01fwl${hostid}', 'vpg_name_0':'clfwl01pgn${hostid}', "vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", "vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", + "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", + "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", 'vsn_name_0':'clfwl01snk${hostid}' }, "vfwsnk_preload.template": { - "unprotected_private_net_id" : "clfwlsnk_unprotected${hostid}", - "unprotected_private_subnet_id" : "clfwlsnk_unprotected_sub${hostid}", + "int_unprotected_private_net_id" : "clfwlsnk_unprotected${hostid}", + "int_unprotected_private_subnet_id" : "clfwlsnk_unprotected_sub${hostid}", "unprotected_private_net_cidr" : "192.168.10.0/24", - "protected_private_net_id" : "clfwlsnk_protected${hostid}", - "protected_private_subnet_id" : "clfwlsnk_protected_sub${hostid}", + "int_protected_private_net_id" : "clfwlsnk_protected${hostid}", + "int_protected_private_subnet_id" : "clfwlsnk_protected_sub${hostid}", "protected_private_net_cidr" : "192.168.20.0/24", - "vfw_private_ip_0" : "192.168.10.100", - "vfw_private_ip_1" : "192.168.20.100", - "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.111", - "vpg_private_ip_0" : "192.168.10.200", - "vsn_private_ip_0" : "192.168.20.250", - "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.112", + "vfw_int_unprotected_private_ip_0" : "192.168.10.100", + # this should be the same value as vpg_private_ip_0 + "vfw_int_protected_private_floating_ip" : "192.168.10.200", + "vfw_int_protected_private_ip_0" : "192.168.20.100", + "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.111", + "vsn_int_protected_private_ip_0" : "192.168.20.250", + "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.112", "sec_group" : "{{ .Values.openStackSecurityGroup }}", 'vfw_name_0':'clfwl01fwl${hostid}', 'vsn_name_0':'clfwl01snk${hostid}', - "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", - "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", + "vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", + "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", }, "vpkg_preload.template": { - "unprotected_private_net_id" : "clfwlsnk_unprotected${hostid}", - "unprotected_private_subnet_id" : "clfwlsnk_unprotected_sub${hostid}", + "unprotected_private_net_id" : "vFWSNK_clfwlsnk_unprotected${hostid}", + "unprotected_private_subnet_id" : "vFWSNK_clfwlsnk_unprotected_sub${hostid}", "unprotected_private_net_cidr" : "192.168.10.0/24", "protected_private_net_cidr" : "192.168.20.0/24", "vfw_private_ip_0" : "192.168.10.100", - "vpg_private_ip_0" : "192.168.10.200", - "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.113", + "vpg_unprotected_private_ip_0" : "192.168.10.200", + "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.113", "vsn_private_ip_0" : "192.168.20.250", "sec_group" : "{{ .Values.openStackSecurityGroup }}", 'vpg_name_0':'clfwl01pgn${hostid}', - "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", - "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", + "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", }, + # vLBMS "vlb_preload.template" : { "vlb_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}", "vlb_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", - "vlb_private_net_id" : "cllb01_private${hostid}", - "pktgen_private_net_id" : "cllb01_pktgen${hostid}", - "vlb_private_net_cidr" : "192.168.30.0/24", - "vlb_private_ip_0" : "192.168.30.100", - "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.14", - "vdns_private_ip_0" : "192.168.30.110", - "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.15", - "sec_group" : "{{ .Values.openStackSecurityGroup }}", + "vdns_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}", + "vdns_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}", + "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", 'vlb_name_0':'clvlblb${hostid}', 'vdns_name_0':'clvlbdns${hostid}', + "vpg_name_0" : "clvlbpgn${hostid}", + "vlb_private_net_id" : "cllb01_private${hostid}", + "vlb_private_net_cidr" : "192.168.30.0/24", + "pktgen_private_net_id" : "cllb01_pktgen${hostid}", "pktgen_private_net_cidr" : "192.168.9.0/24", - "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.17", + "vlb_int_private_ip_0" : "192.168.30.100", + "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.14", + "vlb_int_pktgen_private_ip_0" : "192.168.9.111", + "vdns_int_private_ip_0" : "192.168.30.110", + "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.15", + "vpg_int_pktgen_private_ip_0" : "192.168.9.110", + "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.17", + "sec_group" : "{{ .Values.openStackSecurityGroup }}", "pg_int" : "192.168.9.109", - "vpg_private_ip_0" : "192.168.9.110", - "vlb_private_ip_2" : "192.168.9.111", "vip" : "192.168.9.112", "gre_ipaddr" : "192.168.30.112", - "vpg_name_0" : "clvlbpgn${hostid}", "vnf_id" : "vLoadBalancer_${hostid}", "vf_module_id" : "vLoadBalancer" }, "dnsscaling_preload.template" : { - "vlb_private_net_id" : "cllb01_private${hostid}", - "vlb_private_ip_0" : "192.168.130.100", - "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.14", - "vdns_private_ip_0" : "192.168.130.222", - "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.16", + "int_private_net_id" : "vLBMS_cllb01_private${hostid}", + "int_private_subnet_id" : "vLBMS_cllb01_private${hostid}_subnet", + "vlb_int_private_ip_0" : "192.168.30.100", + "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.14", + "vlb_int_pktgen_private_ip_0" : "192.168.9.111", + "vdns_int_private_ip_0" : "192.168.30.222", + "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.16", "sec_group" : "{{ .Values.openStackSecurityGroup }}", - 'scaling_vdns_name_0':'clvlbscaling${hostid}', + 'vdns_name_0':'clvlbscaling${hostid}', "vlb_private_net_cidr" : "192.168.10.0/24" }, "vims_preload.template" : { @@ -266,86 +382,101 @@ GLOBAL_PRELOAD_PARAMETERS = { "unprotected_private_net_cidr" : "192.168.110.0/24", "protected_private_net_id" : "demofwl_protected", "protected_private_net_cidr" : "192.168.120.0/24", - "vfw_private_ip_0" : "192.168.110.100", - "vfw_private_ip_1" : "192.168.120.100", - "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.11", - "vpg_private_ip_0" : "192.168.110.200", - "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.12", - "vsn_private_ip_0" : "192.168.120.250", - "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.13", + "vfw_int_unprotected_private_ip_0" : "192.168.110.100", + "vfw_int_protected_private_ip_0" : "192.168.120.100", + "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.11", + "vpg_int_unprotected_private_ip_0" : "192.168.110.200", + "vfw_int_protected_private_floating_ip" : "192.168.110.200", + "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.12", + "vsn_int_protected_private_ip_0" : "192.168.120.250", + "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.13", "sec_group" : "{{ .Values.openStackSecurityGroup }}", 'vfw_name_0':'demofwl01fwl', 'vpg_name_0':'demofwl01pgn', "vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", "vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", + "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", + "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", 'vsn_name_0':'demofwl01snk' }, "vfwsnk_preload.template": { - "unprotected_private_net_id" : "demofwlsnk_unprotected${hostid}", - "unprotected_private_subnet_id" : "demofwlsnk_unprotected_sub${hostid}", + "int_unprotected_private_net_id" : "demofwlsnk_unprotected${hostid}", + "int_unprotected_private_subnet_id" : "demofwlsnk_unprotected_sub${hostid}", "unprotected_private_net_cidr" : "192.168.10.0/24", - "protected_private_net_id" : "demofwlsnk_protected${hostid}", - "protected_private_subnet_id" : "vofwlsnk_protected_sub${hostid}", + "int_protected_private_net_id" : "demofwlsnk_protected${hostid}", + "int_protected_private_subnet_id" : "vofwlsnk_protected_sub${hostid}", "protected_private_net_cidr" : "192.168.20.0/24", - "vfw_private_ip_0" : "192.168.10.100", - "vfw_private_ip_1" : "192.168.20.100", - "vfw_private_ip_2" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.121", - "vpg_private_ip_0" : "192.168.10.200", - "vsn_private_ip_0" : "192.168.20.250", - "vsn_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.122", + "vfw_int_unprotected_private_ip_0" : "192.168.10.100", + # this should be the same value as vpg_private_ip_0 + "vfw_int_protected_private_floating_ip" : "192.168.10.200", + "vfw_int_protected_private_ip_0" : "192.168.20.100", + "vfw_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.121", + "vsn_int_protected_private_ip_0" : "192.168.20.250", + "vsn_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.122", "sec_group" : "{{ .Values.openStackSecurityGroup }}", 'vfw_name_0':'${generic_vnf_name}', 'vsn_name_0':'demofwl01snk${hostid}', - "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", - "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "vfw_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", + "vfw_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "vsn_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", + "vsn_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", }, "vpkg_preload.template": { - "unprotected_private_net_id" : "demofwlsnk_unprotected${hostid}", - "unprotected_private_subnet_id" : "demofwlsnk_unprotected_sub${hostid}", + "unprotected_private_net_id" : "vFWSNK_demofwlsnk_unprotected${hostid}", + "unprotected_private_subnet_id" : "vFWSNK_demofwlsnk_unprotected_sub${hostid}", "unprotected_private_net_cidr" : "192.168.10.0/24", "protected_private_net_cidr" : "192.168.20.0/24", "vfw_private_ip_0" : "192.168.10.100", - "vpg_private_ip_0" : "192.168.10.200", - "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.123", + "vpg_unprotected_private_ip_0" : "192.168.10.200", + "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.123", "vsn_private_ip_0" : "192.168.20.250", "sec_group" : "{{ .Values.openStackSecurityGroup }}", 'vpg_name_0':'demofwl01pgn${hostid}', - "image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", - "flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}" + "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", + "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}" }, + # vLBMS "vlb_preload.template" : { "vlb_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}", "vlb_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", - "vlb_private_net_id" : "demolb_private${hostid}", - "pktgen_private_net_id" : "demolb_pktgen${hostid}", - "vlb_private_net_cidr" : "192.168.30.0/24", - "vlb_private_ip_0" : "192.168.30.100", - "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.24", - "vdns_private_ip_0" : "192.168.30.110", - "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.25", - "sec_group" : "{{ .Values.openStackSecurityGroup }}", + "vdns_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}", + "vdns_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", + "vpg_image_name" : "${GLOBAL_INJECTED_UBUNTU_1604_IMAGE}", + "vpg_flavor_name" : "${GLOBAL_INJECTED_VM_FLAVOR}", 'vlb_name_0':'demovlblb${hostid}', 'vdns_name_0':'demovlbdns${hostid}', + "vpg_name_0" : "clvlbpgn${hostid}", + "vlb_private_net_id" : "demolb_private${hostid}", + "vlb_private_net_cidr" : "192.168.30.0/24", + "pktgen_private_net_id" : "demolb_pktgen${hostid}", "pktgen_private_net_cidr" : "192.168.9.0/24", - "vpg_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.27", + "vlb_int_private_ip_0" : "192.168.30.100", + "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.24", + "vlb_int_pktgen_private_ip_0" : "192.168.9.111", + "vdns_int_private_ip_0" : "192.168.30.110", + "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.25", + "vpg_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.27", + "vpg_int_pktgen_private_ip_0" : "192.168.9.110", "pg_int" : "192.168.9.109", - "vpg_private_ip_0" : "192.168.9.110", - "vlb_private_ip_2" : "192.168.9.111", "vip" : "192.168.9.112", "gre_ipaddr" : "192.168.30.112", - "vpg_name_0" : "clvlbpgn${hostid}", "vnf_id" : "vLoadBalancer_${hostid}", - "vf_module_id" : "vLoadBalancer" + "vf_module_id" : "vLoadBalancer", + "sec_group" : "{{ .Values.openStackSecurityGroup }}" }, "dnsscaling_preload.template" : { - "vlb_private_net_id" : "demolb_private${hostid}", - "vlb_private_ip_0" : "192.168.130.100", - "vlb_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.24", - "vdns_private_ip_0" : "192.168.130.222", - "vdns_private_ip_1" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.26", + "int_private_net_id" : "vLBMS_demolb_private${hostid}", + "int_private_subnet_id" : "vLBMS_demolb_private${hostid}_subnet", + "vlb_int_private_ip_0" : "192.168.30.100", + "vlb_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.24", + "vlb_int_pktgen_private_ip_0" : "192.168.9.111", + "vdns_int_private_ip_0" : "192.168.30.222", + "vdns_onap_private_ip_0" : "{{.Values.openStackOamNetworkCidrPrefix}}.${ecompnet}.26", "sec_group" : "{{ .Values.openStackSecurityGroup }}", - 'scaling_vdns_name_0':'demovlbscaling${hostid}', - "vlb_private_net_cidr" : "192.168.10.0/24" + 'vdns_name_0':'demovlbscaling${hostid}', + "vlb_private_net_cidr" : "192.168.30.0/24" }, "vims_preload.template" : { "bono_image_name" : "${GLOBAL_INJECTED_UBUNTU_1404_IMAGE}", diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py index a37692f4b6..5e6288e5e7 100644 --- a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py @@ -27,7 +27,7 @@ GLOBAL_APPC_SERVER_PORT = "8282" GLOBAL_APPC_USERNAME = "{{ .Values.appcUsername }}" GLOBAL_APPC_PASSWORD = "{{ .Values.appcPassword }}" GLOBAL_APPC_CDT_SERVER_PROTOCOL = "http" -GLOBAL_APPC_CDT_SERVER_PORT = "80" +GLOBAL_APPC_CDT_SERVER_PORT = "18080" GLOBAL_APPC_CDT_USERNAME = "demo" # sdc info - everything is from the private oam network (also called onap private network) GLOBAL_ASDC_SERVER_PROTOCOL = "http" @@ -65,22 +65,19 @@ GLOBAL_LOG_ELASTICSEARCH_PORT = "9200" GLOBAL_LOG_LOGSTASH_PORT = "9600" GLOBAL_LOG_KIBANA_PORT = "5601" # pomba info - NOTE: no pomba is run in HEAT; only on OOM -GLOBAL_POMBA_SERVER_PROTOCOL = "http" +GLOBAL_POMBA_SERVER_PROTOCOL_HTTP = "http" +GLOBAL_POMBA_SERVER_PROTOCOL_HTTPS = "https" GLOBAL_POMBA_AAICONTEXTBUILDER_PORT = "9530" GLOBAL_POMBA_SDCCONTEXTBUILDER_PORT = "9530" GLOBAL_POMBA_NETWORKDISCCONTEXTBUILDER_PORT = "9530" -# vvp info -GLOBAL_VVP_SERVER_PROTOCOL = "http" -GLOBAL_VVP_CI_UWSGI_PORT = "8282" -GLOBAL_VVP_CMS_UWSGI_PORT1 = "80" -GLOBAL_VVP_EM_UWSGI_PORT = "80" -GLOBAL_VVP_EXT_HAPROXY_PORT1 = "80" -GLOBAL_VVP_GITLAB_PORT1 = "80" -GLOBAL_VVP_IMAGESCANNER_PORT = "80" -GLOBAL_VVP_INT_HAPROXY_PORT1 = "80" -GLOBAL_VVP_JENKINS_PORT = "8080" -GLOBAL_VVP_POSTGRES_PORT = "5432" -GLOBAL_VVP_REDIS_PORT = "6379" +GLOBAL_POMBA_SERVICEDECOMPOSITION_PORT = "9532" +GLOBAL_POMBA_SDNCCXTBUILDER_PORT = "9530" +GLOBAL_POMBA_NETWORKDISCOVERY_MICROSERVICE_PORT = "9531" +GLOBAL_POMBA_VALIDATIONSERVICE_PORT = "9529" +GLOBAL_POMBA_KIBANA_PORT = "5601" +GLOBAL_POMBA_ELASTICSEARCH_PORT = "9200" +GLOBAL_POMBA_CONTEXTAGGREGATOR_PORT = "9529" + # microservice bus info - everything is from the private oam network (also called onap private network) GLOBAL_MSB_SERVER_PROTOCOL = "http" GLOBAL_MSB_SERVER_PORT = "80" @@ -99,7 +96,7 @@ GLOBAL_MSO_OPENSTACK_SERVER_PORT = "8087" GLOBAL_MSO_REQDB_SERVER_PORT = "8083" GLOBAL_MSO_SDNC_SERVER_PORT = "8086" GLOBAL_MSO_VFC_SERVER_PORT = "8084" - +GLOBAL_MSO_VNFM_SERVER_PORT = "9092" GLOBAL_MSO_USERNAME = "{{ .Values.soUsername }}" GLOBAL_MSO_CATDB_USERNAME = "{{ .Values.soCatdbUsername }}" GLOBAL_MSO_PASSWORD = "{{ .Values.soPassword }}" @@ -163,4 +160,4 @@ GLOBAL_PROXY_WARNING_CONTINUE_XPATH="" # dns info GLOBAL_DNS_TRAFFIC_DURATION = "600" # location where heat templates are loaded from -GLOBAL_HEAT_TEMPLATES_FOLDER = "/var/opt/OpenECOMP_ETE/demo/heat" +GLOBAL_HEAT_TEMPLATES_FOLDER = "/var/opt/ONAP/demo/heat" diff --git a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py index 28f1f20141..6684bcab05 100644 --- a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py @@ -35,16 +35,13 @@ GLOBAL_INJECTED_LOG_LOGSTASH_IP_ADDR = "log-ls-http.{{include "common.namespace" GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR = "pomba-aaictxbuilder.{{include "common.namespace" .}}" GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR = "pomba-sdcctxbuilder.{{include "common.namespace" .}}" GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR = "pomba-networkdiscoveryctxbuilder.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_CI_UWSGI_IP_ADDR = "vvp-ci-uwsgi.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_CMS_UWSGI_IP_ADDR = "vvp-cms-uwsgi.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_EM_UWSGI_IP_ADDR = "vvp-em-uwsgi.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_EXT_HAPROXY_IP_ADDR = "vvp-ext-haproxy.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_GITLAB_IP_ADDR = "vvp-gitlab.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_IMAGESCANNER_IP_ADDR = "vvp-imagescanner.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_INT_HAPROXY_IP_ADDR = "vvp-int-haproxy.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_JENKINS_IP_ADDR = "vvp-jenkins.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_POSTGRES_IP_ADDR = "vvp-postgres.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_REDIS_IP_ADDR = "vvp-redis.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR = "pomba-servicedecomposition.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR = "pomba-sdncctxbuilder.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_NETWORKDISCOVERY_MICROSERVICE_IP_ADDR = "pomba-networkdiscovery.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_VALIDATION_SERVICE_IP_ADDR = "pomba-validation-service.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_KIBANA_IP_ADDR = "pomba-kibana.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_ELASTIC_SEARCH_IP_ADDR = "pomba-es.{{include "common.namespace" .}}" +GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR = "pomba-contextaggregator.{{include "common.namespace" .}}" GLOBAL_INJECTED_KEYSTONE = "{{ .Values.openStackKeyStoneUrl }}" GLOBAL_INJECTED_MR_IP_ADDR = "message-router.{{include "common.namespace" .}}" GLOBAL_INJECTED_MUSIC_IP_ADDR = "music.{{include "common.namespace" .}}" @@ -87,6 +84,7 @@ GLOBAL_INJECTED_SO_OPENSTACK_IP_ADDR = "so-openstack-adapter.{{include "common.n GLOBAL_INJECTED_SO_REQDB_IP_ADDR = "so-request-db-adapter.{{include "common.namespace" .}}" GLOBAL_INJECTED_SO_SDNC_IP_ADDR = "so-sdnc-adapter.{{include "common.namespace" .}}" GLOBAL_INJECTED_SO_VFC_IP_ADDR = "so-vfc-adapter.{{include "common.namespace" .}}" +GLOBAL_INJECTED_SO_VNFM_IP_ADDR = "so-vnfm-adapter.{{include "common.namespace" .}}" GLOBAL_INJECTED_UBUNTU_1404_IMAGE = "{{ .Values.ubuntu14Image }}" GLOBAL_INJECTED_UBUNTU_1604_IMAGE = "{{ .Values.ubuntu16Image }}" GLOBAL_INJECTED_VM_IMAGE_NAME = "{{ .Values.ubuntu14Image }}" @@ -118,16 +116,9 @@ GLOBAL_INJECTED_PROPERTIES = { "GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR" : "pomba-aaictxbuilder.{{include "common.namespace" .}}", "GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR" : "pomba-sdcctxbuilder.{{include "common.namespace" .}}", "GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR" : "pomba-networkdiscovery.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_CI_UWSGI_IP_ADDR" : "vvp-ci-uwsgi.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_CMS_UWSGI_IP_ADDR" : "vvp-cms-uwsgi.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_EM_UWSGI_IP_ADDR" : "vvp-em-uwsgi.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_EXT_HAPROXY_IP_ADDR" : "vvp-ext-haproxy.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_GITLAB_IP_ADDR" : "vvp-gitlab.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_IMAGESCANNER_IP_ADDR" : "vvp-imagescanner.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_INT_HAPROXY_IP_ADDR" : "vvp-int-haproxy.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_JENKINS_IP_ADDR" : "vvp-jenkins.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_POSTGRES_IP_ADDR" : "vvp-postgres.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_REDIS_IP_ADDR" : "vvp-redis.{{include "common.namespace" .}}", + "GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR" : "pomba-servicedecomposition.{{include "common.namespace" .}}", + "GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR" : "pomba-sdncctxbuilder.{{include "common.namespace" .}}", + "GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR" : "pomba-contextaggregator.{{include "common.namespace" .}}", "GLOBAL_INJECTED_MUSIC_IP_ADDR" : "music.{{include "common.namespace" .}}", "GLOBAL_INJECTED_NBI_IP_ADDR" : "nbi.{{include "common.namespace" .}}", "GLOBAL_INJECTED_NETWORK" : "{{ .Values.openStackPrivateNetId }}", @@ -168,6 +159,7 @@ GLOBAL_INJECTED_PROPERTIES = { "GLOBAL_INJECTED_SO_REQDB_IP_ADDR" : "so-request-db-adapter.{{include "common.namespace" .}}", "GLOBAL_INJECTED_SO_SDNC_IP_ADDR" : "so-sdnc-adapter.{{include "common.namespace" .}}", "GLOBAL_INJECTED_SO_VFC_IP_ADDR" : "so-vfc-adapter.{{include "common.namespace" .}}", + "GLOBAL_INJECTED_SO_VNFM_IP_ADDR" : "so-vnfm-adapter.{{include "common.namespace" .}}", "GLOBAL_INJECTED_UBUNTU_1404_IMAGE" : "{{.Values.ubuntu14Image}}", "GLOBAL_INJECTED_UBUNTU_1604_IMAGE" : "{{.Values.ubuntu16Image}}", "GLOBAL_INJECTED_VM_IMAGE_NAME" : "{{ .Values.ubuntu14Image }}", diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml index ede9a045d9..bc80528b69 100755 --- a/kubernetes/robot/values.yaml +++ b/kubernetes/robot/values.yaml @@ -22,7 +22,7 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: onap/testsuite:1.3.2 +image: onap/testsuite:1.4.0-STAGING-latest pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 diff --git a/kubernetes/sdc/Chart.yaml b/kubernetes/sdc/Chart.yaml index e51a7e1399..46e2d5c798 100644 --- a/kubernetes/sdc/Chart.yaml +++ b/kubernetes/sdc/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Service Design and Creation Umbrella Helm charts name: sdc -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/sdc/charts/sdc-be/Chart.yaml b/kubernetes/sdc/charts/sdc-be/Chart.yaml index 827ad834cb..fab2243ba9 100644 --- a/kubernetes/sdc/charts/sdc-be/Chart.yaml +++ b/kubernetes/sdc/charts/sdc-be/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Service Design and Creation Backend API name: sdc-be -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/sdc/charts/sdc-be/values.yaml b/kubernetes/sdc/charts/sdc-be/values.yaml index e69c81a94d..c65aa73913 100644 --- a/kubernetes/sdc/charts/sdc-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-be/values.yaml @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-backend:1.3.5 -backendInitImage: onap/sdc-backend-init:1.3.5 +image: onap/sdc-backend:1.4-STAGING-latest +backendInitImage: onap/sdc-backend-init:1.4-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/charts/sdc-cs/Chart.yaml b/kubernetes/sdc/charts/sdc-cs/Chart.yaml index 4c21c9c6b4..0537757d12 100644 --- a/kubernetes/sdc/charts/sdc-cs/Chart.yaml +++ b/kubernetes/sdc/charts/sdc-cs/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Service Design and Creation Cassandra name: sdc-cs -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/sdc/charts/sdc-cs/values.yaml b/kubernetes/sdc/charts/sdc-cs/values.yaml index 8e50ea03cc..8df00783af 100644 --- a/kubernetes/sdc/charts/sdc-cs/values.yaml +++ b/kubernetes/sdc/charts/sdc-cs/values.yaml @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-cassandra:1.3.5 -cassandraInitImage: onap/sdc-cassandra-init:1.3.5 +image: onap/sdc-cassandra:1.4-STAGING-latest +cassandraInitImage: onap/sdc-cassandra-init:1.4-STAGING-latest pullPolicy: Always diff --git a/kubernetes/sdc/charts/sdc-dcae-be/Chart.yaml b/kubernetes/sdc/charts/sdc-dcae-be/Chart.yaml index dd1f323675..050a093cde 100644 --- a/kubernetes/sdc/charts/sdc-dcae-be/Chart.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-be/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP SDC DCAE Backend client of TOSCALAB and SDC name: sdc-dcae-be -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/configmap.yaml b/kubernetes/sdc/charts/sdc-dcae-be/templates/configmap.yaml index 1d0751a01b..5c922783a4 100644 --- a/kubernetes/sdc/charts/sdc-dcae-be/templates/configmap.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-be/templates/configmap.yaml @@ -17,5 +17,10 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-logging-configmap namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }} \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/Chart.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/Chart.yaml index e7d4830c78..75f5b2bf8c 100644 --- a/kubernetes/sdc/charts/sdc-dcae-dt/Chart.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-dt/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP DCAE desiner composition tool for creating customized templates name: sdc-dcae-dt -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/configmap.yaml b/kubernetes/sdc/charts/sdc-dcae-dt/templates/configmap.yaml index 144bdb719f..a96f3c8902 100644 --- a/kubernetes/sdc/charts/sdc-dcae-dt/templates/configmap.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-dt/templates/configmap.yaml @@ -17,5 +17,10 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-logging-configmap namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }} diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/Chart.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/Chart.yaml index 75825026f3..5679cdeaf5 100644 --- a/kubernetes/sdc/charts/sdc-dcae-fe/Chart.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-fe/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP SDC DCAE UI for service monitoring and MC create and configure name: sdc-dcae-fe -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/configmap.yaml b/kubernetes/sdc/charts/sdc-dcae-fe/templates/configmap.yaml index 144bdb719f..a96f3c8902 100644 --- a/kubernetes/sdc/charts/sdc-dcae-fe/templates/configmap.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-fe/templates/configmap.yaml @@ -17,5 +17,10 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-logging-configmap namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/logging/*").AsConfig . | indent 2 }} diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/Chart.yaml b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/Chart.yaml index 28e25000ee..e69503f217 100644 --- a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/Chart.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-tosca-lab/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Tosca model for component monitoring and descriptors deployment name: sdc-dcae-tosca-lab -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/sdc/charts/sdc-es/Chart.yaml b/kubernetes/sdc/charts/sdc-es/Chart.yaml index cbcfc13f77..7254f682a5 100644 --- a/kubernetes/sdc/charts/sdc-es/Chart.yaml +++ b/kubernetes/sdc/charts/sdc-es/Chart.yaml @@ -14,4 +14,4 @@ apiVersion: v1 description: ONAP Service Design and Creation Elasticsearch name: sdc-es -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/sdc/charts/sdc-es/values.yaml b/kubernetes/sdc/charts/sdc-es/values.yaml index 4fbef96ce0..33ebbe3799 100644 --- a/kubernetes/sdc/charts/sdc-es/values.yaml +++ b/kubernetes/sdc/charts/sdc-es/values.yaml @@ -31,8 +31,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-elasticsearch:1.3.5 -elasticInitImage: onap/sdc-init-elasticsearch:1.3.5 +image: onap/sdc-elasticsearch:1.4-STAGING-latest +elasticInitImage: onap/sdc-init-elasticsearch:1.4-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/charts/sdc-fe/Chart.yaml b/kubernetes/sdc/charts/sdc-fe/Chart.yaml index b8cef2b9d3..a249a5ba75 100644 --- a/kubernetes/sdc/charts/sdc-fe/Chart.yaml +++ b/kubernetes/sdc/charts/sdc-fe/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Service Design and Creation Front End name: sdc-fe -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/sdc/charts/sdc-fe/values.yaml b/kubernetes/sdc/charts/sdc-fe/values.yaml index 2782222fd0..e9b329c9e7 100644 --- a/kubernetes/sdc/charts/sdc-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-fe/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-frontend:1.3.5 +image: onap/sdc-frontend:1.4-STAGING-latest pullPolicy: Always config: @@ -38,8 +38,8 @@ config: dcae_source_url: "http://sdc.dcae.plugin.simpledemo.onap.org:30263/dcaed/#/home" dcae_dt_discovery_url: "http://sdc-dcae-dt:8186/dcae/#/dcae/home" dcae_dt_source_url: "http://sdc.dcae.plugin.simpledemo.onap.org:30265/dcae/#/dcae/home" - workflow_discovery_url: "http://sdc-wfd-fe:8080" - workflow_source_url: "http://sdc.workflow.plugin.simpledemo.onap.org:30256" + workflow_discovery_url: "http://sdc-wfd-fe:8080/workflows" + workflow_source_url: "http://sdc.workflow.plugin.simpledemo.onap.org:30256/workflows/" # default number of instances replicaCount: 1 diff --git a/kubernetes/sdc/charts/sdc-kb/Chart.yaml b/kubernetes/sdc/charts/sdc-kb/Chart.yaml index db4a4629d6..3b87b1e306 100644 --- a/kubernetes/sdc/charts/sdc-kb/Chart.yaml +++ b/kubernetes/sdc/charts/sdc-kb/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Service Design and Creation Kibana name: sdc-kb -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/sdc/charts/sdc-kb/values.yaml b/kubernetes/sdc/charts/sdc-kb/values.yaml index 76c9162f4a..02e1728f9a 100644 --- a/kubernetes/sdc/charts/sdc-kb/values.yaml +++ b/kubernetes/sdc/charts/sdc-kb/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-kibana:1.3.5 +image: onap/sdc-kibana:1.4-STAGING-latest pullPolicy: Always config: diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/Chart.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/Chart.yaml index 59a5672985..9f22430bb1 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/Chart.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Service Design and Creation Onboarding API name: sdc-onboarding-be -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml index 63b320ae0a..c2a52b43b0 100644 --- a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml @@ -28,8 +28,8 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdc-onboard-backend:1.3.5 -onboardingInitImage: onap/sdc-onboard-cassandra-init:1.3.5 +image: onap/sdc-onboard-backend:1.4-STAGING-latest +onboardingInitImage: onap/sdc-onboard-cassandra-init:1.4-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/charts/sdc-wfd-be/Chart.yaml b/kubernetes/sdc/charts/sdc-wfd-be/Chart.yaml index dffba5aa99..feac7ace9a 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/Chart.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Service Design and Creation Workflow Designer backend name: sdc-wfd-be -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl b/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl new file mode 100644 index 0000000000..c69fb7c81c --- /dev/null +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl @@ -0,0 +1,29 @@ +{{- define "sdc-wfd-be.volumes" }} + {{ if .Values.config.cassandraSSLEnabled }} + - name: {{ include "common.fullname" . }}-cassandra-client-truststore + hostPath: + path: /etc/cassandra-client-truststore/truststore + type: File + {{- end }} + {{ if .Values.config.serverSSLEnabled }} + - name: {{ include "common.fullname" . }}-server-https-keystore + hostPath: + path: /config/server-https-keystore/keystore + type: File + {{- end }} +{{- end }} + +{{- define "sdc-wfd-be.volumeMounts" }} + {{ if .Values.config.cassandraSSLEnabled }} + - name: {{ include "common.fullname" . }}-cassandra-client-truststore + mountPath: /etc/cassandra-client-truststore/truststore + subPath: truststore + readOnly: true + {{- end }} + {{ if .Values.config.serverSSLEnabled }} + - name: {{ include "common.fullname" . }}-server-https-keystore + mountPath: /etc/server-https-keystore/keystore + subPath: keystore + readOnly: true + {{- end }} +{{- end }} \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml index 50062a1b9b..bb96d342f7 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml @@ -32,6 +32,7 @@ spec: release: {{ .Release.Name }} spec: initContainers: + {{- if .Values.initJob.enabled }} - name: {{ include "common.name" . }}-job-completion image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}" @@ -46,12 +47,14 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + {{ end }} containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.internalPort2 }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{ if .Values.liveness.enabled }} @@ -73,12 +76,20 @@ spec: value: "{{ .Values.config.cassandraHosts }}" - name: CS_PORT value: "{{ .Values.config.cassandraClientPort }}" + - name: CS_AUTHENTICATE + value: "{{ .Values.config.cassandraAuthenticationEnabled }}" - name: CS_USER valueFrom: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_user} - name: CS_PASSWORD valueFrom: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password} + - name: CS_SSL_ENABLED + value: "{{ .Values.config.cassandraSSLEnabled }}" + - name: CS_TRUST_STORE_PATH + value: "{{ .Values.config.cassandraTrustStorePath }}" + - name: CS_TRUST_STORE_PASSWORD + value: "{{ .Values.config.cassandraTrustStorePassword }}" - name: SDC_PROTOCOL value: "{{ .Values.config.sdcProtocol }}" - name: SDC_ENDPOINT @@ -87,5 +98,17 @@ spec: value: "{{ .Values.config.sdcExternalUser }}" - name: SDC_PASSWORD value: "{{ .Values.config.sdcExternalUserPassword }}" + - name: SERVER_SSL_ENABLED + value: "{{ .Values.config.serverSSLEnabled }}" + - name: SERVER_SSL_KEYSTORE_TYPE + value: "{{ .Values.config.serverSSLKeyStoreType }}" + - name: SERVER_SSL_KEYSTORE_PATH + value: "{{ .Values.config.serverSSLKeyStorePath }}" + - name: SERVER_SSL_KEY_PASSWORD + value: "{{ .Values.config.serverSSLKeyPassword }}" + volumeMounts: + {{- template "sdc-wfd-be.volumeMounts" . }} + volumes: + {{- template "sdc-wfd-be.volumes" . }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml b/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml index 2b142533c7..38f526d215 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml @@ -13,6 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +{{ if .Values.initJob.enabled }} apiVersion: batch/v1 kind: Job metadata: @@ -57,7 +58,7 @@ spec: - name: CS_PORT value: "{{ .Values.config.cassandraThriftClientPort }}" - name: CS_AUTHENTICATE - value: "{{ .Values.config.cassandaAuthenticationEnabled }}" + value: "{{ .Values.config.cassandraAuthenticationEnabled }}" - name: CS_USER valueFrom: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_user} @@ -66,3 +67,4 @@ spec: secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" +{{ end }} \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml index cb55f4a3a5..63554369ed 100644 --- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml @@ -28,16 +28,19 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-backend:1.3.2 -configInitImage: onap/workflow-init:1.3.2 +image: onap/workflow-backend:1.4.0-SNAPSHOT +configInitImage: onap/workflow-init:1.4.0-SNAPSHOT pullPolicy: Always # flag to enable debugging - application support required debugEnabled: false +initJob: + enabled: true + config: javaOptions: "-Xdebug -agentlib:jdwp=transport=dt_socket,address=7001,server=y,suspend=n -Xmx1536m -Xms1536m" - cassandaAuthenticationEnabled: true + cassandraAuthenticationEnabled: true cassandraHosts: sdc-cs cassandraThriftClientPort: 9160 cassandraClientPort: 9042 @@ -45,6 +48,13 @@ config: sdcEndpoint: sdc-be:8080 sdcExternalUser: workflow sdcExternalUserPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + serverSSLEnabled: false + serverSSLKeyStoreType: jks + serverSSLKeyStorePath: /etc/server-https-keystore/keystore + serverSSLKeyPassword: password + cassandraSSLEnabled: false + cassandraTrustStorePath: /etc/cassandra-client-truststore/truststore + cassandraTrustStorePassword: password # default number of instances replicaCount: 1 @@ -69,6 +79,8 @@ service: type: NodePort internalPort: 8080 externalPort: 8080 + internalPort2: 8443 + externalPort2: 8443 portName: sdc-wfd-be nodePort: "57" diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/Chart.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/Chart.yaml index 8498477aaa..d5e69279cc 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/Chart.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Service Design and Creation Workflow Designer frontend name: sdc-wfd-fe -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml new file mode 100644 index 0000000000..d051eafead --- /dev/null +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml @@ -0,0 +1,39 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{- if .Values.ingress.enabled }} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ include "common.fullname" . }}-ingress + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: + rules: + - http: + paths: + - path: /workflows/ + backend: + serviceName: {{.Values.service.name}} + servicePort: {{.Values.service.internalPort}} +{{ end }} + diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml index 5d942e16f7..d9b4dee17e 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-frontend:1.3.2 +image: onap/workflow-frontend:1.4.0-SNAPSHOT pullPolicy: Always # flag to enable debugging - application support required @@ -65,6 +65,15 @@ service: ingress: enabled: false + annotations: + ingress.kubernetes.io/secure-backends: "false" + nginx.ingress.kubernetes.io/secure-backends: "false" + nginx.ingress.kubernetes.io/proxy-body-size: "0" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + nginx.ingress.kubernetes.io/backend-protocol: "HTTP" + nginx.ingress.kubernetes.io/rewrite-target: /workflows/ + nginx.ingress.kubernetes.io/server-snippet: | + underscores_in_headers on; resources: {} # We usually recommend not to specify default resources and to leave this as a conscious diff --git a/kubernetes/sdc/requirements.yaml b/kubernetes/sdc/requirements.yaml index 849843d31c..6f49b16ca9 100644 --- a/kubernetes/sdc/requirements.yaml +++ b/kubernetes/sdc/requirements.yaml @@ -15,5 +15,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/sdc/resources/config/environments/AUTO.json b/kubernetes/sdc/resources/config/environments/AUTO.json index bb5df2bf90..be9db4cd52 100755 --- a/kubernetes/sdc/resources/config/environments/AUTO.json +++ b/kubernetes/sdc/resources/config/environments/AUTO.json @@ -80,6 +80,7 @@ }, "cassandra": { + "cassandra_port": 9042, "concurrent_reads": "32", "num_tokens": "256", "data_dir": "/var/lib/cassandra/data", diff --git a/kubernetes/sdnc/Chart.yaml b/kubernetes/sdnc/Chart.yaml index 6d12ea7f73..7b04c64e6e 100644 --- a/kubernetes/sdnc/Chart.yaml +++ b/kubernetes/sdnc/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: SDN Controller name: sdnc -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/sdnc/charts/dmaap-listener/Chart.yaml b/kubernetes/sdnc/charts/dmaap-listener/Chart.yaml index 866a8d4280..aceda60ae0 100644 --- a/kubernetes/sdnc/charts/dmaap-listener/Chart.yaml +++ b/kubernetes/sdnc/charts/dmaap-listener/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: SDNC DMaaP Listener name: dmaap-listener -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/sdnc/charts/dmaap-listener/requirements.yaml b/kubernetes/sdnc/charts/dmaap-listener/requirements.yaml index 9f23fac6f8..71fbbc5ce9 100644 --- a/kubernetes/sdnc/charts/dmaap-listener/requirements.yaml +++ b/kubernetes/sdnc/charts/dmaap-listener/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/sdnc/charts/dmaap-listener/values.yaml b/kubernetes/sdnc/charts/dmaap-listener/values.yaml index 917a6a2b20..f88b6adfc5 100644 --- a/kubernetes/sdnc/charts/dmaap-listener/values.yaml +++ b/kubernetes/sdnc/charts/dmaap-listener/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-dmaap-listener-image:1.4.3 +image: onap/sdnc-dmaap-listener-image:1.5-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required @@ -91,4 +91,4 @@ resources: requests: cpu: 1 memory: 2Gi - unlimited: {} \ No newline at end of file + unlimited: {} diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/Chart.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/Chart.yaml index 013131d44d..de678bf4ed 100644 --- a/kubernetes/sdnc/charts/sdnc-ansible-server/Chart.yaml +++ b/kubernetes/sdnc/charts/sdnc-ansible-server/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: SDN-C Ansible Server name: sdnc-ansible-server -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/requirements.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/requirements.yaml index 896eaf4baa..1d30dfd918 100644 --- a/kubernetes/sdnc/charts/sdnc-ansible-server/requirements.yaml +++ b/kubernetes/sdnc/charts/sdnc-ansible-server/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/templates/deployment.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/templates/deployment.yaml index 1f14dd3157..75596226b5 100644 --- a/kubernetes/sdnc/charts/sdnc-ansible-server/templates/deployment.yaml +++ b/kubernetes/sdnc/charts/sdnc-ansible-server/templates/deployment.yaml @@ -49,6 +49,7 @@ spec: - name: {{ include "common.name" . }} command: ["/bin/bash"] args: ["-c", "cd /opt/onap/ccsdk && ./startAnsibleServer.sh"] + image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml index a9cb46965f..44a3f96355 100644 --- a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-ansible-server-image:1.4.3 +image: onap/sdnc-ansible-server-image:1.5-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/charts/sdnc-portal/Chart.yaml b/kubernetes/sdnc/charts/sdnc-portal/Chart.yaml index 1484ec5191..9efac5c95a 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/Chart.yaml +++ b/kubernetes/sdnc/charts/sdnc-portal/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: SDN-C Admin Portal name: sdnc-portal -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/sdnc/charts/sdnc-portal/requirements.yaml b/kubernetes/sdnc/charts/sdnc-portal/requirements.yaml index 896eaf4baa..1d30dfd918 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/requirements.yaml +++ b/kubernetes/sdnc/charts/sdnc-portal/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml index 7dc57fd918..df407e6258 100644 --- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml +++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/admportal-sdnc-image:1.4.3 +image: onap/admportal-sdnc-image:1.5-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/charts/ueb-listener/Chart.yaml b/kubernetes/sdnc/charts/ueb-listener/Chart.yaml index ee5c7f91e2..da6342c850 100644 --- a/kubernetes/sdnc/charts/ueb-listener/Chart.yaml +++ b/kubernetes/sdnc/charts/ueb-listener/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: SDNC UEB Listener name: ueb-listener -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/sdnc/charts/ueb-listener/requirements.yaml b/kubernetes/sdnc/charts/ueb-listener/requirements.yaml index 9f23fac6f8..71fbbc5ce9 100644 --- a/kubernetes/sdnc/charts/ueb-listener/requirements.yaml +++ b/kubernetes/sdnc/charts/ueb-listener/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/sdnc/charts/ueb-listener/values.yaml b/kubernetes/sdnc/charts/ueb-listener/values.yaml index c44ba959d3..c1892efadf 100644 --- a/kubernetes/sdnc/charts/ueb-listener/values.yaml +++ b/kubernetes/sdnc/charts/ueb-listener/values.yaml @@ -27,7 +27,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/sdnc-ueb-listener-image:1.4.3 +image: onap/sdnc-ueb-listener-image:1.5-STAGING-latest pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/requirements.yaml b/kubernetes/sdnc/requirements.yaml index 8c16310ce0..56e20672f7 100644 --- a/kubernetes/sdnc/requirements.yaml +++ b/kubernetes/sdnc/requirements.yaml @@ -14,21 +14,22 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' - - name: controller-blueprints - version: ~3.0.0 + - name: cds + version: ~4.x-0 repository: '@local' + condition: cds.enabled - name: mysql - version: ~3.0.0 + version: ~4.x-0 repository: '@local' - name: network-name-gen - version: ~3.0.0 + version: ~4.x-0 repository: '@local' - name: dgbuilder - version: ~3.0.0 + version: ~4.x-0 repository: '@local' - name: sdnc-prom - version: ~3.0.0 + version: ~4.x-0 repository: '@local' condition: config.geoEnabled diff --git a/kubernetes/sdnc/resources/config/bin/startODL.sh b/kubernetes/sdnc/resources/config/bin/startODL.sh index d1b0c995d5..2513fc9dd4 100755 --- a/kubernetes/sdnc/resources/config/bin/startODL.sh +++ b/kubernetes/sdnc/resources/config/bin/startODL.sh @@ -20,17 +20,52 @@ # ============LICENSE_END========================================================= ### +# Append features to karaf boot feature configuration +# $1 additional feature to be added +# $2 repositories to be added (optional) +function addToFeatureBoot() { + CFG=$ODL_HOME/etc/org.apache.karaf.features.cfg + ORIG=$CFG.orig + if [ -n "$2" ] ; then + echo "Add repository: $2" + mv $CFG $ORIG + cat $ORIG | sed -e "\|featuresRepositories|s|$|,$2|" > $CFG + fi + echo "Add boot feature: $1" + mv $CFG $ORIG + cat $ORIG | sed -e "\|featuresBoot *=|s|$|,$1|" > $CFG +} + +# Append features to karaf boot feature configuration +# $1 search pattern +# $2 replacement +function replaceFeatureBoot() { + CFG=$ODL_HOME/etc/org.apache.karaf.features.cfg + ORIG=$CFG.orig + echo "Replace boot feature $1 with: $2" + sed -i "/featuresBoot/ s/$1/$2/g" $CFG +} + +function install_sdnrwt_features() { + addToFeatureBoot "$SDNRWT_BOOTFEATURES" $SDNRWT_REPOSITORY +} + function enable_odl_cluster(){ if [ -z $SDNC_REPLICAS ]; then echo "SDNC_REPLICAS is not configured in Env field" exit fi + #Be sure to remove feature odl-netconf-connector-all from list + replaceFeatureBoot "odl-netconf-connector-all," + echo "Installing Opendaylight cluster features" - mv $ODL_HOME/etc/org.apache.karaf.features.cfg $ODL_HOME/etc/org.apache.karaf.features.cfg.orig - cat $ODL_HOME/etc/org.apache.karaf.features.cfg.orig | sed -e "\|featuresBoot=config|s|$|,odl-mdsal-clustering,odl-jolokia|" > $ODL_HOME/etc/org.apache.karaf.features.cfg + replaceFeatureBoot odl-netconf-topology odl-netconf-clustered-topology + replaceFeatureBoot odl-mdsal-all odl-mdsal-all,odl-mdsal-clustering + addToFeatureBoot odl-jolokia #${ODL_HOME}/bin/client feature:install odl-mdsal-clustering #${ODL_HOME}/bin/client feature:install odl-jolokia + echo "Update cluster information statically" hm=$(hostname) @@ -80,6 +115,7 @@ function enable_odl_cluster(){ ODL_HOME=${ODL_HOME:-/opt/opendaylight/current} ODL_ADMIN_PASSWORD=${ODL_ADMIN_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U} SDNC_HOME=${SDNC_HOME:-/opt/onap/sdnc} +SDNC_BIN=${SDNC_BIN:-/opt/onap/sdnc/bin} CCSDK_HOME=${CCSDK_HOME:-/opt/onap/ccsdk} SLEEP_TIME=${SLEEP_TIME:-120} MYSQL_PASSWD=${MYSQL_PASSWD:-{{.Values.config.dbRootPassword}}} @@ -87,6 +123,13 @@ MYSQL_HOST=${MYSQL_HOST:-{{.Release.Name}}-{{.Values.mysql.nameOverride}}-0.{{.V ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false} GEO_ENABLED=${GEO_ENABLED:-false} DBINIT_DIR=${DBINIT_DIR:-/opt/opendaylight/current/daexim} +SDNRWT=${SDNRWT:-false} +SDNRWT_BOOTFEATURES=${SDNRWT_BOOTFEATURES:-sdnr-wt-feature-aggregator} + +echo "Settings:" +echo " ENABLE_ODL_CLUSTER=$ENABLE_ODL_CLUSTER" +echo " SDNC_REPLICAS=$SDNC_REPLICAS" +echo " SDNRWT=$SDNRWT" # # Wait for database to init properly @@ -128,8 +171,15 @@ then if $ENABLE_ODL_CLUSTER ; then enable_odl_cluster ; fi + if $SDNRWT ; then install_sdnrwt_features ; fi + echo "Installed at `date`" > ${SDNC_HOME}/.installed fi +cp /opt/opendaylight/current/certs/* /tmp + +nohup python ${SDNC_BIN}/installCerts.py & + + exec ${ODL_HOME}/bin/karaf server diff --git a/kubernetes/sdnc/sdnc-prom/Chart.yaml b/kubernetes/sdnc/sdnc-prom/Chart.yaml index d4e5daa03b..4344db0b15 100644 --- a/kubernetes/sdnc/sdnc-prom/Chart.yaml +++ b/kubernetes/sdnc/sdnc-prom/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP SDNC Policy Driven Ownership Management name: sdnc-prom -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/sdnc/sdnc-prom/requirements.yaml b/kubernetes/sdnc/sdnc-prom/requirements.yaml index cf4086962c..509eaddf3d 100644 --- a/kubernetes/sdnc/sdnc-prom/requirements.yaml +++ b/kubernetes/sdnc/sdnc-prom/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/sdnc/templates/pv.yaml b/kubernetes/sdnc/templates/pv.yaml index f10d67ad68..5a6566a80b 100644 --- a/kubernetes/sdnc/templates/pv.yaml +++ b/kubernetes/sdnc/templates/pv.yaml @@ -82,3 +82,35 @@ spec: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}2 {{ end }} {{- end -}} +{{ if .Values.certpersistence.enabled }} +--- +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-pv-certs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-pv-certs + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-certs +spec: + capacity: + storage: {{ .Values.certpersistence.size }} + accessModes: + - {{ .Values.certpersistence.accessMode }} +{{- if .Values.certpersistence.storageClass }} +{{- if (eq "-" .Values.certpersistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.certpersistence.storageClass }}" +{{- end }} +{{- end }} + persistentVolumeReclaimPolicy: {{ .Values.certpersistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.certpersistence.mountPath }}/{{ .Values.certpersistence.mountSubPath }} +{{ end }} + + + diff --git a/kubernetes/sdnc/templates/pvc.yaml b/kubernetes/sdnc/templates/pvc.yaml new file mode 100644 index 0000000000..aa9515b6b5 --- /dev/null +++ b/kubernetes/sdnc/templates/pvc.yaml @@ -0,0 +1,32 @@ +{{- if and .Values.certpersistence.enabled (not .Values.certpersistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" .}}-pvc-certs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-pvc-certs + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.certpersistence.annotations }} + annotations: +{{ toYaml .Values.certpersistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }}-pv-certs + accessModes: + - {{ .Values.certpersistence.accessMode }} + resources: + requests: + storage: {{ .Values.certpersistence.size }} +{{- if .Values.certpersistence.storageClass }} +{{- if (eq "-" .Values.certpersistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.certpersistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} \ No newline at end of file diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index b30ef38bb8..24ca832d24 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -95,6 +95,8 @@ spec: value: "{{ .Values.replicaCount }}" - name: MYSQL_HOST value: "{{.Release.Name}}-{{.Values.mysql.nameOverride}}-0.{{.Values.mysql.service.name}}.{{.Release.Namespace}}" + - name: JAVA_HOME + value: "{{ .Values.config.javaHome}}" volumeMounts: - mountPath: /etc/localtime name: localtime @@ -133,6 +135,8 @@ spec: name: {{ include "common.fullname" . }}-mdsal - mountPath: /var/log/onap name: logs + - mountPath: {{ .Values.certpersistence.certPath }} + name: {{ include "common.fullname" . }}-certs resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -180,6 +184,13 @@ spec: configMap: name: {{ include "common.fullname" . }}-properties defaultMode: 0644 + - name: {{ include "common.fullname" . }}-certs + {{ if .Values.certpersistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-pvc-certs + {{ else }} + emptyDir: {} + {{ end }} {{ if not .Values.persistence.enabled }} - name: {{ include "common.fullname" . }}-mdsal emptyDir: {} @@ -198,4 +209,4 @@ spec: selector: matchLabels: name: {{ include "common.fullname" . }} - {{ end }} + {{ end }} \ No newline at end of file diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index a82f053652..95bc31a96b 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -32,7 +32,7 @@ global: # application images repository: nexus3.onap.org:10001 pullPolicy: Always -image: onap/sdnc-image:1.4.3 +image: onap/sdnc-image:1.5-STAGING-latest # flag to enable debugging - application support required debugEnabled: false @@ -57,8 +57,12 @@ config: logstashPort: 5044 ansibleServiceName: sdnc-ansible-server ansiblePort: 8000 + javaHome: /usr/lib/jvm/java-1.8-openjdk # dependency / sub-chart configuration +cds: + enabled: true + dmaap-listener: nameOverride: sdnc-dmaap-listener config: @@ -194,6 +198,22 @@ persistence: mountSubPath: sdnc/mdsal mdsalPath: /opt/opendaylight/current/daexim +certpersistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 50Mi + mountPath: /dockerdata-nfs + mountSubPath: sdnc/certs + certPath: /opt/opendaylight/current/certs + ##storageClass: "manual" + ingress: enabled: false diff --git a/kubernetes/sniro-emulator/Chart.yaml b/kubernetes/sniro-emulator/Chart.yaml index 6cbeb319d5..1f88ff5097 100644 --- a/kubernetes/sniro-emulator/Chart.yaml +++ b/kubernetes/sniro-emulator/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Mock Sniro Emulator name: sniro-emulator -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/sniro-emulator/requirements.yaml b/kubernetes/sniro-emulator/requirements.yaml index f3e793cfbb..9996777c42 100644 --- a/kubernetes/sniro-emulator/requirements.yaml +++ b/kubernetes/sniro-emulator/requirements.yaml @@ -14,7 +14,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/so/Chart.yaml b/kubernetes/so/Chart.yaml index b8c92cb21a..2c96502dca 100755 --- a/kubernetes/so/Chart.yaml +++ b/kubernetes/so/Chart.yaml @@ -14,4 +14,4 @@ apiVersion: v1 description: ONAP Service Orchestrator name: so -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-bpmn-infra/Chart.yaml b/kubernetes/so/charts/so-bpmn-infra/Chart.yaml index 1de4161d41..cbf3b83aa3 100755 --- a/kubernetes/so/charts/so-bpmn-infra/Chart.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-bpmn-infra -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml index a9eac31405..92c5c78b5f 100755 --- a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml @@ -12,12 +12,16 @@ # See the License for the specific language governing permissions and # limitations under the License. aai: - auth: 65885E7C4E860E420808030D8BC653073E6782CB5026EC8F49E3E5C6F3E27F6A + auth: 221187EFA3AD4E33600DE0488F287099934CE65C3D0697BCECC00BB58E784E07CD74A24581DC31DBC086FF63DF116378776E9BE3D1325885 dme2: timeout: '30000' endpoint: https://aai.{{ include "common.namespace" . }}:8443 workflowAaiDistributionDelay: PT30S pnfEntryNotificationTimeout: P14D +cds: + endpoint: blueprints-processor + port: 9111 + auth: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== camunda: bpm: admin-user: @@ -58,7 +62,7 @@ mso: endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 auth: Basic YnBlbDpwYXNzd29yZDEk db: - auth: 33293332AEC4930F655D8E2E8BB08937 + auth: A3745B5DBE165EFCF101D85A6FC81C211AB8BF604F8861B6C413D5DC90F8F30E0139DE44B8A342F4EF70AF password: wLg4sjrAFUS8rfVfdvTXeQ== endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/services/RequestsDbAdapter spring: @@ -71,8 +75,7 @@ mso: db: endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/services/RequestsDbAdapter po: - auth: 33293332AEC4930F655D8E2E8BB08937 - password: B8EBDE0311F0AF355CF3F2FD505A8CAD + auth: A3745B5DBE165EFCF101D85A6FC81C211AB8BF604F8861B6C413D5DC90F8F30E0139DE44B8A342F4EF70AF sdnc: endpoint: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/SDNCAdapter rest: @@ -122,7 +125,7 @@ mso: endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/ rollback: 'true' sdnc: - password: 3141634BF7E070AA289CF2892C986C0B + password: 1D78CFC35382B6938A989066A7A7EAEF4FE933D2919BABA99EB4763737F39876C333EE5F service: agnostic: sniro: @@ -252,6 +255,9 @@ mso: callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify rollback: callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify + use: + qualified: + host: false global: dmaap: username: testuser @@ -259,8 +265,13 @@ mso: host: http://10.42.111.36:904 publisher: topic: replaceme + naming: + endpoint: http://naming.demo.onap.com:8081/web/service/v1/genNetworkElementName + auth: Basic bTA0NzY4QG5vbi1wcm9kLm1zby5lY29tcC5hdHQuY29tOkF0dG0wNDc2OExpZmUhQA== policy: auth: Basic dGVzdHBkcDphbHBoYTEyMw== + default: + disposition: Skip client: auth: Basic bTAzNzQzOnBvbGljeVIwY2sk endpoint: http://pdp.{{ include "common.namespace" . }}:8081/pdp/api/ @@ -308,16 +319,6 @@ server: tomcat: max-threads: 50 spring: - datasource: - driver-class-name: org.mariadb.jdbc.Driver - url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/camundabpmn - username: ${DB_USERNAME} - password: ${DB_PASSWORD} - dbcp2: - initial-size: 5 - max-total: 20 - validation-query: select 1 - test-on-borrow: true security: usercredentials: - @@ -344,3 +345,8 @@ spring: username: mso_admin password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' role: ACTUATOR +so: + vnfm: + adapter: + url: http://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/ + auth: Basic dm5mbTpwYXNzd29yZDEk diff --git a/kubernetes/so/charts/so-catalog-db-adapter/Chart.yaml b/kubernetes/so/charts/so-catalog-db-adapter/Chart.yaml index 8fd7b921c7..14d42be962 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/Chart.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/Chart.yaml @@ -14,4 +14,4 @@ apiVersion: v1 description: A Helm chart for so-catalog-db-adapter name: so-catalog-db-adapter -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml index 320af6127e..c59949c900 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/resources/config/overrides/override.yaml @@ -39,3 +39,49 @@ spring: #Actuator management: context-path: /manage +cloud_config: + identity_services: + RAX_KEYSTONE: + identity_url: "https://identity.api.rackspacecloud.com/v2.0" + mso_id: "RACKSPACE_ACCOUNT_ID" + mso_pass: "RACKSPACE_ACCOUNT_APIKEY" + admin_tenant: "{{ .Values.config.openStackServiceTenantName }}" + member_role: "admin" + tenant_metadata: true + identity_server_type: "KEYSTONE" + identity_authentication_type: "RACKSPACE_APIKEY" + DEFAULT_KEYSTONE: + identity_url: "{{ .Values.config.openStackKeyStoneUrl }}" + mso_id: "{{ .Values.config.openStackUserName }}" + mso_pass: "{{ .Values.config.openStackEncryptedPasswordHere }}" + admin_tenant: "{{ .Values.config.openStackServiceTenantName }}" + member_role: "admin" + tenant_metadata: true + identity_server_type: "KEYSTONE" + identity_authentication_type: "USERNAME_PASSWORD" + cloud_sites: + Dallas: + region_id: "DFW" + clli: "DFW" + aic_version: "2.5" + identity_service_id: "RAX_KEYSTONE" + Northern Virginia: + region_id: "IAD" + clli: "IAD" + aic_version: "2.5" + identity_service_id: "RAX_KEYSTONE" + Chicago: + region_id: "ORD" + clli: "ORD" + aic_version: "2.5" + identity_service_id: "RAX_KEYSTONE" + RegionOne: + region_id: "RegionOne" + clli: "RegionOne" + aic_version: "2.5" + identity_service_id: "DEFAULT_KEYSTONE" + DEFAULT: + region_id: "{{ .Values.config.openStackRegion }}" + clli: "{{ .Values.config.openStackRegion }}" + aic_version: "2.5" + identity_service_id: "DEFAULT_KEYSTONE" diff --git a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml index a7bf3012f2..beeaf72d57 100755 --- a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml +++ b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml @@ -76,6 +76,13 @@ mariadb: nameOverride: so-mariadb ingress: enabled: false +config: + openStackUserName: "vnf_user" + openStackRegion: "RegionOne" + openStackKeyStoneUrl: "http://1.2.3.4:5000/v2.0" + openStackServiceTenantName: "service" + openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" + openStackTenantId: "d570c718cbc545029f40e50b75eb13df" nodeSelector: {} tolerations: [] affinity: {} diff --git a/kubernetes/so/charts/so-db-secrets/Chart.yaml b/kubernetes/so/charts/so-db-secrets/Chart.yaml index 449976b94a..9dccc6499d 100755 --- a/kubernetes/so/charts/so-db-secrets/Chart.yaml +++ b/kubernetes/so/charts/so-db-secrets/Chart.yaml @@ -14,4 +14,4 @@ apiVersion: v1 description: A Helm chart for DB secrets name: so-db-secrets -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-mariadb/Chart.yaml b/kubernetes/so/charts/so-mariadb/Chart.yaml index 800b660fd6..5e14c56948 100755 --- a/kubernetes/so/charts/so-mariadb/Chart.yaml +++ b/kubernetes/so/charts/so-mariadb/Chart.yaml @@ -14,4 +14,4 @@ apiVersion: v1 description: MariaDB Service name: so-mariadb -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-mariadb/values.yaml b/kubernetes/so/charts/so-mariadb/values.yaml index b1544aa5f7..950b43a360 100755 --- a/kubernetes/so/charts/so-mariadb/values.yaml +++ b/kubernetes/so/charts/so-mariadb/values.yaml @@ -32,7 +32,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: mariadb:10.1.11 +image: mariadb:10.1.38 pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 @@ -40,7 +40,7 @@ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 config: mariadbRootPassword: password # gerrit branch where the latest heat code is checked in - gerritBranch: 3.0.0-ONAP + gerritBranch: master # gerrit project where the latest heat code is checked in gerritProject: http://gerrit.onap.org/r/so/docker-config.git # default number of instances diff --git a/kubernetes/so/charts/so-monitoring/Chart.yaml b/kubernetes/so/charts/so-monitoring/Chart.yaml index f46d9f7876..0ace01dcf2 100644 --- a/kubernetes/so/charts/so-monitoring/Chart.yaml +++ b/kubernetes/so/charts/so-monitoring/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: A Helm chart for ONAP Service Orchestration Monitoring name: so-monitoring -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-openstack-adapter/Chart.yaml b/kubernetes/so/charts/so-openstack-adapter/Chart.yaml index b34c514969..9e9d1808fb 100755 --- a/kubernetes/so/charts/so-openstack-adapter/Chart.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-openstack-adapter -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml index 98b0976314..4b06a87695 100755 --- a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml @@ -11,19 +11,11 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +aai: + auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586 server: port: {{ index .Values.containerPort }} spring: - datasource: - url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb - username: ${DB_ADMIN_USERNAME} - password: ${DB_ADMIN_PASSWORD} - driver-class-name: org.mariadb.jdbc.Driver - dbcp2: - initial-size: 5 - max-total: 20 - validation-query: select 1 - test-on-borrow: true security: usercredentials: - @@ -57,7 +49,7 @@ org: default_keystone_url_version: /v2.0 default_keystone_reg_ex: "/[vV][0-9]" vnf: - bpelauth: A7FC9B308B7AF7A269072BA729A345625E0381E3071DE7EE50603677CB69C515 + bpelauth: D1A67FA93B6A6419132D0F83CC771AF774FD3C60853C50C22C8C6FC5088CC79E9E81EDE9EA39F22B2F66A0068E checkRequiredParameters: true addGetFilesOnVolumeReq: false sockettimeout: 30 @@ -68,12 +60,13 @@ org: valet_enabled: false fail_requests_on_valet_failure: false network: - bpelauth: A7FC9B308B7AF7A269072BA729A345625E0381E3071DE7EE50603677CB69C515 + bpelauth: D1A67FA93B6A6419132D0F83CC771AF774FD3C60853C50C22C8C6FC5088CC79E9E81EDE9EA39F22B2F66A0068E sockettimeout: 5 connecttimeout: 5 retrycount: 5 retryinterval: -15 retrylist: 408,429,500,502,503,504,900 + encryptionKey: 07a7159d3bf51a0e53be7a8f89699be7 tenant: default_keystone_url_version: /v2.0 default_keystone_reg_ex: "/[vV][0-9]" @@ -94,11 +87,22 @@ ecomp: pollTimeout: 7500 pollInterval: 15 mso: + auth: D1A67FA93B6A6419132D0F83CC771AF774FD3C60853C50C22C8C6FC5088CC79E9E81EDE9EA39F22B2F66A0068E logPath: ./logs/openstack + msb-ip: msb-iag.{{ include "common.namespace" . }} + msb-port: 80 + workflow: + endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/sobpmnengine + msoKey: 07a7159d3bf51a0e53be7a8f89699be7 + config: + cadi: + aafId: poBpmn catalog: db: spring: endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082 + aai: + endpoint: https://aai.{{ include "common.namespace" . }}:8443 db: auth: Basic YnBlbDpwYXNzd29yZDEk site-name: localDevEnv @@ -106,49 +110,3 @@ mso: core-pool-size: 50 max-pool-size: 50 queue-capacity: 500 -cloud_config: - identity_services: - RAX_KEYSTONE: - identity_url: "https://identity.api.rackspacecloud.com/v2.0" - mso_id: "RACKSPACE_ACCOUNT_ID" - mso_pass: "RACKSPACE_ACCOUNT_APIKEY" - admin_tenant: "{{ .Values.config.openStackServiceTenantName }}" - member_role: "admin" - tenant_metadata: true - identity_server_type: "KEYSTONE" - identity_authentication_type: "RACKSPACE_APIKEY" - DEFAULT_KEYSTONE: - identity_url: "{{ .Values.config.openStackKeyStoneUrl }}" - mso_id: "{{ .Values.config.openStackUserName }}" - mso_pass: "{{ .Values.config.openStackEncryptedPasswordHere }}" - admin_tenant: "{{ .Values.config.openStackServiceTenantName }}" - member_role: "admin" - tenant_metadata: true - identity_server_type: "KEYSTONE" - identity_authentication_type: "USERNAME_PASSWORD" - cloud_sites: - Dallas: - region_id: "DFW" - clli: "DFW" - aic_version: "2.5" - identity_service_id: "RAX_KEYSTONE" - Northern Virginia: - region_id: "IAD" - clli: "IAD" - aic_version: "2.5" - identity_service_id: "RAX_KEYSTONE" - Chicago: - region_id: "ORD" - clli: "ORD" - aic_version: "2.5" - identity_service_id: "RAX_KEYSTONE" - RegionOne: - region_id: "RegionOne" - clli: "RegionOne" - aic_version: "2.5" - identity_service_id: "DEFAULT_KEYSTONE" - DEFAULT: - region_id: "{{ .Values.config.openStackRegion }}" - clli: "{{ .Values.config.openStackRegion }}" - aic_version: "2.5" - identity_service_id: "DEFAULT_KEYSTONE" diff --git a/kubernetes/so/charts/so-request-db-adapter/Chart.yaml b/kubernetes/so/charts/so-request-db-adapter/Chart.yaml index b03f1ff5b4..0d547b1a1f 100755 --- a/kubernetes/so/charts/so-request-db-adapter/Chart.yaml +++ b/kubernetes/so/charts/so-request-db-adapter/Chart.yaml @@ -14,4 +14,4 @@ apiVersion: v1 description: A Helm chart for request-db-adapter name: so-request-db-adapter -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml index 2755f94f41..7a326d39a9 100755 --- a/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-request-db-adapter/resources/config/overrides/override.yaml @@ -25,26 +25,6 @@ mso: auth: Basic YnBlbDpwYXNzd29yZDEk endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 spring: - datasource: - url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb - username: ${DB_USERNAME} - password: ${DB_PASSWORD} - driver-class-name: org.mariadb.jdbc.Driver - initialize: false - initialization-mode: never - dbcp2: - initial-size: 5 - max-total: 20 - validation-query: select 1 - test-on-borrow: true - jpa: - generate-ddl: false - show-sql: false - hibernate: - ddl-auto: validate - naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy - enable-lazy-load-no-trans: true - database-platform: org.hibernate.dialect.MySQL5InnoDBDialect security: usercredentials: - @@ -58,8 +38,3 @@ spring: #Actuator management: context-path: /manage -flyway: - baseline-on-migrate: true - url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb - user: ${DB_ADMIN_USERNAME} - password: ${DB_ADMIN_PASSWORD} diff --git a/kubernetes/so/charts/so-sdc-controller/Chart.yaml b/kubernetes/so/charts/so-sdc-controller/Chart.yaml index 2d7e66f7f0..5d4b5cc044 100755 --- a/kubernetes/so/charts/so-sdc-controller/Chart.yaml +++ b/kubernetes/so/charts/so-sdc-controller/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-sdc-controller -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml index 370887ee00..bee68e6470 100755 --- a/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-sdc-controller/resources/config/overrides/override.yaml @@ -12,20 +12,10 @@ # See the License for the specific language governing permissions and # limitations under the License. aai: - auth: 65885E7C4E860E420808030D8BC653073E6782CB5026EC8F49E3E5C6F3E27F6A + auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586 server: port: {{ index .Values.containerPort }} spring: - datasource: - url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb - username: ${DB_USERNAME} - password: ${DB_PASSWORD} - driver-class-name: org.mariadb.jdbc.Driver - dbcp2: - initial-size: 5 - max-total: 20 - validation-query: select 1 - test-on-borrow: true security: usercredentials: - @@ -38,15 +28,10 @@ spring: role: ACTUATOR request: datasource: - url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb + jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb username: ${DB_USERNAME} password: ${DB_PASSWORD} driver-class-name: org.mariadb.jdbc.Driver - dbcp2: - initial-size: 5 - max-total: 20 - validation-query: select 1 - test-on-borrow: true mso: msoKey: 07a7159d3bf51a0e53be7a8f89699be7 logPath: ./logs/sdc @@ -71,10 +56,11 @@ mso: consumerId: SO-COpenSource-Env11 environmentName: AUTO asdcAddress: sdc-be.{{ include "common.namespace" . }}:8443 - password: 613AF3483E695524F9857643B697FA51C7A9A0951094F53791485BF3458F9EADA37DBACCCEBD0CB242B85B4062745247 + password: 76966BDD3C7414A03F7037264FF2E6C8EEC6C28F2B67F2840A1ED857C0260FEE731D73F47F828E5527125D29FD25D3E0DE39EE44C058906BF1657DE77BF897EECA93BDC07FA64F pollingInterval: 60 pollingTimeout: 60 relevantArtifactTypes: HEAT,HEAT_ENV,HEAT_VOL + useHttpsWithDmaap: false activateServerTLSAuth: false keyStorePassword: keyStorePath: diff --git a/kubernetes/so/charts/so-sdnc-adapter/Chart.yaml b/kubernetes/so/charts/so-sdnc-adapter/Chart.yaml index 4720a10bb0..747e2ad9e8 100755 --- a/kubernetes/so/charts/so-sdnc-adapter/Chart.yaml +++ b/kubernetes/so/charts/so-sdnc-adapter/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-sdnc-adapter -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml index 74905d2df3..c313dd563c 100755 --- a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml @@ -83,6 +83,9 @@ org: activate: POST|285000|sdncurl8|sdnc-request-header|com:att:sdnctl:nbncapi assign: POST|285000|sdncurl8|sdnc-request-header|com:att:sdnctl:nbncapi delete: POST|285000|sdncurl8|sdnc-request-header|com:att:sdnctl:nbncapi + vnf-topology-aic-operation: + activate: POST|270000|sdncurl11|sdnc-request-header|com:att:sdnctl:vnftopologyaic + assign: POST|270000|sdncurl11|sdnc-request-header|com:att:sdnctl:vnftopologyaic tunnelxconn-topology-operation: activate: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource assign: POST|270000|sdncurl10|sdnc-request-header|org:onap:sdnc:northbound:generic-resource @@ -97,7 +100,7 @@ org: changedelete: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf delete: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf rollback: POST|270000|sdncurl6|sdnc-request-header|org:onap:sdnctl:vnf - bpelauth: 023A0244AB819A0DE0131DBC3AC5FAB4D8544E1CB1A7FE3CE60F6E3292AC0D93 + bpelauth: 4C18603C5AE7E3A42A6CED95CDF9C0BA9B2109B3725747662E5D34E5FDF63DA9ADEBB08185098F14699195FDE9475100 bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/SDNCAdapterCallbackService generic-resource: network-topology-operation: @@ -136,13 +139,14 @@ org: myurl: http://so-sdnc-adapter{{ include "common.namespace" . }}:8086/adapters/rest/SDNCNotify rest: bpelurl: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage - sdncauth: 263f7d5f944d4d0c76db74b4148bec67d0bc796a874bc0d2a2a12aae89a866aa69133f700f391f784719a37f6a68d29bf5a2fbae1dab0402db7788c800c5ba73 + sdncauth: ED07A7EE5F099FA53369C3DF2240AD68A00154676EEDBC6F8C16BAA83B1912941B8941ABD48683D2C1072DA7040659692DE936A59BBF42A038CF71DE67B4A375190071EC76EA657801B033C135 sdncconnecttime: 5000 sdncurl10: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/GENERIC-RESOURCE-API:' sdncurl11: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNFTOPOLOGYAIC-API:' sdncurl12: 'http://sdnc.{{ include "common.namespace" . }}:8282/' sdncurl5: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/config' sdncurl6: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/VNF-API:' + sdncurl7: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/L3UCPE-API:' sdncurl8: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NBNC-API:' sdncurl9: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NORTHBOUND-API:service-topology-operation' service: @@ -154,6 +158,8 @@ org: vfmodule: '': query: GET|60000|sdncurl12| + network: + encryptionKey: 07a7159d3bf51a0e53be7a8f89699be7 spring: security: usercredentials: diff --git a/kubernetes/so/charts/so-vfc-adapter/Chart.yaml b/kubernetes/so/charts/so-vfc-adapter/Chart.yaml index 7c754b4289..a218b113c1 100755 --- a/kubernetes/so/charts/so-vfc-adapter/Chart.yaml +++ b/kubernetes/so/charts/so-vfc-adapter/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-vfc-adapter -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml index b06a975333..72a2f615d7 100755 --- a/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/charts/so-vfc-adapter/resources/config/overrides/override.yaml @@ -19,11 +19,6 @@ spring: url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb username: ${DB_USERNAME} password: ${DB_PASSWORD} - dbcp2: - initial-size: 5 - max-total: 20 - validation-query: select 1 - test-on-borrow: true security: usercredentials: - username: bpel diff --git a/kubernetes/vvp/Chart.yaml b/kubernetes/so/charts/so-vnfm-adapter/Chart.yaml old mode 100644 new mode 100755 similarity index 83% rename from kubernetes/vvp/Chart.yaml rename to kubernetes/so/charts/so-vnfm-adapter/Chart.yaml index 61b8ed1edc..80eda87e9a --- a/kubernetes/vvp/Chart.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright © 2019 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,8 +11,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 -description: ONAP VNF Validation Platform -name: vvp -version: 3.0.0 +description: ONAP SO VNFM Adapter +name: so-vnfm-adapter +version: 4.0.0 diff --git a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml new file mode 100755 index 0000000000..0b52949103 --- /dev/null +++ b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml @@ -0,0 +1,34 @@ +# Copyright © 2019 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +aai: + auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586 + version: v15 + endpoint: https://aai.{{ include "common.namespace" . }}:8443 +spring: + security: + usercredentials: + - username: vnfm + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: BPEL-Client + - username: mso_admin + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: ACTUATOR +server: + port: {{ index .Values.containerPort }} +mso: + key: 07a7159d3bf51a0e53be7a8f89699be7 + site-name: localSite + logPath: ./logs/vnfm-adapter + msb-ip: msb-iag.{{ include "common.namespace" . }} + msb-port: 80 diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/templates/configmap.yaml b/kubernetes/so/charts/so-vnfm-adapter/templates/configmap.yaml old mode 100644 new mode 100755 similarity index 77% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/templates/configmap.yaml rename to kubernetes/so/charts/so-vnfm-adapter/templates/configmap.yaml index bd7418415a..fb26dcef09 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-node/templates/configmap.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/templates/configmap.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright © 2019 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,24 +11,24 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - apiVersion: v1 +data: + LOG_PATH: {{ index .Values.logPath }} + APP: {{ index .Values.app }} kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-node-props-configmap + name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/node.properties").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-create-feed-configmap + name: {{ include "common.fullname" . }}-app-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -36,4 +36,4 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/config/feeds/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }} diff --git a/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml new file mode 100755 index 0000000000..b337cad687 --- /dev/null +++ b/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml @@ -0,0 +1,70 @@ +# Copyright © 2019 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} +spec: + replicas: {{ index .Values.replicaCount }} + minReadySeconds: {{ index .Values.minReadySeconds }} + strategy: + type: {{ index .Values.updateStrategy.type }} + rollingUpdate: + maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} + maxSurge: {{ index .Values.updateStrategy.maxSurge }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ include "common.repository" . }}/{{ .Values.image }} + resources: +{{ include "common.resources" . | indent 12 }} + envFrom: + - configMapRef: + name: {{ include "common.fullname" . }}-configmap + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - name: logs + mountPath: /app/logs + - name: config + mountPath: /app/config + readOnly: true + livenessProbe: + tcpSocket: + port: {{ index .Values.livenessProbe.port }} + initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}} + periodSeconds: {{ index .Values.livenessProbe.periodSeconds}} + successThreshold: {{ index .Values.livenessProbe.successThreshold}} + failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} + ports: + - containerPort: {{ index .Values.containerPort }} + name: {{ .Values.service.portName }} + protocol: TCP + volumes: + - name: logs + emptyDir: {} + - name: config + configMap: + name: {{ include "common.fullname" . }}-app-configmap + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/so/charts/so-vnfm-adapter/templates/service.yaml b/kubernetes/so/charts/so-vnfm-adapter/templates/service.yaml new file mode 100755 index 0000000000..7a8241223f --- /dev/null +++ b/kubernetes/so/charts/so-vnfm-adapter/templates/service.yaml @@ -0,0 +1,49 @@ +# Copyright © 2019 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "{{ include "common.servicename" . }}", + "version": "v1", + "url": "/so/vnfm-adapter/v1", + "protocol": "REST", + "port": "{{.Values.service.externalPort}}", + "visualRange":"1" + } + ]' +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/values.yaml b/kubernetes/so/charts/so-vnfm-adapter/values.yaml old mode 100644 new mode 100755 similarity index 54% rename from kubernetes/vvp/charts/vvp-ci-uwsgi/values.yaml rename to kubernetes/so/charts/so-vnfm-adapter/values.yaml index 1b58dd52aa..cc0450186c --- a/kubernetes/vvp/charts/vvp-ci-uwsgi/values.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright © 2019 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,50 +11,67 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - ################################################################# # Global configuration defaults. ################################################################# global: - nodePortPrefix: 302 + nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessRepository: oomk8s readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 + persistence: + mountPath: /dockerdata-nfs ################################################################# # Application configuration defaults. ################################################################# -# application image repository: nexus3.onap.org:10001 -image: onap/vvp/test-engine:1.0.0 +image: onap/so/vnfm-adapter:1.4.0 pullPolicy: Always -# flag to enable debugging - application support required -debugEnabled: false - replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - +minReadySeconds: 10 +containerPort: 9092 +logPath: ./logs/vnfm-adapter/ +app: vnfm-adapter service: - type: ClusterIP - internalPort: 8282 - + type: NodePort + internalPort: 9092 + externalPort: 9092 + nodePort: "06" + portName: so-vnfm-port +updateStrategy: + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + memory: 4Gi + cpu: 2000m + requests: + memory: 1Gi + cpu: 500m + large: + limits: + memory: 8Gi + cpu: 4000m + requests: + memory: 2Gi + cpu: 1000m + unlimited: {} +livenessProbe: + port: 9092 + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 ingress: enabled: false +nodeSelector: {} +tolerations: [] +affinity: {} diff --git a/kubernetes/so/requirements.yaml b/kubernetes/so/requirements.yaml index c289225a5d..12e77c38a0 100755 --- a/kubernetes/so/requirements.yaml +++ b/kubernetes/so/requirements.yaml @@ -13,7 +13,7 @@ # limitations under the License. dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml index 6adc2120fb..b5b4f355b7 100755 --- a/kubernetes/so/resources/config/overrides/override.yaml +++ b/kubernetes/so/resources/config/overrides/override.yaml @@ -30,14 +30,14 @@ mso: default: testApi: GR_API camundaURL: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/ - camundaAuth: 1D9003AB8BAFFA0D2104B67FA89040AD70B5B495B2A5DF931DE236484EBC1681 + camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A async: core-pool-size: 50 max-pool-size: 50 queue-capacity: 500 sdc: client: - auth: F3473596C526938329DF877495B494DC374D1C4198ED3AD305EA3ADCBBDA1862 + auth: 878785F4F31BC9CFA5AB52A172008212D8845ED2DE08AD5E56AF114720A4E49768B8F95CDA2EB971765D28EDCDAA24 activate: instanceid: test userid: cs0008 @@ -48,33 +48,19 @@ mso: count: 3 aai: endpoint: https://aai.{{ include "common.namespace" . }}:8443 - auth: 2630606608347B7124C244AB0FE34F6F + auth: 6E081E10B1CA43A843E303733A74D9B23B601A6E22A21C7EF2C7F15A42F81A1A4E85E65268C2661F71321052C7F3E55B96A8E1E951F8BF6F + extApi: + endpoint: http://nbi.onap:8080/nbi/api/v3 so: operational-environment: dmaap: username: testuser password: VjR5NDcxSzA= host: http://dmaap-bc.{{ include "common.namespace" . }}:8080 + auth: 51EA5414022D7BE536E7516C4D1A6361416921849B72C0D6FC1C7F262FD9F2BBC2AD124190A332D9845A188AD80955567A4F975C84C221EEA8243BFD92FFE6896CDD1EA16ADD34E1E3D47D4A publisher: topic: com.att.ecomp.mso.operationalEnvironmentEvent spring: - datasource: - url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/catalogdb - username: ${DB_USERNAME} - password: ${DB_PASSWORD} - driver-class-name: org.mariadb.jdbc.Driver - dbcp2: - initial-size: 5 - max-total: 20 - validation-query: select 1 - test-on-borrow: true - jpa: - show-sql: true - hibernate: - dialect: org.hibernate.dialect.MySQL5Dialect - ddl-auto: validate - naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy - enable-lazy-load-no-trans: true jersey: type: filter security: @@ -105,12 +91,14 @@ spring: role: ACTUATOR request: datasource: - url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb + jdbc-url: jdbc:mariadb://${DB_HOST}:${DB_PORT}/requestdb username: ${DB_USERNAME} password: ${DB_PASSWORD} driver-class-name: org.mariadb.jdbc.Driver - dbcp2: - initial-size: 5 - max-total: 20 - validation-query: select 1 - test-on-borrow: true +org: + onap: + so: + cloud-owner: onap + adapters: + network: + encryptionKey: 07a7159d3bf51a0e53be7a8f89699be7 diff --git a/kubernetes/uui/Chart.yaml b/kubernetes/uui/Chart.yaml index 6a1f879297..0327cd81f1 100644 --- a/kubernetes/uui/Chart.yaml +++ b/kubernetes/uui/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP uui name: uui -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/uui/charts/uui-server/Chart.yaml b/kubernetes/uui/charts/uui-server/Chart.yaml index bede388887..b665476ee3 100644 --- a/kubernetes/uui/charts/uui-server/Chart.yaml +++ b/kubernetes/uui/charts/uui-server/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP uui server name: uui-server -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/uui/requirements.yaml b/kubernetes/uui/requirements.yaml index db85323b82..3ee610f486 100644 --- a/kubernetes/uui/requirements.yaml +++ b/kubernetes/uui/requirements.yaml @@ -14,7 +14,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/vfc/Chart.yaml b/kubernetes/vfc/Chart.yaml index 5f4dab5686..03c5b9582b 100644 --- a/kubernetes/vfc/Chart.yaml +++ b/kubernetes/vfc/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Virtual Function Controller (VF-C) name: vfc -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/vfc/charts/vfc-catalog/Chart.yaml b/kubernetes/vfc/charts/vfc-catalog/Chart.yaml index 9817a9b7ae..f04a7fa503 100644 --- a/kubernetes/vfc/charts/vfc-catalog/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - Catalog name: vfc-catalog -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml index e33d749de6..fe2b1aa1df 100644 --- a/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/templates/deployment.yaml @@ -73,6 +73,8 @@ spec: - name: MYSQL_ADDR value: "{{ .Values.global.config.dbServiceName }}:{{ .Values.global.config.dbPort }}" volumeMounts: + - name: {{ include "common.fullname" . }}-catalog + mountPath: /service/vfc/nfvo/catalog/static - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime readOnly: true @@ -106,6 +108,13 @@ spec: mountPath: /usr/share/filebeat/data volumes: + - name: {{ include "common.fullname" . }}-catalog + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} - name: {{ include "common.fullname" . }}-localtime hostPath: path: /etc/localtime diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/pv.yaml b/kubernetes/vfc/charts/vfc-catalog/templates/pv.yaml similarity index 96% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/pv.yaml rename to kubernetes/vfc/charts/vfc-catalog/templates/pv.yaml index da117f4919..d1e1b04121 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/pv.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/templates/pv.yaml @@ -13,7 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} kind: PersistentVolume apiVersion: v1 @@ -28,10 +27,10 @@ metadata: name: {{ include "common.fullname" . }} spec: capacity: - storage: {{ .Values.persistence.size }} + storage: {{ .Values.persistence.size}} accessModes: - {{ .Values.persistence.accessMode }} persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/pvc.yaml b/kubernetes/vfc/charts/vfc-catalog/templates/pvc.yaml similarity index 99% rename from kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/pvc.yaml rename to kubernetes/vfc/charts/vfc-catalog/templates/pvc.yaml index e27c3311e9..74ba690fa6 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/pvc.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/templates/pvc.yaml @@ -13,7 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} kind: PersistentVolumeClaim apiVersion: v1 @@ -45,4 +44,4 @@ spec: storageClassName: "{{ .Values.persistence.storageClass }}" {{- end }} {{- end }} -{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-catalog/values.yaml b/kubernetes/vfc/charts/vfc-catalog/values.yaml index b4a8cb5981..fc6cf4e853 100644 --- a/kubernetes/vfc/charts/vfc-catalog/values.yaml +++ b/kubernetes/vfc/charts/vfc-catalog/values.yaml @@ -60,6 +60,27 @@ readiness: initialDelaySeconds: 10 periodSeconds: 10 +## Persist data to a persitent volume +persistence: + enabled: true + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + accessMode: ReadWriteMany + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: vfc/catalog + service: type: ClusterIP name: vfc-catalog diff --git a/kubernetes/vfc/charts/vfc-db/Chart.yaml b/kubernetes/vfc/charts/vfc-db/Chart.yaml index 4a9bb99916..64e6c29f5e 100644 --- a/kubernetes/vfc/charts/vfc-db/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-db/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - DB name: vfc-db -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/vfc/charts/vfc-ems-driver/Chart.yaml b/kubernetes/vfc/charts/vfc-ems-driver/Chart.yaml index 328b95d34a..214d3bb42c 100644 --- a/kubernetes/vfc/charts/vfc-ems-driver/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-ems-driver/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - EMS Driver name: vfc-ems-driver -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/Chart.yaml b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/Chart.yaml index b86f58fc99..96d008ca5e 100644 --- a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - Generic VNFM Driver name: vfc-generic-vnfm-driver -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-huawei-vnfm-driver/Chart.yaml b/kubernetes/vfc/charts/vfc-huawei-vnfm-driver/Chart.yaml index cf3fc6fafc..61aaf32a05 100644 --- a/kubernetes/vfc/charts/vfc-huawei-vnfm-driver/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-huawei-vnfm-driver/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - Huawei VNFM Driver name: vfc-huawei-vnfm-driver -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-juju-vnfm-driver/Chart.yaml b/kubernetes/vfc/charts/vfc-juju-vnfm-driver/Chart.yaml index 2a9161ede8..d3234ee56d 100644 --- a/kubernetes/vfc/charts/vfc-juju-vnfm-driver/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-juju-vnfm-driver/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - Juju VNFM Driver name: vfc-juju-vnfm-driver -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-multivim-proxy/Chart.yaml b/kubernetes/vfc/charts/vfc-multivim-proxy/Chart.yaml index a18d9bc96d..94de876709 100644 --- a/kubernetes/vfc/charts/vfc-multivim-proxy/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-multivim-proxy/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - MultiVIM Proxy name: vfc-multivim-proxy -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-nokia-v2vnfm-driver/Chart.yaml b/kubernetes/vfc/charts/vfc-nokia-v2vnfm-driver/Chart.yaml index 0d45db68f1..25414c4030 100644 --- a/kubernetes/vfc/charts/vfc-nokia-v2vnfm-driver/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-nokia-v2vnfm-driver/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - Nokia V2VNFM Driver name: vfc-nokia-v2vnfm-driver -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/Chart.yaml b/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/Chart.yaml index c39f54e342..7748cc0689 100644 --- a/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-nokia-vnfm-driver/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - Nokia VNFM Driver name: vfc-nokia-vnfm-driver -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-nslcm/Chart.yaml b/kubernetes/vfc/charts/vfc-nslcm/Chart.yaml index 519db8e94a..d417e87f6c 100644 --- a/kubernetes/vfc/charts/vfc-nslcm/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-nslcm/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - NS Life Cycle Management name: vfc-nslcm -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-resmgr/Chart.yaml b/kubernetes/vfc/charts/vfc-resmgr/Chart.yaml index 0730ff7859..c883caca2d 100644 --- a/kubernetes/vfc/charts/vfc-resmgr/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-resmgr/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - Resource Manager name: vfc-resmgr -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-vnflcm/Chart.yaml b/kubernetes/vfc/charts/vfc-vnflcm/Chart.yaml index f03b164bad..67c2164e57 100644 --- a/kubernetes/vfc/charts/vfc-vnflcm/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-vnflcm/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - VNF Life Cycle Management name: vfc-vnflcm -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-vnfmgr/Chart.yaml b/kubernetes/vfc/charts/vfc-vnfmgr/Chart.yaml index 1fe5dc8c48..362715ff14 100644 --- a/kubernetes/vfc/charts/vfc-vnfmgr/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-vnfmgr/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - VNF Manager name: vfc-vnfmgr -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-vnfres/Chart.yaml b/kubernetes/vfc/charts/vfc-vnfres/Chart.yaml index cefadcacfc..12515067b4 100644 --- a/kubernetes/vfc/charts/vfc-vnfres/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-vnfres/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - VNF Resource Manager name: vfc-vnfres -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-workflow-engine/Chart.yaml b/kubernetes/vfc/charts/vfc-workflow-engine/Chart.yaml index 15f8868860..591a9954e9 100644 --- a/kubernetes/vfc/charts/vfc-workflow-engine/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-workflow-engine/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - Workflow Engine name: vfc-workflow-engine -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-workflow/Chart.yaml b/kubernetes/vfc/charts/vfc-workflow/Chart.yaml index 767d7993b6..ccf00f8c44 100644 --- a/kubernetes/vfc/charts/vfc-workflow/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-workflow/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - Workflow name: vfc-workflow -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-zte-sdnc-driver/Chart.yaml b/kubernetes/vfc/charts/vfc-zte-sdnc-driver/Chart.yaml index cf12fce30d..36eb8dc32b 100644 --- a/kubernetes/vfc/charts/vfc-zte-sdnc-driver/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-zte-sdnc-driver/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - ZTE SDNC Driver name: vfc-zte-sdnc-driver -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/charts/vfc-zte-vnfm-driver/Chart.yaml b/kubernetes/vfc/charts/vfc-zte-vnfm-driver/Chart.yaml index 627a6d363a..4ac2046c59 100644 --- a/kubernetes/vfc/charts/vfc-zte-vnfm-driver/Chart.yaml +++ b/kubernetes/vfc/charts/vfc-zte-vnfm-driver/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VFC - ZTE VNFM Driver name: vfc-zte-vnfm-driver -version: 3.0.0 \ No newline at end of file +version: 4.0.0 \ No newline at end of file diff --git a/kubernetes/vfc/requirements.yaml b/kubernetes/vfc/requirements.yaml index 896eaf4baa..1d30dfd918 100644 --- a/kubernetes/vfc/requirements.yaml +++ b/kubernetes/vfc/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/vfc/values.yaml b/kubernetes/vfc/values.yaml index c19a844009..00eae1edd2 100644 --- a/kubernetes/vfc/values.yaml +++ b/kubernetes/vfc/values.yaml @@ -18,6 +18,8 @@ global: msbPort: 80 dbServiceName: vfc-db dbPort: 3306 + persistence: + mountPath: /dockerdata-nfs # application configuration config: diff --git a/kubernetes/vid/Chart.yaml b/kubernetes/vid/Chart.yaml index 9502b0ca93..deb0fc6017 100644 --- a/kubernetes/vid/Chart.yaml +++ b/kubernetes/vid/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Virtual Infrastructure Deployment name: vid -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/vid/charts/vid-mariadb-galera/Chart.yaml b/kubernetes/vid/charts/vid-mariadb-galera/Chart.yaml index 757d7c5a84..dd00351b5f 100644 --- a/kubernetes/vid/charts/vid-mariadb-galera/Chart.yaml +++ b/kubernetes/vid/charts/vid-mariadb-galera/Chart.yaml @@ -15,7 +15,7 @@ apiVersion: v1 description: ONAP VID MariaDB Galera cluster name: vid_mariadb_galera -version: 3.0.0 +version: 4.0.0 keywords: - mariadb - mysql diff --git a/kubernetes/vid/charts/vid-mariadb-galera/templates/configmap.yaml b/kubernetes/vid/charts/vid-mariadb-galera/templates/configmap.yaml index aff9f5b857..ba6adc0018 100644 --- a/kubernetes/vid/charts/vid-mariadb-galera/templates/configmap.yaml +++ b/kubernetes/vid/charts/vid-mariadb-galera/templates/configmap.yaml @@ -17,6 +17,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-confd namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }} --- @@ -26,6 +31,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-externalconfig namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: my_extra.cnf: |- [mysqld] diff --git a/kubernetes/vid/requirements.yaml b/kubernetes/vid/requirements.yaml index f3e793cfbb..9996777c42 100644 --- a/kubernetes/vid/requirements.yaml +++ b/kubernetes/vid/requirements.yaml @@ -14,7 +14,7 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/vid/templates/configmap.yaml b/kubernetes/vid/templates/configmap.yaml index cae46b4050..22178589af 100644 --- a/kubernetes/vid/templates/configmap.yaml +++ b/kubernetes/vid/templates/configmap.yaml @@ -17,6 +17,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-log-configmap namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/log/vid/*").AsConfig . | indent 2 }} --- @@ -25,6 +30,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-filebeat-configmap namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }} --- diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml index 3c8645feee..63bbef290e 100644 --- a/kubernetes/vid/values.yaml +++ b/kubernetes/vid/values.yaml @@ -27,7 +27,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/vid:3.2.2 +image: onap/vid:4.0-STAGING-latest pullPolicy: Always # mariadb image for initializing diff --git a/kubernetes/vnfsdk/Chart.yaml b/kubernetes/vnfsdk/Chart.yaml index f0fb733720..f8c49333c0 100644 --- a/kubernetes/vnfsdk/Chart.yaml +++ b/kubernetes/vnfsdk/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP VNF SDK name: vnfsdk -version: 3.0.0 +version: 4.0.0 diff --git a/kubernetes/vnfsdk/requirements.yaml b/kubernetes/vnfsdk/requirements.yaml index a01c7c02bc..fc43cb260a 100644 --- a/kubernetes/vnfsdk/requirements.yaml +++ b/kubernetes/vnfsdk/requirements.yaml @@ -14,8 +14,8 @@ dependencies: - name: common - version: ~3.0.0 + version: ~4.x-0 repository: '@local' - name: postgres - version: ~3.0.0 + version: ~4.x-0 repository: '@local' diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/Chart.yaml b/kubernetes/vvp/charts/vvp-ci-uwsgi/Chart.yaml deleted file mode 100644 index 5304ccb55f..0000000000 --- a/kubernetes/vvp/charts/vvp-ci-uwsgi/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: end-to-end flow tests based on Seleniunm -name: vvp-ci-uwsgi -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/__init__.py b/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/__init__.py deleted file mode 100644 index 8b70506f6c..0000000000 --- a/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/__init__.py +++ /dev/null @@ -1,278 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import os -from datetime import datetime - -# With this file at web/settings/__init__.py, we need three applications of -# dirname() to find the project root. -PROJECT_PATH = os.path.realpath(os.path.dirname(os.path.dirname(os.path.dirname(__file__)))) -LOGS_PATH = os.path.join(PROJECT_PATH, "logs") - -ICE_ENVIRONMENT = os.environ['ICE_ENVIRONMENT'] -PROGRAM_NAME_URL_PREFIX = os.environ['PROGRAM_NAME_URL_PREFIX'] -SERVICE_PROVIDER = os.environ['SERVICE_PROVIDER'] -PROGRAM_NAME = os.environ['PROGRAM_NAME'] -SERVICE_PROVIDER_DOMAIN = os.environ['SERVICE_PROVIDER_DOMAIN'] - -# See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/ -SECRET_KEY = os.environ["SECRET_KEY"] - -# https://docs.djangoproject.com/en/1.10/ref/settings/#allowed-hosts -# Anything in the Host header that does not match our expected domain should -# raise SuspiciousOperation exception. -ALLOWED_HOSTS = ['*'] - -if ICE_ENVIRONMENT == 'production': - DEBUG = False - - EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' - EMAIL_HOST = os.environ.get('ICE_EMAIL_HOST') - EMAIL_HOST_PASSWORD = os.environ['EMAIL_HOST_PASSWORD'] - EMAIL_HOST_USER = os.environ['EMAIL_HOST_USER'] - EMAIL_PORT = os.environ['EMAIL_PORT'] -else: - DEBUG = True - EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' - - -# Note: Only SSL email backends are allowed -EMAIL_USE_SSL = True - -REST_FRAMEWORK = { - 'DEFAULT_AUTHENTICATION_CLASSES': ( - 'rest_framework_jwt.authentication.JSONWebTokenAuthentication', - ), - 'PAGE_SIZE': 10, - # Use Django's standard `django.contrib.auth` permissions, - # or allow read-only access for unauthenticated users. - 'DEFAULT_PERMISSION_CLASSES': ('rest_framework.permissions.IsAdminUser',), -} -APPEND_SLASH = False - -# Application definition - -INSTALLED_APPS = [ - - 'django.contrib.auth', - 'django.contrib.contenttypes', # required by d.c.admin - 'django.contrib.sessions', # required by d.c.admin - 'django.contrib.messages', # required by d.c.admin - 'django.contrib.staticfiles', - 'django.contrib.admin', # django admin site - 'rest_framework', - 'iceci.apps.IceCiConfig', -] - -MIDDLEWARE_CLASSES = [ - 'django.middleware.security.SecurityMiddleware', - 'django.contrib.sessions.middleware.SessionMiddleware', - 'django.middleware.common.CommonMiddleware', - 'django.middleware.csrf.CsrfViewMiddleware', - 'django.contrib.auth.middleware.AuthenticationMiddleware', - 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', - 'django.contrib.messages.middleware.MessageMiddleware', - 'django.middleware.clickjacking.XFrameOptionsMiddleware', -] - -ROOT_URLCONF = 'web.urls' - -TEMPLATES = [ - { - 'BACKEND': 'django.template.backends.django.DjangoTemplates', - 'DIRS': [PROJECT_PATH + '/web/templates'], - 'APP_DIRS': True, - 'OPTIONS': { - 'context_processors': [ - 'django.template.context_processors.debug', - 'django.template.context_processors.request', - 'django.contrib.auth.context_processors.auth', # required by d.c.admin - 'django.contrib.messages.context_processors.messages', # required by d.c.admin - ], - }, - }, -] - -WSGI_APPLICATION = 'web.wsgi.application' - -# Database -# https://docs.djangoproject.com/en/1.9/ref/settings/#databases - -DATABASES = { - 'default': { # CI DB details. - 'NAME': '/app/ice_ci_db.db' , - 'ENGINE': 'django.db.backends.sqlite3', - 'TEST_NAME': '/app/ice_ci_db.db', - }, -} -SINGLETONE_DB = { - 'default': { # CI DB details. - 'ENGINE': 'django.db.backends.postgresql', - 'NAME': os.environ.get('CI_DB_NAME', 'ice_ci_db'), - 'USER': os.environ.get('CI_DB_USER', 'iceci'), - 'PASSWORD': os.environ.get('CI_DB_PASSWORD', 'Aa123456'), - 'HOST': os.environ.get('CI_DB_HOST', 'localhost'), - 'PORT': os.environ.get('CI_DB_PORT', '5433'), - }, - 'em_db': { # ICE DB details. - 'ENGINE': 'django.db.backends.postgresql', - 'NAME': os.environ.get('EM_DB_NAME', 'icedb'), - 'USER': os.environ.get('EM_DB_USER', 'iceuser'), - 'PASSWORD': os.environ.get('EM_DB_PASSWORD', 'Aa123456'), - 'HOST': os.environ.get('EM_DB_HOST', 'localhost'), - 'PORT': os.environ.get('EM_DB_PORT', '5433'), - }, - 'cms_db': { # ICE CMS details. - 'ENGINE': 'django.db.backends.postgresql', - 'NAME': os.environ.get('CMS_DB_NAME', 'icecmsdb'), - 'USER': os.environ.get('CMS_DB_USER', 'icecmsuser'), - 'PASSWORD': os.environ.get('CMS_DB_PASSWORD', 'Aa123456'), - 'HOST': os.environ.get('CMS_DB_HOST', 'localhost'), - 'PORT': os.environ.get('CMS_DB_PORT', '5433'), - } -} - -# Password validation -# https://docs.djangoproject.com/en/1.9/ref/settings/#auth-password-validators - -AUTH_PASSWORD_VALIDATORS = [ - { - 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', - }, - { - 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', - }, - { - 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', - }, - { - 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', - }, -] - - -# Internationalization -# https://docs.djangoproject.com/en/1.9/topics/i18n/ - -LANGUAGE_CODE = 'en-us' - -TIME_ZONE = 'UTC' - -USE_I18N = True - -USE_L10N = True - -USE_TZ = False - - -# Static files (CSS, JavaScript, Images) -# https://docs.djangoproject.com/en/1.9/howto/static-files/ -STATIC_ROOT = os.environ['STATIC_ROOT'] -STATIC_URL = '/static/' - -LOGGING = { - 'version': 1, - 'disable_existing_loggers': False, - 'formatters': { # All possible attributes are: https://docs.python.org/3/library/logging.html#logrecord-attributes - 'verbose': { - 'format': '%(asctime)s %(levelname)s %(module)s %(filename)s:%(lineno)d %(process)d %(thread)d %(message)s' - }, - 'simple': { - 'format': '%(asctime)s %(levelname)s %(filename)s:%(lineno)d %(message)s' - }, - }, - 'handlers': { - 'console': { - 'class': 'logging.StreamHandler', - 'formatter': 'simple' - }, - 'file1': { - 'level': 'INFO', # handler will ignore DEBUG (only process INFO, WARN, ERROR, CRITICAL, FATAL) - 'class': 'logging.FileHandler', - 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-info.log', - 'formatter': 'verbose' - }, - 'file2': { - 'level': 'DEBUG', - 'class': 'logging.FileHandler', - 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-debug.log', - 'formatter': 'verbose' - }, - 'file3': { - 'level': 'ERROR', - 'class': 'logging.FileHandler', - 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-requests.log', - 'formatter': 'verbose' - }, - 'file4': { - 'level': 'ERROR', - 'class': 'logging.FileHandler', - 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-db.log', - 'formatter': 'verbose' - } - }, - 'loggers': { - 'vvp-ci.logger': { - 'handlers': ['file1', 'file2', 'file3', 'file4','console'], - 'level': os.getenv('ICE_ICE_LOGGER_LEVEL', 'DEBUG'), - }, - 'django': { - 'handlers': ['console'], - 'level': os.getenv('ICE_DJANGO_LOGGER_LEVEL', 'DEBUG'), - }, - 'django.request': { - 'handlers': ['file3'], - 'level': os.getenv('ICE_ICE_REQUESTS_LOGGER_LEVEL', 'ERROR'), - }, - 'django.db.backends': { - 'handlers': ['file4'], - 'level': os.getenv('ICE_ICE_DB_LOGGER_LEVEL', 'ERROR'), - } - } -} - - -############################# -# ICE-CI Related Configuration -############################# -ICE_CONTACT_FROM_ADDRESS = os.getenv('ICE_CONTACT_FROM_ADDRESS') -ICE_CONTACT_EMAILS = list(os.getenv('ICE_CONTACT_EMAILS','user@example.com').split(',')) -ICE_CI_ENVIRONMENT_NAME = os.getenv('ICE_CI_ENVIRONMENT_NAME', 'Dev') # Dev / Docker / Staging -ICE_EM_URL = "{domain}/{prefix}".format(domain=os.environ['ICE_EM_DOMAIN_NAME'], prefix=PROGRAM_NAME_URL_PREFIX) -ICE_PORTAL_URL = os.environ['ICE_DOMAIN'] -EM_REST_URL = ICE_EM_URL + '/v1/engmgr/' - -#Number of test results presented in admin page. Illegal values: '0' or 'Null' -NUMBER_OF_TEST_RESULTS = int(os.getenv('NUMBER_OF_TEST_RESULTS', '30')) -ICE_BUILD_REPORT_NUM = os.getenv('ICE_BUILD_REPORT_NUM',"{:%Y-%m-%d-%H-%M-%S}".format(datetime.now())) -IS_JUMP_STATE=os.getenv('IS_JUMP_STATE', "True") -DATABASE_TYPE = 'sqlite' - -# FIXME: Does this authentication scheme actually gain us anything? What's the -# threat model -WEBHOOK_TOKEN = os.environ['SECRET_WEBHOOK_TOKEN'] - -# The authentication token and URL needed for us to issue requests to the GitLab API. -GITLAB_TOKEN = os.environ['SECRET_GITLAB_AUTH_TOKEN'] -GITLAB_URL = "http://vvp-gitlab/" - -JENKINS_URL = "http://vvp-jenkins:8080/" -JENKINS_USERNAME = "admin" -JENKINS_PASSWORD = os.environ['SECRET_JENKINS_PASSWORD'] - -AWS_S3_HOST = os.environ['S3_HOST'] -AWS_S3_PORT = int(os.environ['S3_PORT']) -AWS_S3_CUSTOM_DOMAIN = os.environ['S3_HOST'] -AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID'] -AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY'] diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/gunicorn.ini b/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/gunicorn.ini deleted file mode 100644 index 556fd55713..0000000000 --- a/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/gunicorn.ini +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -bind = ":8282" -chdir = '/app' -pidfile = '/tmp/ice-project-master.pid' -backlog = '5000' -errorlog = '-' -loglevel = 'info' diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/deployment.yaml deleted file mode 100644 index e62199862b..0000000000 --- a/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/deployment.yaml +++ /dev/null @@ -1,135 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: onapkey - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: 80 - - containerPort: 8282 - - containerPort: 9000 - volumeMounts: - - name: ci-settings - mountPath: /opt/configmaps/settings/ - - name: site-crt - mountPath: /opt/secrets/site-crt/ - env: - - name: ICE_ENVIRONMENT - value: "development" - - name: PROGRAM_NAME_URL_PREFIX - value: "vvp" - - name: SERVICE_PROVIDER - value: "NA" - - name: PROGRAM_NAME - value: "VVP" - - name: SERVICE_PROVIDER_DOMAIN - value: "na.com" - - name: SECRET_KEY - valueFrom: - secretKeyRef: {name: em-secret, key: key} - - name: EM_DB_HOST - value: postgresql - - name: EM_DB_PORT - value: "5432" - - name: EM_DB_NAME - value: icedb - - name: EM_DB_USER - value: "em_postgresuser" - - name: EM_DB_PASSWORD - valueFrom: - secretKeyRef: {name: postgresql-passwords, key: emPassword} - - name: CMS_DB_HOST - value: postgresql - - name: CMS_DB_PORT - value: "5432" - - name: CMS_DB_NAME - value: "icecmsdb" - - name: CMS_DB_USER - value: "cms_postgresuser" - - name: CMS_DB_PASSWORD - valueFrom: - secretKeyRef: {name: postgresql-passwords, key: cmsPassword} - - name: CI_DB_HOST - value: postgresql - - name: CI_DB_PORT - value: "5432" - - name: CI_DB_NAME - value: icedb - - name: CI_DB_USER - value: "em_postgresuser" - - name: CI_DB_PASSWORD - valueFrom: - secretKeyRef: {name: postgresql-passwords, key: ciPassword} - - name: STATIC_ROOT - value: "/app/htdocs" - - name: ICE_CONTACT_FROM_ADDRESS - value: "example" - - name: SECRET_WEBHOOK_TOKEN - valueFrom: - secretKeyRef: {name: em-secret, key: em_webhook_token} - - name: SECRET_GITLAB_AUTH_TOKEN - valueFrom: - secretKeyRef: {name: gitlab-password, key: auth-token} - - name: SECRET_JENKINS_PASSWORD - valueFrom: - secretKeyRef: {name: em-secret, key: jenkins_admin_password} - - name: ICE_DOMAIN - value: https://development.vvp.example.com - - name: ICE_EM_DOMAIN_NAME - value: https://development.vvp.example.com - - name: OAUTHLIB_INSECURE_TRANSPORT - value: "1" - - name: CI_ADMIN_USER - value: "ciadminuser" - - name: CI_ADMIN_MAIL - value: "ciadminmail@example.com" - - name: CI_ADMIN_PASSWORD - valueFrom: - secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: admin_password} - - name: S3_HOST - value: "dev-s3.vvp.example.com" - - name: S3_PORT - value: "443" - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: {name: em-secret, key: aws_access_key_id} - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: {name: em-secret, key: aws_secret_access_key} - command: ["/app/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "web.wsgi:application", ] - volumes: - - name: ci-settings - configMap: - name: {{ include "common.fullname" . }}-settings - - name: site-crt - secret: - secretName: site-crt diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/service.yaml b/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/service.yaml deleted file mode 100644 index a4260013a4..0000000000 --- a/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/Chart.yaml b/kubernetes/vvp/charts/vvp-cms-uwsgi/Chart.yaml deleted file mode 100644 index 3adf9a2514..0000000000 --- a/kubernetes/vvp/charts/vvp-cms-uwsgi/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: backend uwsgi server which hosts django application -name: vvp-cms-uwsgi -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/__init__.py b/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/__init__.py deleted file mode 100644 index b583985739..0000000000 --- a/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/__init__.py +++ /dev/null @@ -1,395 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from __future__ import absolute_import, unicode_literals -import os -from cms.envbool import envbool - -from django import VERSION as DJANGO_VERSION -from django.utils.translation import ugettext_lazy as _ -from boto.s3.connection import OrdinaryCallingFormat - - -###################### -# MEZZANINE SETTINGS # -###################### - -# The following settings are already defined with default values in -# the ``defaults.py`` module within each of Mezzanine's apps, but are -# common enough to be put here, commented out, for conveniently -# overriding. Please consult the settings documentation for a full list -# of settings Mezzanine implements: -# http://mezzanine.jupo.org/docs/configuration.html#default-settings - -# Controls the ordering and grouping of the admin menu. -# -# ADMIN_MENU_ORDER = ( -# ("Content", ("pages.Page", "blog.BlogPost", -# "generic.ThreadedComment", (_("Media Library"), "media-library"),)), -# ("Site", ("sites.Site", "redirects.Redirect", "conf.Setting")), -# ("Users", ("auth.User", "auth.Group",)), -# ) - -# A three item sequence, each containing a sequence of template tags -# used to render the admin dashboard. -# -# DASHBOARD_TAGS = ( -# ("blog_tags.quick_blog", "mezzanine_tags.app_list"), -# ("comment_tags.recent_comments",), -# ("mezzanine_tags.recent_actions",), -# ) - -# A sequence of templates used by the ``page_menu`` template tag. Each -# item in the sequence is a three item sequence, containing a unique ID -# for the template, a label for the template, and the template path. -# These templates are then available for selection when editing which -# menus a page should appear in. Note that if a menu template is used -# that doesn't appear in this setting, all pages will appear in it. - -# PAGE_MENU_TEMPLATES = ( -# (1, _("Top navigation bar"), "pages/menus/dropdown.html"), -# (2, _("Left-hand tree"), "pages/menus/tree.html"), -# (3, _("Footer"), "pages/menus/footer.html"), -# ) - -# A sequence of fields that will be injected into Mezzanine's (or any -# library's) models. Each item in the sequence is a four item sequence. -# The first two items are the dotted path to the model and its field -# name to be added, and the dotted path to the field class to use for -# the field. The third and fourth items are a sequence of positional -# args and a dictionary of keyword args, to use when creating the -# field instance. When specifying the field class, the path -# ``django.models.db.`` can be omitted for regular Django model fields. -# -# EXTRA_MODEL_FIELDS = ( -# ( -# # Dotted path to field. -# "mezzanine.blog.models.BlogPost.image", -# # Dotted path to field class. -# "somelib.fields.ImageField", -# # Positional args for field class. -# (_("Image"),), -# # Keyword args for field class. -# {"blank": True, "upload_to": "blog"}, -# ), -# # Example of adding a field to *all* of Mezzanine's content types: -# ( -# "mezzanine.pages.models.Page.another_field", -# "IntegerField", # 'django.db.models.' is implied if path is omitted. -# (_("Another name"),), -# {"blank": True, "default": 1}, -# ), -# ) - -# Setting to turn on featured images for blog posts. Defaults to False. -# -# BLOG_USE_FEATURED_IMAGE = True - -# If True, the django-modeltranslation will be added to the -# INSTALLED_APPS setting. -USE_MODELTRANSLATION = False - - -######################## -# MAIN DJANGO SETTINGS # -######################## - -# Hosts/domain names that are valid for this site; required if DEBUG is False -# See https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts -ALLOWED_HOSTS = ['*'] - -# Set UTC time zone: -TIME_ZONE = 'UTC' -USE_TZ = True - -# Local time zone for this installation. Choices can be found here: -# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name -# although not all choices may be available on all operating systems. -# On Unix systems, a value of None will cause Django to use the same -# timezone as the operating system. -# If running in a Windows environment this must be set to the same as your -# system time zone. -TIME_ZONE = 'UTC' - -# If you set this to True, Django will use timezone-aware datetimes. -USE_TZ = True - -# Language code for this installation. All choices can be found here: -# http://www.i18nguy.com/unicode/language-identifiers.html -LANGUAGE_CODE = "en" - -# Supported languages -LANGUAGES = ( - ('en', _('English')), -) - -ENVIRONMENT = os.environ['ENVIRONMENT'] - -# See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/ -SECRET_KEY = os.environ["SECRET_KEY"] - -# A boolean that turns on/off debug mode. When set to ``True``, stack traces -# are displayed for error pages. Should always be set to ``False`` in -# production. Best set to ``True`` in local_settings.py -DEBUG = envbool('DJANGO_DEBUG_MODE', False) - -# Note: Only SSL email backends are allowed -EMAIL_USE_SSL = True - -# Whether a user's session cookie expires when the Web browser is closed. -SESSION_EXPIRE_AT_BROWSER_CLOSE = True - -SITE_ID = 1 - -# If you set this to False, Django will make some optimizations so as not -# to load the internationalization machinery. -USE_I18N = False - -AUTHENTICATION_BACKENDS = ("mezzanine.core.auth_backends.MezzanineBackend",) - -# The numeric mode to set newly-uploaded files to. The value should be -# a mode you'd pass directly to os.chmod. -FILE_UPLOAD_PERMISSIONS = 0o644 - - -############# -# DATABASES # -############# - -DATABASES = { - 'default': { - 'ENGINE': 'django.db.backends.postgresql', - 'NAME': os.environ['PGDATABASE'], - 'USER': os.environ['PGUSER'], - 'PASSWORD': os.environ['PGPASSWORD'], - 'HOST': os.environ['PGHOST'], - 'PORT': os.environ['PGPORT'], - } -} - - -######### -# PATHS # -######### - -# Full filesystem path to the project. -PROJECT_APP_PATH = os.path.dirname(os.path.abspath(__file__)) -PROJECT_APP = os.path.basename(PROJECT_APP_PATH) -PROJECT_ROOT = BASE_DIR = os.path.dirname(PROJECT_APP_PATH) - -# Every cache key will get prefixed with this value - here we set it to -# the name of the directory the project is in to try and use something -# project specific. -CACHE_MIDDLEWARE_KEY_PREFIX = PROJECT_APP - -# Package/module name to import the root urlpatterns from for the project. -ROOT_URLCONF = 'cms.urls' - -TEMPLATES = [ - { - "BACKEND": "django.template.backends.django.DjangoTemplates", - "DIRS": [ - os.path.join(PROJECT_ROOT, "templates") - ], - "APP_DIRS": True, - "OPTIONS": { - "context_processors": [ - "django.contrib.auth.context_processors.auth", - "django.contrib.messages.context_processors.messages", - "django.template.context_processors.debug", - "django.template.context_processors.i18n", - "django.template.context_processors.static", - "django.template.context_processors.media", - "django.template.context_processors.request", - "django.template.context_processors.tz", - "mezzanine.conf.context_processors.settings", - "mezzanine.pages.context_processors.page", - ], - "builtins": [ - "mezzanine.template.loader_tags", - ], - }, - }, -] - -if DJANGO_VERSION < (1, 9): - del TEMPLATES[0]["OPTIONS"]["builtins"] - - -################ -# APPLICATIONS # -################ - -INSTALLED_APPS = ( - "mezzanine_api", - "rest_framework", - "rest_framework_swagger", - "oauth2_provider", - "django.contrib.admin", - "django.contrib.auth", - "django.contrib.contenttypes", - "django.contrib.redirects", - "django.contrib.sessions", - "django.contrib.sites", - "django.contrib.sitemaps", - "django.contrib.staticfiles", - "mezzanine.boot", - "mezzanine.conf", - "mezzanine.core", - "mezzanine.generic", - "mezzanine.pages", - "mezzanine.blog", - "mezzanine.forms", - "mezzanine.galleries", - "mezzanine.twitter", - # "mezzanine.accounts", - # "mezzanine.mobile", - "cms" , - "storages", -) - -# List of middleware classes to use. Order is important; in the request phase, -# these middleware classes will be applied in the order given, and in the -# response phase the middleware will be applied in reverse order. -MIDDLEWARE_CLASSES = ( - "mezzanine.core.middleware.UpdateCacheMiddleware", - "mezzanine_api.middleware.ApiMiddleware", - 'django.contrib.sessions.middleware.SessionMiddleware', - # Uncomment if using internationalisation or localisation - # 'django.middleware.locale.LocaleMiddleware', - 'django.middleware.common.CommonMiddleware', - 'django.middleware.csrf.CsrfViewMiddleware', - 'django.contrib.auth.middleware.AuthenticationMiddleware', - 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', - 'django.contrib.messages.middleware.MessageMiddleware', - 'django.middleware.clickjacking.XFrameOptionsMiddleware', - - "mezzanine.core.request.CurrentRequestMiddleware", - "mezzanine.core.middleware.RedirectFallbackMiddleware", - "mezzanine.core.middleware.TemplateForDeviceMiddleware", - "mezzanine.core.middleware.TemplateForHostMiddleware", - "mezzanine.core.middleware.AdminLoginInterfaceSelectorMiddleware", - "mezzanine.core.middleware.SitePermissionMiddleware", - "mezzanine.pages.middleware.PageMiddleware", - "mezzanine.core.middleware.FetchFromCacheMiddleware", -) - -# Store these package names here as they may change in the future since -# at the moment we are using custom forks of them. -PACKAGE_NAME_FILEBROWSER = "filebrowser_safe" -PACKAGE_NAME_GRAPPELLI = "grappelli_safe" - -######################### -# OPTIONAL APPLICATIONS # -######################### - -# These will be added to ``INSTALLED_APPS``, only if available. -OPTIONAL_APPS = ( - "debug_toolbar", - "django_extensions", - "compressor", - PACKAGE_NAME_FILEBROWSER, - PACKAGE_NAME_GRAPPELLI, -) - -##################### -# REST API SETTINGS # -##################### -try: - from mezzanine_api.settings import * -except ImportError: - pass - - -################## -# LOCAL SETTINGS # -################## - -# Allow any settings to be defined in local_settings.py which should be -# ignored in your version control system allowing for settings to be -# defined per ma chine. - -# Instead of doing "from .local_settings import *", we use exec so that -# local_settings has full access to everything defined in this module. -# Also force into sys.modules so it's visible to Django's autoreload. - -f = os.path.join(PROJECT_APP_PATH, "local_settings/__init__.py") -if os.path.exists(f): - import sys - import imp - module_name = "%s.local_settings" % PROJECT_APP - module = imp.new_module(module_name) - module.__file__ = f - sys.modules[module_name] = module - exec(open(f, "rb").read()) - - -#################### -# DYNAMIC SETTINGS # -#################### - -# set_dynamic_settings() will rewrite globals based on what has been -# defined so far, in order to provide some better defaults where -# applicable. We also allow this settings module to be imported -# without Mezzanine installed, as the case may be when using the -# fabfile, where setting the dynamic settings below isn't strictly -# required. -try: - from mezzanine.utils.conf import set_dynamic_settings -except ImportError: - pass -else: - set_dynamic_settings(globals()) - -# default settings for mezzanine -NEVERCACHE_KEY = os.getenv('CMS_NEVERCACHE_KEY', ''), -# Application User -CMS_APP_USER = os.getenv('CMS_APP_USER') -CMS_APP_USER_PASSWORD = os.getenv('CMS_APP_USER_PASSWORD') -CMS_APP_USER_MAIL = os.getenv('CMS_APP_USER_MAIL') -# Client App (EM) -CMS_APP_CLIENT_ID = os.getenv('CMS_APP_CLIENT_ID') -CMS_APP_CLIENT_SECRET = os.getenv('CMS_APP_CLIENT_SECRET') -CMS_APP_NAME = 'Engagement_Manager_App' -REST_FRAMEWORK['DEFAULT_RENDERER_CLASSES'] = ( - 'rest_framework.renderers.JSONRenderer', -) - -# S3 configuration for static resources storage and media upload - -# used by our custom storage.py -MEDIA_BUCKET = "cms-media" -STATIC_BUCKET = "cms-static" - -# django-storages configuration -AWS_S3_HOST = os.environ['S3_HOST'] -AWS_S3_PORT = int(os.environ['S3_PORT']) -AWS_S3_CUSTOM_DOMAIN = os.environ['S3_HOST'] -AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID'] -AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY'] -AWS_AUTO_CREATE_BUCKET = True -AWS_PRELOAD_METADATA = True - -# Set by custom subclass. -# AWS_STORAGE_BUCKET_NAME = "em-static" -AWS_S3_CALLING_FORMAT = OrdinaryCallingFormat() -DEFAULT_FILE_STORAGE = 'cms.settings.storage.S3MediaStorage' -STATICFILES_STORAGE = 'cms.settings.storage.S3StaticStorage' - -# These seem to have no effect even when we don't override with custom_domain? -STATIC_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, STATIC_BUCKET) -MEDIA_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, MEDIA_BUCKET) - -STATIC_ROOT = os.environ['STATIC_ROOT'] - diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/gunicorn.ini b/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/gunicorn.ini deleted file mode 100644 index 29cca7db93..0000000000 --- a/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/gunicorn.ini +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -bind = ":80" -chdir = '/srv' -pidfile = '/tmp/ice-project-master.pid' -backlog = '5000' -errorlog = '-' -loglevel = 'info' diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/storage.py b/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/storage.py deleted file mode 100644 index 0abfae9035..0000000000 --- a/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/storage.py +++ /dev/null @@ -1,50 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -""" -storage.py - -In order to make Django store trusted static files and untrusted media -(user-uploaded) files in separate s3 buckets, we must create two different -storage classes. - -https://www.caktusgroup.com/blog/2014/11/10/Using-Amazon-S3-to-store-your-Django-sites-static-and-media-files/ -http://www.leehodgkinson.com/blog/my-mezzanine-s3-setup/ - -""" - -# FIXME this module never changes so might not need not be kept in a -# configmap. Also it is (almost) the same as what we use in em; that does -# not use S3BotoStorageMixin. - -# There is a newer storage based on boto3 but that doesn't support changing -# the HOST, as we need to for non-amazon s3 services. It does support an -# "endpoint"; setting AWS_S3_ENDPOINT_URL may cause it to work. -from storages.backends.s3boto import S3BotoStorage -from filebrowser_safe.storage import S3BotoStorageMixin -from django.conf import settings - - -# NOTE for some reason, collectstatic uploads to bucket/location but the -# urls constructed are domain/location -class S3StaticStorage(S3BotoStorage, S3BotoStorageMixin): - custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.STATIC_BUCKET) - bucket_name = settings.STATIC_BUCKET - # location = ... - - -class S3MediaStorage(S3BotoStorage, S3BotoStorageMixin): - custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.MEDIA_BUCKET) - bucket_name = settings.MEDIA_BUCKET - # location = ... diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/configmap.yaml deleted file mode 100644 index d8b2bbbbbc..0000000000 --- a/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/configmap.yaml +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-settings - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/cms/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-secret - namespace: {{ include "common.namespace" . }} -type: Opaque -data: - key: "KCtkbV9yaigwMDU9XmV2emVzZDMjeHB5JC0kY15qI2NsemlsYngmXz0wbGg3by0zNCM=" - app_user: "Y21zYXBwdXNlcg==" - app_user_mail: "Y21zYXBwdXNlckBleGFtcGxlLmNvbQ==" - app_user_password: "Y21zYXBwdXNlcnBhc3N3b3Jk" - app_client_id: "RWVCNFhlaW1vb2M2eGllU2VlS2FoOGRhZTFlaXBhZTRvdGFlc2hlZQ==" - app_client_secret: "aGFpTW9vcGllWmVlMXdlaTNsZWY0Z2FleWlhMnZhaHdvaHRoMG1haWQ5aXRoMnBoZWVzaGFpdGh1VG9vcjJKb2hzaGVpNWJhZXk3RWlxdWFldGhlaWI4cXVhaXF1ZWU3cGhpYXRoN2V1YjJhaU5haWMzb3U5dmFpemViZWlGNXU=" - nevercache_key: "YV9qLWc1aCszKW9AMndpYXNtYmcoaHV4cHVqaD05NShwLSR2ejF4aiZ0K20pKy11ODQ=" ---- diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/deployment.yaml deleted file mode 100644 index bb31b82ce7..0000000000 --- a/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/deployment.yaml +++ /dev/null @@ -1,111 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: onapkey - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort1 }} - - containerPort: {{ .Values.service.internalPort2 }} - env: - - name: ENVIRONMENT - value: "development" - - name: SECRET_KEY - valueFrom: - secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: key} - - name: EMAIL_HOST - value: "localhost" - - name: EMAIL_HOST_USER - value: "example" - - name: EMAIL_PORT - value: "25" - - name: EMAIL_HOST_PASSWORD - valueFrom: - secretKeyRef: {name: email-secret, key: password} - - name: PGHOST - value: vvp-postgres - - name: PGPORT - value: "5432" - - name: PGDATABASE - value: "icecmsdb" - - name: PGUSER - value: "cms_postgresuser" - - name: PGPASSWORD - valueFrom: - secretKeyRef: {name: postgresql-passwords, key: cmsPassword} - - name: ICE_CONTACT_FROM_ADDRESS - value: "example" - - name: CMS_NEVERCACHE_KEY - valueFrom: - secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: nevercache_key} - - name: CMS_APP_USER - valueFrom: - secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_user} - - name: CMS_APP_USER_MAIL - valueFrom: - secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_user_mail} - - name: CMS_APP_USER_PASSWORD - valueFrom: - secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_user_password} - - name: CMS_APP_CLIENT_ID - valueFrom: - secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_client_id} - - name: CMS_APP_CLIENT_SECRET - valueFrom: - secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_client_secret} - - name: STATIC_ROOT - value: "/app/htdocs" - - name: DJANGO_DEBUG_MODE - value: "True" - - name: S3_HOST - value: "dev-s3.vvp.example.com" - - name: S3_PORT - value: "443" - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: {name: em-secret, key: aws_access_key_id} - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: {name: em-secret, key: aws_secret_access_key} - command: ["/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "cms.wsgi:application", ] - volumeMounts: - - name: settings - mountPath: /opt/configmaps/settings/ - - name: site-crt - mountPath: /opt/secrets/site-crt/ - volumes: - - name: settings - configMap: - name: {{ include "common.fullname" . }}-settings - - name: site-crt - secret: - secretName: site-crt diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/service.yaml b/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/service.yaml deleted file mode 100644 index 0c6c30da78..0000000000 --- a/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort1 }} - name: {{ .Values.service.portName | default "http" }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/Chart.yaml b/kubernetes/vvp/charts/vvp-em-uwsgi/Chart.yaml deleted file mode 100644 index 4393322261..0000000000 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: backend uwsgi server which hosts django application -name: vvp-em-uwsgi -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/__init__.py b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/__init__.py deleted file mode 100644 index ed57ca604d..0000000000 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/__init__.py +++ /dev/null @@ -1,332 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -""" -Django settings for VVP project. - -Environment variables that must exist: - - ENVIRONMENT - SECRET_KEY - SECRET_WEBHOOK_TOKEN - SECRET_GITLAB_AUTH_TOKEN - SECRET_JENKINS_PASSWORD - SECRET_CMS_APP_CLIENT_ID - SECRET_CMS_APP_CLIENT_SECRET - -Environment variables that must exist in production: - - EMAIL_HOST - EMAIL_HOST_PASSWORD - EMAIL_HOST_USER - EMAIL_PORT - -""" - -import os -from vvp.settings.envbool import envbool -from corsheaders.defaults import default_headers -from boto.s3.connection import OrdinaryCallingFormat -import datetime - -# With this file at ice/settings/__init__.py, we need three applications of -# dirname() to find the project root. -import engagementmanager -PROJECT_PATH = os.path.dirname(os.path.dirname(engagementmanager.__file__)) -LOGS_PATH = os.path.join(PROJECT_PATH, "logs") - -ENVIRONMENT = os.environ['ENVIRONMENT'] -PROGRAM_NAME_URL_PREFIX = os.environ['PROGRAM_NAME_URL_PREFIX'] -SERVICE_PROVIDER = os.environ['SERVICE_PROVIDER'] -PROGRAM_NAME = os.environ['PROGRAM_NAME'] -SERVICE_PROVIDER_DOMAIN = os.environ['SERVICE_PROVIDER_DOMAIN'] - -# See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/ -SECRET_KEY = os.environ["SECRET_KEY"] - -# https://docs.djangoproject.com/en/1.10/ref/settings/#allowed-hosts -# Anything in the Host header that does not match our expected domain should -# raise SuspiciousOperation exception. -ALLOWED_HOSTS = ['*'] - -DEBUG = envbool('DJANGO_DEBUG_MODE', False) - -if ENVIRONMENT == 'production': - EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' - EMAIL_HOST = os.environ['EMAIL_HOST'] - EMAIL_HOST_PASSWORD = os.environ['EMAIL_HOST_PASSWORD'] - EMAIL_HOST_USER = os.environ['EMAIL_HOST_USER'] - EMAIL_PORT = os.environ['EMAIL_PORT'] -else: - EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' - -# Note: Only SSL email backends are allowed -EMAIL_USE_SSL = True - -REST_FRAMEWORK = { - # Use Django's standard `django.contrib.auth` permissions, - # or allow read-only access for unauthenticated users. - 'EXCEPTION_HANDLER': 'engagementmanager.utils.exception_handler.ice_exception_handler', - 'PAGE_SIZE': 10, - 'DEFAULT_PERMISSION_CLASSES': ( - 'rest_framework.permissions.IsAuthenticated', - ), - 'DEFAULT_AUTHENTICATION_CLASSES': ( - 'rest_framework.authentication.SessionAuthentication', - 'rest_framework.authentication.BasicAuthentication', - 'rest_framework_jwt.authentication.JSONWebTokenAuthentication', - ), - 'DEFAULT_PARSER_CLASSES': ( - 'engagementmanager.rest.parsers.XSSJSONParser', - 'engagementmanager.rest.parsers.XSSFormParser', - 'engagementmanager.rest.parsers.XSSMultiPartParser', - ) -} - -JWT_AUTH = { - 'JWT_AUTH_HEADER_PREFIX': 'token', - 'JWT_ALGORITHM': 'HS256', - 'JWT_EXPIRATION_DELTA': datetime.timedelta(days=1), - 'JWT_DECODE_HANDLER': 'engagementmanager.utils.authentication.ice_jwt_decode_handler', -} - -APPEND_SLASH = False - -# Application definition -INSTALLED_APPS = [ - 'django.contrib.auth', # required by d.c.admin - 'corsheaders', - 'django.contrib.contenttypes', # required by d.c.admin - 'django.contrib.sessions', # required by d.c.admin - 'django.contrib.messages', # required by d.c.admin - 'django.contrib.staticfiles', - 'django.contrib.admin', # django admin site - 'rest_framework', - 'engagementmanager.apps.EngagementmanagerConfig', - 'validationmanager.apps.ValidationmanagerConfig', -] - -MIDDLEWARE_CLASSES = [ - 'django.middleware.security.SecurityMiddleware', - 'django.contrib.sessions.middleware.SessionMiddleware', - 'django.middleware.common.CommonMiddleware', - 'django.contrib.auth.middleware.AuthenticationMiddleware', # required by d.c.admin - 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', - 'django.contrib.messages.middleware.MessageMiddleware', - 'django.middleware.clickjacking.XFrameOptionsMiddleware', - 'corsheaders.middleware.CorsMiddleware', -] - -ROOT_URLCONF = 'vvp.urls' - -TEMPLATES = [ - { - 'BACKEND': 'django.template.backends.django.DjangoTemplates', - 'DIRS': [PROJECT_PATH + '/web/templates'], - 'APP_DIRS': True, - 'OPTIONS': { - 'context_processors': [ - 'django.template.context_processors.debug', - 'django.template.context_processors.request', - 'django.contrib.auth.context_processors.auth', # required by d.c.admin - 'django.contrib.messages.context_processors.messages', # required by d.c.admin - ], - }, - }, -] - -WSGI_APPLICATION = 'vvp.wsgi.application' - - -# Database -# https://docs.djangoproject.com/en/1.9/ref/settings/#databases -DATABASES = { - 'default': { - 'ENGINE': 'django.db.backends.postgresql', - 'NAME': os.environ['PGDATABASE'], - 'USER': os.environ['PGUSER'], - 'PASSWORD': os.environ['PGPASSWORD'], - 'HOST': os.environ['PGHOST'], - 'PORT': os.environ['PGPORT'], - } -} - - -# Password validation -# https://docs.djangoproject.com/en/1.9/ref/settings/#auth-password-validators -AUTH_PASSWORD_VALIDATORS = [ - {'NAME': 'django.contrib.auth.password_validation.%s' % s} for s in [ - 'UserAttributeSimilarityValidator', - 'MinimumLengthValidator', - 'CommonPasswordValidator', - 'NumericPasswordValidator', - ]] - - -# Internationalization -# https://docs.djangoproject.com/en/1.9/topics/i18n/ -LANGUAGE_CODE = 'en-us' -TIME_ZONE = 'UTC' -USE_I18N = True -USE_L10N = True -USE_TZ = True - -CORS_ALLOW_HEADERS = default_headers + ('ICE-USER-ID',) - -# Static files (CSS, JavaScript, Images) -# https://docs.djangoproject.com/en/1.9/howto/static-files/ -STATIC_ROOT = os.environ['STATIC_ROOT'] - - -LOGGING = { - 'version': 1, - 'disable_existing_loggers': False, - 'formatters': { # All possible attributes are: https://docs.python.org/3/library/logging.html#logrecord-attributes - 'verbose': { - 'format': '%(asctime)s %(levelname)s %(name)s %(module)s %(lineno)d %(process)d %(thread)d %(message)s' - }, - 'simple': { - 'format': '%(asctime)s %(levelname)s %(name)s %(message)s' - }, - }, - 'handlers': { - 'console': { - 'class': 'logging.StreamHandler', - 'formatter': 'simple' - }, - 'vvp-info.log': { - 'level': 'INFO', # handler will ignore DEBUG (only process INFO, WARN, ERROR, CRITICAL, FATAL) - 'class': 'logging.FileHandler', - 'filename': os.path.join(LOGS_PATH, 'vvp-info.log'), - 'formatter': 'verbose' - }, - 'vvp-debug.log': { - 'level': 'DEBUG', - 'class': 'logging.FileHandler', - 'filename': os.path.join(LOGS_PATH, 'vvp-debug.log'), - 'formatter': 'verbose' - }, - 'vvp-requests.log': { - 'level': 'ERROR', - 'class': 'logging.FileHandler', - 'filename': os.path.join(LOGS_PATH, 'vvp-requests.log'), - 'formatter': 'verbose' - }, - 'vvp-db.log': { - 'level': 'ERROR', - 'class': 'logging.FileHandler', - 'filename': os.path.join(LOGS_PATH, 'vvp-db.log'), - 'formatter': 'verbose', - }, - }, - 'loggers': { - 'vvp.logger': { - 'handlers': ['vvp-info.log', 'vvp-debug.log', 'vvp-requests.log', 'vvp-db.log', 'console'], - 'level': 'DEBUG' if DEBUG else 'INFO', - }, - 'django': { - 'handlers': ['console'], - 'level': 'INFO' if DEBUG else 'ERROR', - }, - 'django.request': { - 'handlers': ['vvp-requests.log', 'console'], - 'level': 'INFO' if DEBUG else 'ERROR', - }, - 'django.db.backends': { - 'handlers': ['vvp-db.log', 'console'], - 'level': 'DEBUG' if DEBUG else 'ERROR', - 'propagate': False, - }, - # silence the hundred lines of useless "missing variable in template" - # complaints per admin pageview. - 'django.template': { - 'level': 'DEBUG', - 'handlers': ['vvp-info.log', 'vvp-debug.log', 'console'], - 'propagate': False, - }, - } -} - - -############################# -# VVP Related Configuration -############################# -CONTACT_FROM_ADDRESS = os.getenv('CONTACT_FROM_ADDRESS', 'dummy@example.com') -CONTACT_EMAILS = [s.strip() for s in os.getenv('CONTACT_EMAILS', 'user@example.com').split(',') if s] -DOMAIN = os.getenv('EM_DOMAIN_NAME') -TOKEN_EXPIRATION_IN_HOURS = 48 -DAILY_SCHEDULED_JOB_HOUR = 20 -NUMBER_OF_POLLED_ACTIVITIES = 5 -TEMP_PASSWORD_EXPIRATION_IN_HOURS = 48 -# This is the DNS name pointing to the private-network ip of the host machine -# running (a haproxy that points to) (an nginx frontend for) this app -API_DOMAIN = 'em' - -# The authentication token needed by Jenkins or Gitlab to issue webhook updates -# to us. This is a "secret" shared by Jenkins and Django. It must be part of -# the URL path component for the Jenkins webhook in ValidationManager to accept -# a notification. It should be a set of random URL-path-safe characters, with -# no slash '/'. -# FIXME: Does this authentication scheme actually gain us anything? What's the -# threat model -WEBHOOK_TOKEN = os.environ['SECRET_WEBHOOK_TOKEN'] - -# The authentication token and URL needed for us to issue requests to the GitLab API. -GITLAB_TOKEN = os.environ['SECRET_GITLAB_AUTH_TOKEN'] -GITLAB_URL = "http://vvp-gitlab/" - -JENKINS_URL = "http://vvp-jenkins:8080/" -JENKINS_USERNAME = "admin" -JENKINS_PASSWORD = os.environ['SECRET_JENKINS_PASSWORD'] - -IS_CL_CREATED_ON_REVIEW_STATE = envbool('IS_CL_CREATED_ON_REVIEW_STATE', False) # Options: True, False -IS_SIGNAL_ENABLED = envbool('IS_SIGNAL_ENABLED', True) -RECENT_ENG_TTL = 3 # In days -CMS_URL = "http://vvp-cms-uwsgi/api/" -CMS_APP_CLIENT_ID = os.environ['SECRET_CMS_APP_CLIENT_ID'] -CMS_APP_CLIENT_SECRET = os.environ['SECRET_CMS_APP_CLIENT_SECRET'] - -# slack integration -SLACK_API_TOKEN = os.environ['SLACK_API_TOKEN'] -ENGAGEMENTS_CHANNEL = os.getenv('ENGAGEMENTS_CHANNEL', '') -ENGAGEMENTS_NOTIFICATIONS_CHANNEL = os.getenv('ENGAGEMENTS_NOTIFICATIONS_CHANNEL:', '') -DEVOPS_CHANNEL = os.getenv('DEVOPS_CHANNEL', '') -DEVOPS_NOTIFICATIONS_CHANNEL = os.getenv('DEVOPS_NOTIFICATIONS_CHANNEL', '') - -# S3 configuration for static resources storage and media upload - -# used by our custom storage.py -MEDIA_BUCKET = "em-media" -STATIC_BUCKET = "em-static" - -# django-storages configuration -AWS_S3_HOST = os.environ['S3_HOST'] -AWS_S3_PORT = int(os.environ['S3_PORT']) -AWS_S3_CUSTOM_DOMAIN = os.environ['S3_HOST'] -AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID'] -AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY'] -AWS_AUTO_CREATE_BUCKET = True -AWS_PRELOAD_METADATA = True - -# Set by custom subclass. -# AWS_STORAGE_BUCKET_NAME = "em-static" -AWS_S3_CALLING_FORMAT = OrdinaryCallingFormat() -DEFAULT_FILE_STORAGE = 'vvp.settings.storage.S3MediaStorage' -STATICFILES_STORAGE = 'vvp.settings.storage.S3StaticStorage' - -# These seem to have no effect even when we don't override with custom_domain? -STATIC_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, STATIC_BUCKET) -MEDIA_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, MEDIA_BUCKET) - -STATIC_ROOT = os.environ['STATIC_ROOT'] diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/envbool.py b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/envbool.py deleted file mode 100644 index 31f4385d16..0000000000 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/envbool.py +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -""" -envbool.py - -Return which environment is currently running on (to setting.py). - -""" -import os - - -def envbool(key, default=False, unknown=True): - """Return a boolean value based on that of an environment variable. - - Environment variables have no native boolean type. They are always strings, and may be empty or - unset (which differs from empty.) Furthermore, notions of what is "truthy" in shell script - differ from that of python. - - This function converts environment variables to python boolean True or False in - case-insensitive, expected ways to avoid pitfalls: - - "True", "true", and "1" become True - "False", "false", and "0" become False - unset or empty becomes False by default (toggle with 'default' parameter.) - any other value becomes True by default (toggle with 'unknown' parameter.) - - """ - return { - 'true': True, '1': True, # 't': True, - 'false': False, '0': False, # 'f': False. - '': default, - }.get(os.getenv(key, '').lower(), unknown) diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/gunicorn.ini b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/gunicorn.ini deleted file mode 100644 index 29cca7db93..0000000000 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/gunicorn.ini +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -bind = ":80" -chdir = '/srv' -pidfile = '/tmp/ice-project-master.pid' -backlog = '5000' -errorlog = '-' -loglevel = 'info' diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/storage.py b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/storage.py deleted file mode 100644 index c76046a329..0000000000 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/storage.py +++ /dev/null @@ -1,48 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -""" -storage.py - -In order to make Django store trusted static files and untrusted media -(user-uploaded) files in separate s3 buckets, we must create two different -storage classes. - -https://www.caktusgroup.com/blog/2014/11/10/Using-Amazon-S3-to-store-your-Django-sites-static-and-media-files/ -http://www.leehodgkinson.com/blog/my-mezzanine-s3-setup/ - -""" - -# FIXME this module never changes so might not need not be kept in a -# configmap. Also it is (almost) the same as what we use in cms. - -# There is a newer storage based on boto3 but that doesn't support changing -# the HOST, as we need to for non-amazon s3 services. It does support an -# "endpoint"; setting AWS_S3_ENDPOINT_URL may cause it to work. -from storages.backends.s3boto import S3BotoStorage -from django.conf import settings - - -# NOTE for some reason, collectstatic uploads to bucket/location but the -# urls constructed are domain/location -class S3StaticStorage(S3BotoStorage): - custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.STATIC_BUCKET) - bucket_name = settings.STATIC_BUCKET - # location = ... - - -class S3MediaStorage(S3BotoStorage): - custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.MEDIA_BUCKET) - bucket_name = settings.MEDIA_BUCKET - # location = ... diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-em-uwsgi/templates/deployment.yaml deleted file mode 100644 index 744115b15e..0000000000 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/templates/deployment.yaml +++ /dev/null @@ -1,133 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: onapkey - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: 80 - - containerPort: 9000 - volumeMounts: - - name: em-settings - mountPath: /opt/configmaps/settings/ - - name: site-crt - mountPath: /opt/secrets/site-crt/ - env: - - name: ENVIRONMENT - value: "development" - - name: PROGRAM_NAME_URL_PREFIX - value: "vvp" - - name: SERVICE_PROVIDER - value: "NA" - - name: PROGRAM_NAME - value: "VVP" - - name: SERVICE_PROVIDER_DOMAIN - value: "na.com" - - name: SECRET_KEY - valueFrom: - secretKeyRef: {name: em-secret, key: key} - - name: EMAIL_HOST - value: "localhost" - - name: EMAIL_HOST_USER - value: "example" - - name: EMAIL_PORT - value: "25" - - name: EMAIL_HOST_PASSWORD - valueFrom: - secretKeyRef: {name: email-secret, key: password} - - name: PGHOST - value: vvp-postgres - - name: PGPORT - value: "5432" - - name: PGDATABASE - value: icedb - - name: PGUSER - value: "em_postgresuser" - - name: PGPASSWORD - valueFrom: - secretKeyRef: {name: postgresql-passwords, key: emPassword} - - name: DOMAIN - value: https://development.vvp.example.com - - name: ICE_EM_DOMAIN_NAME - value: https://development.vvp.example.com - - name: CONTACT_FROM_ADDRESS - value: "example" - - name: OAUTHLIB_INSECURE_TRANSPORT - value: "1" - - name: SECRET_WEBHOOK_TOKEN - valueFrom: - secretKeyRef: {name: em-secret, key: em_webhook_token} - - name: SECRET_GITLAB_AUTH_TOKEN - valueFrom: - secretKeyRef: {name: gitlab-password, key: auth-token} - - name: SECRET_JENKINS_PASSWORD - valueFrom: - secretKeyRef: {name: em-secret, key: jenkins_admin_password} - - name: SECRET_CMS_APP_CLIENT_ID - valueFrom: - secretKeyRef: {name: em-secret, key: cms_app_client_id} - - name: SECRET_CMS_APP_CLIENT_SECRET - valueFrom: - secretKeyRef: {name: em-secret, key: cms_app_client_secret} - - name: STATIC_ROOT - value: "/app/htdocs" - - name: DJANGO_DEBUG_MODE - value: "True" - - name: SLACK_API_TOKEN - valueFrom: - secretKeyRef: {name: em-secret, key: slack_api_token} - - name: ENGAGEMENTS_CHANNEL - value: "" - - name: ENGAGEMENTS_NOTIFICATIONS_CHANNEL - value: "" - - name: DEVOPS_CHANNEL - value: "" - - name: DEVOPS_NOTIFICATIONS_CHANNEL - value: "" - - name: S3_HOST - value: "dev-s3.vvp.example.com" - - name: S3_PORT - value: "443" - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: {name: em-secret, key: aws_access_key_id} - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: {name: em-secret, key: aws_secret_access_key} - command: ["/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "vvp.wsgi:application", ] - volumes: - - name: site-crt - secret: - secretName: site-crt - - name: em-settings - configMap: - name: {{ include "common.fullname" . }}-settings diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/templates/service.yaml b/kubernetes/vvp/charts/vvp-em-uwsgi/templates/service.yaml deleted file mode 100644 index a4260013a4..0000000000 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/templates/service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/values.yaml b/kubernetes/vvp/charts/vvp-em-uwsgi/values.yaml deleted file mode 100644 index a96ca26119..0000000000 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/values.yaml +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/vvp/engagementmgr:1.0.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - internalPort: 80 - portName: em - -ingress: - enabled: false diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/Chart.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/Chart.yaml deleted file mode 100644 index 721912d3c9..0000000000 --- a/kubernetes/vvp/charts/vvp-ext-haproxy/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: load balancer for external transport -name: vvp-ext-haproxy -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/resources/config/ext-haproxy-cfg/file b/kubernetes/vvp/charts/vvp-ext-haproxy/resources/config/ext-haproxy-cfg/file deleted file mode 100644 index ca7b40a7bc..0000000000 --- a/kubernetes/vvp/charts/vvp-ext-haproxy/resources/config/ext-haproxy-cfg/file +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -resolvers dns - nameserver pod_dns "10.3.0.10:53" - resolve_retries 3 - timeout retry 1s - hold valid 30s - -defaults - mode http - timeout connect 5000ms - timeout client 50000ms - timeout server 50000ms - option httpclose - option redispatch - option abortonclose - option httplog - option dontlognull - default-server init-addr last,libc,none - -backend gitlab_ssh - mode tcp - option tcplog - timeout server 2h - server gitlabssh vvp-gitlab:22 resolvers dns - -frontend gitlab_ssh_frontend - mode tcp - option tcplog - timeout client 2h - bind 0.0.0.0:22 - acl is_ssh dst_port 22 - use_backend gitlab_ssh if is_ssh - -backend portal_backend - mode http - server ice_portal vvp:8181 resolvers dns - -backend api - mode http - server engagement_manager vvp-em-uwsgi:80 resolvers dns - -backend s3 - mode http - balance roundrobin - option httpchk HEAD / - server ceph-01 10.252.0.21:8080 check inter 10000ms - -frontend portal - mode http - acl is_api_call path_beg -i /vvp - acl is_s3 hdr_beg(host) s3. staging-s3. dev-s3. - use_backend api if is_api_call - use_backend s3 if is_s3 - bind 0.0.0.0:80 - bind 0.0.0.0:443 ssl crt /etc/haproxy/site.pem force-tlsv12 - default_backend portal_backend - -listen stats - bind 0.0.0.0:9001 - mode http - stats enable # Enable stats page - stats realm Haproxy\ Statistics - stats uri /haproxy_stats - stats auth "${HAPROXY_USER}:${HAPROXY_PASS}" - acl network_allowed src 10.252.0.0/16 127.0.0.1/32 10.2.0.0/16 - http-request deny if !network_allowed diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/configmap.yaml deleted file mode 100644 index 0bb0e264cb..0000000000 --- a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/configmap.yaml +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-cfg - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/ext-haproxy-cfg/*").AsConfig . | indent 2 }} diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/deployment.yaml deleted file mode 100644 index 74a0ad2702..0000000000 --- a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/deployment.yaml +++ /dev/null @@ -1,66 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: onapkey - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: 80 - - containerPort: 22 - - containerPort: 443 - - containerPort: 9001 - env: - - name: HAPROXY_USER - valueFrom: - secretKeyRef: - name: haproxy-auth - key: user - - name: HAPROXY_PASS - valueFrom: - secretKeyRef: - name: haproxy-auth - key: pass - volumeMounts: - - mountPath: /usr/local/etc/haproxy/ - name: ext-haproxy-cfg - - mountPath: /etc/haproxy/ - name: site-pem - volumes: - - name: ext-haproxy-cfg - configMap: - name: {{ include "common.fullname" . }}-cfg - items: - - key: file - path: haproxy.cfg - - name: site-pem - secret: - secretName: site-pem diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/service.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/service.yaml deleted file mode 100644 index bcc41c1671..0000000000 --- a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/service.yaml +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort1 }} - name: {{ .Values.service.portName1 }} - - port: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - - port: {{ .Values.service.internalPort3 }} - name: {{ .Values.service.portName3 }} - - port: {{ .Values.service.internalPort4 }} - name: {{ .Values.service.portName4 }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/values.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/values.yaml deleted file mode 100644 index 88b32d7d77..0000000000 --- a/kubernetes/vvp/charts/vvp-ext-haproxy/values.yaml +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: docker.io -image: haproxy:1.7.2-alpine -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: NodePort - portName1: web - internalPort1: 80 - portName2: ssl - internalPort2: 443 - portName3: ssh - internalPort3: 22 - portName4: stats - internalPort4: 9000 - -ingress: - enabled: false diff --git a/kubernetes/vvp/charts/vvp-gitlab/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-gitlab/templates/configmap.yaml deleted file mode 100644 index 821b5b7dc9..0000000000 --- a/kubernetes/vvp/charts/vvp-gitlab/templates/configmap.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: gitlab-password - namespace: {{ include "common.namespace" . }} -type: Opaque -data: - password: "YW82aWo2d29oV2VpcXU0ZQ==" - auth-token: "amFkdTZ5b2hqYWl5OFdvYjBJZUs=" ---- -kind: Secret -apiVersion: v1 -metadata: - name: jenkins-deploykey - namespace: {{ include "common.namespace" . }} -type: Opaque -data: - deploykey.pub: "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUlQWFNQT2ppSkYvWEdicmNpVXNja1hMbFA0Q0ZHNS9POHErQ0xRZW1CTlE=" diff --git a/kubernetes/vvp/charts/vvp-gitlab/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-gitlab/templates/deployment.yaml deleted file mode 100644 index 788724140c..0000000000 --- a/kubernetes/vvp/charts/vvp-gitlab/templates/deployment.yaml +++ /dev/null @@ -1,71 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - containers: - - name: {{ include "common.name" . }} - image: {{ include "common.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort1 }} - - containerPort: {{ .Values.service.internalPort2 }} - securityContext: - privileged: true - volumeMounts: - - mountPath: /var/opt/gitlab - name: gitlab - subPath: var/opt/gitlab - - mountPath: /etc/gitlab - name: gitlab - subPath: etc/gitlab - - mountPath: /var/log/gitlab - name: gitlab - subPath: var/log/gitlab - - mountPath: /tmp/deploykey - name: jenkins-deploykey - env: - - name: ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: gitlab-password - key: password - - name: AUTHENTICATION_TOKEN - valueFrom: - secretKeyRef: - name: gitlab-password - key: auth-token - - name: EXTERNAL_URL - value: "http://vvp-gitlab" - volumes: - - name: gitlab - emptyDir: {} - - name: jenkins-deploykey - secret: - secretName: jenkins-deploykey - imagePullSecrets: - - name: onapkey diff --git a/kubernetes/vvp/charts/vvp-gitlab/templates/service.yaml b/kubernetes/vvp/charts/vvp-gitlab/templates/service.yaml deleted file mode 100644 index dd4a9cd33b..0000000000 --- a/kubernetes/vvp/charts/vvp-gitlab/templates/service.yaml +++ /dev/null @@ -1,30 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort1 }} - name: {{ .Values.service.portName1 }} - - port: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-imagescanner/Chart.yaml b/kubernetes/vvp/charts/vvp-imagescanner/Chart.yaml deleted file mode 100644 index f0b00dcf98..0000000000 --- a/kubernetes/vvp/charts/vvp-imagescanner/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: scan for validity and viruses on users files -name: vvp-imagescanner -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-imagescanner/resources/config/imagescanner/imagescannerconfig.py b/kubernetes/vvp/charts/vvp-imagescanner/resources/config/imagescanner/imagescannerconfig.py deleted file mode 100644 index 1777b13ae0..0000000000 --- a/kubernetes/vvp/charts/vvp-imagescanner/resources/config/imagescanner/imagescannerconfig.py +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import os -from pathlib import Path -from awsauth import S3Auth -# A mapping from host names to Requests Authentication Objects; see -# http://docs.python-requests.org/en/master/user/authentication/ -AUTHS = {} -if 'S3_HOST' in os.environ: - AUTHS[os.environ['S3_HOST']] = S3Auth( - os.environ['AWS_ACCESS_KEY_ID'], - os.environ['AWS_SECRET_ACCESS_KEY'], - service_url='https://%s/' % os.environ['S3_HOST'] - ) -LOGS_PATH = Path(os.environ['IMAGESCANNER_LOGS_PATH']) -STATUSFILE = LOGS_PATH/'status.txt' -# A dict passed as kwargs to jenkins.Jenkins constructor. -JENKINS = { - 'url': 'http://jenkins:8080', - 'username': 'admin', - 'password': os.environ['SECRET_JENKINS_PASSWORD'], - } diff --git a/kubernetes/vvp/charts/vvp-imagescanner/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-imagescanner/templates/configmap.yaml deleted file mode 100644 index 59d60666ef..0000000000 --- a/kubernetes/vvp/charts/vvp-imagescanner/templates/configmap.yaml +++ /dev/null @@ -1,91 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: imagescanner-settings - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/imagescanner/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: slack-tokens - namespace: {{ include "common.namespace" . }} -type: Opaque -data: - notifications: "" ---- -kind: Secret -apiVersion: v1 -metadata: - name: imagescanner-ssh - namespace: {{ include "common.namespace" . }} -type: Opaque -data: - # FIXME the imagescanner really should have its own private key, but then we - # have to adjust the gitlab wrapper script to set two public keys as - # deploykeys. - id_ed25519: "LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFNd0FBQUF0emMyZ3RaVwpReU5UVXhPUUFBQUNDRDEwanpvNGlSZjF4bTYzSWxMSEpGeTVUK0FoUnVmenZLdmdpMEhwZ1RVQUFBQUpqV3dKZDkxc0NYCmZRQUFBQXR6YzJndFpXUXlOVFV4T1FBQUFDQ0QxMGp6bzRpUmYxeG02M0lsTEhKRnk1VCtBaFJ1Znp2S3ZnaTBIcGdUVUEKQUFBRUFXRktNV0xsNkZnRUJ1Zzk3MSthdE5ZQnQ4R2R1V3pDWWd0L2o5VHU0U2g0UFhTUE9qaUpGL1hHYnJjaVVzY2tYTApsUDRDRkc1L084cStDTFFlbUJOUUFBQUFFM0JoZFd4QVVHRjFiQ2R6SUUxaFl5QlFjbThCQWc9PQotLS0tLUVORCBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0K" ---- -kind: ConfigMap -apiVersion: v1 -metadata: - name: site-certificate - namespace: {{ include "common.namespace" . }} -data: - site.crt: | - -----BEGIN CERTIFICATE----- - MIIDEDCCAfgCCQDhahVKE9/eUjANBgkqhkiG9w0BAQsFADBKMRAwDgYDVQQKDAdF - eGFtcGxlMRAwDgYDVQQLDAdleGFtcGxlMSQwIgYDVQQDDBtkZXZlbG9wbWVudC52 - dnAuZXhhbXBsZS5jb20wHhcNMTcxMjI0MTUzOTA3WhcNMTgxMjI0MTUzOTA3WjBK - MRAwDgYDVQQKDAdFeGFtcGxlMRAwDgYDVQQLDAdleGFtcGxlMSQwIgYDVQQDDBtk - ZXZlbG9wbWVudC52dnAuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB - DwAwggEKAoIBAQCkvNGXe+bdvL2kvrP2L3WABt2WCFoZ2Pn8Px0eEsRiJHVD0eWz - rgJYHFJu0C0cK9NYSKxVVI8LnKH7Ny5MFfM4Tqyr3UEOLs+fSwaAqM5tSyZU/tEK - ractA7bi9fDk2lkcs+LLuZMqGPZ37UZcZwsUQ0BONHP668LqkWqT9hNLIN4ejInr - 32WA3Y7hPNd8Cj+AaLt1x2cXYzi9hrE5l3h9ofkOpXsgDzeIHlp4jJ6kXXQf8UM5 - 1viqa2CWXHBHEG+5eftLSaeE6LAlNt5IJ6LcWEZgNtXr2es4LJC3FjXrv0gc04Cp - U2OfizpbhT11cLGaeXOq1cUCXNIb4FcJApoXAgMBAAEwDQYJKoZIhvcNAQELBQAD - ggEBAFGPDG9iurAhUKbFkY97xLA443U01bdwi7eAT5T9qo/RzOwcbuKWXVm1k5HK - CQO81nlLqLQwhI1+uTTmR41epuJxyGIaDgUySB+8fLzyRSIFaxKD+UeVPgipDNZs - h0sKSKrO6MoWzMLUYvdZRw6VIc+UpSCqPY+FKUBUHZtMpSFLnhHjRvVkiP4VvFXj - b7jQzHughzeITygws42fKK/MK7wQ6byaMVRbPbQKPAXNxd/UrSPeX+RzKRWOZ6R8 - Ulyp7dezXCP77UaTZTsxwlurPQIZNMshDxE/SbWt0Q1g28rj5KfAjoZs5Tg/gmQ8 - LLKI/b1OvKohaANGZ6We5U+ceeU= - -----END CERTIFICATE----- - wrapper.sh: | - #!/bin/sh - # This script is meant to be used as a wrapper, so that it can be easily - # used with docker or kubernetes' container command specification. - # - # Kubernetes' volumeMount creates symlinks for configMapped files at the - # target directory. - # Alpine's update-ca-certificates ignores symlinks. - # So we must contrive to copy the contents of the mounted cert (a symlink) - # into place as a normal file. - dev_cert="${0%/*}/site.crt" - echo >&2 "$0: Checking for site CA certificate at $dev_cert..." - if [ -s "$dev_cert" ]; then - echo >&2 "$0: Updating container CA certificate bundle with site certificate..." - cp -L "$dev_cert" /usr/local/share/ca-certificates/ - update-ca-certificates - else - echo >&2 "$0: No site CA certificate found." - fi - echo >&2 "$0: Launching command: $@" - exec "$@" - diff --git a/kubernetes/vvp/charts/vvp-imagescanner/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-imagescanner/templates/deployment.yaml deleted file mode 100644 index d01a7d6960..0000000000 --- a/kubernetes/vvp/charts/vvp-imagescanner/templates/deployment.yaml +++ /dev/null @@ -1,123 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: onapkey - containers: - - name: imagescanner-worker - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - command: - - "sh" - - "/opt/site-certificate/wrapper.sh" - - "/usr/local/bin/imagescanner-worker" - securityContext: - privileged: true - volumeMounts: - - name: imagescanner-ssh - mountPath: /root/.ssh - - name: dev - mountPath: /dev - - name: logs - mountPath: /var/log/imagescanner - - name: imagescanner-settings - mountPath: /opt/imagescanner-settings - - name: site-certificate - mountPath: /opt/site-certificate - env: - - name: PYTHONPATH - value: /opt/imagescanner-settings - - name: S3_HOST - value: "dev-s3.vvp.example.com" - - name: S3_PORT - value: "443" - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: {name: em-secret, key: aws_access_key_id} - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: {name: em-secret, key: aws_secret_access_key} - - name: SECRET_JENKINS_PASSWORD - value: '' - - name: REQUESTS_CA_BUNDLE - value: /etc/ssl/certs/ca-certificates.crt - - - name: notifications-worker - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - command: ["/usr/local/bin/notifications-worker"] - securityContext: - privileged: true - env: - - name: SLACK_TOKEN - valueFrom: - secretKeyRef: {name: slack-tokens, key: notifications} - - name: DOMAIN - value: "dev-em.vvp.example.com" - - name: PYTHONPATH - value: /opt/imagescanner-settings - - name: SECRET_JENKINS_PASSWORD - valueFrom: - secretKeyRef: {name: em-secret, key: jenkins_admin_password} - volumeMounts: - - name: imagescanner-settings - mountPath: /opt/imagescanner-settings - - - name: imagescanner-frontend - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - command: ["/usr/local/bin/imagescanner-frontend"] - securityContext: - privileged: true - ports: - - containerPort: 80 - volumeMounts: - - name: logs - mountPath: /var/log/imagescanner - - name: imagescanner-settings - mountPath: /opt/imagescanner-settings - env: - - name: DEFAULT_SLACK_CHANNEL - value: "#notifications" - - name: SECRET_JENKINS_PASSWORD - value: '' - - volumes: - - name: imagescanner-ssh - secret: - secretName: imagescanner-ssh - defaultMode: 0600 - - name: dev - hostPath: - path: /dev - - name: logs - emptyDir: {} - - name: imagescanner-settings - configMap: - name: imagescanner-settings - - name: site-certificate - configMap: - name: site-certificate diff --git a/kubernetes/vvp/charts/vvp-imagescanner/templates/service.yaml b/kubernetes/vvp/charts/vvp-imagescanner/templates/service.yaml deleted file mode 100644 index a4260013a4..0000000000 --- a/kubernetes/vvp/charts/vvp-imagescanner/templates/service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-imagescanner/values.yaml b/kubernetes/vvp/charts/vvp-imagescanner/values.yaml deleted file mode 100644 index ed62413c4f..0000000000 --- a/kubernetes/vvp/charts/vvp-imagescanner/values.yaml +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/vvp/image-scanner:1.0.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - internalPort: 80 - portName: web - -ingress: - enabled: false diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/Chart.yaml b/kubernetes/vvp/charts/vvp-int-haproxy/Chart.yaml deleted file mode 100644 index b2a1de80ad..0000000000 --- a/kubernetes/vvp/charts/vvp-int-haproxy/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: load balancer for internal (container to container) transport -name: vvp-int-haproxy -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/resources/config/int-haproxy-cfg/file b/kubernetes/vvp/charts/vvp-int-haproxy/resources/config/int-haproxy-cfg/file deleted file mode 100644 index d497ba48b6..0000000000 --- a/kubernetes/vvp/charts/vvp-int-haproxy/resources/config/int-haproxy-cfg/file +++ /dev/null @@ -1,88 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -resolvers dns - nameserver pod_dns "10.3.0.10:53" - resolve_retries 3 - timeout retry 1s - hold valid 30s - -defaults - mode http - timeout connect 5000ms - timeout client 50000ms - timeout server 50000ms - option httpclose - option redispatch - option abortonclose - option httplog - option dontlognull - default-server init-addr last,libc,none - -backend gitlab_web_backend - mode http - server gitlab_web_1 vvp-gitlab:80 resolvers dns - -frontend gitlab_web - mode http - bind 0.0.0.0:80 - - acl is_scanner path_beg /imagescanner - acl is_em_admin hdr_beg(host) em. staging-em. dev-em. - acl is_cms hdr_beg(host) cms. staging-cms. dev-cms. - acl is_ci_admin hdr_beg(host) staging-ci. dev-ci. - acl is_s3 hdr_beg(host) s3. staging-s3. dev-s3. - - use_backend imagescanner if is_em_admin is_scanner - use_backend cms if is_cms - use_backend api if is_em_admin - use_backend ci if is_ci_admin - use_backend s3 if is_s3 - - default_backend gitlab_web_backend - -backend s3 - mode http - balance roundrobin - server ceph-01 10.252.0.21:8080 - -backend cms - mode http - server cms_server vvp-cms-uwsgi:80 resolvers dns - -backend api - mode http - server engagement_manager vvp-em-uwsgi:80 resolvers dns - -backend ci - mode http - server ci_test vvp-ci-uwsgi:8282 resolvers dns - -listen jenkins - bind 0.0.0.0:8080 - server jenkins vvp-jenkins:8080 resolvers dns - -backend imagescanner - mode http - server imagescanner vvp-imagescanner:80 resolvers dns - -listen stats - bind 0.0.0.0:9000 - mode http - stats enable # Enable stats page - stats realm Haproxy\ Statistics - stats uri /haproxy_stats - stats auth "${HAPROXY_USER}:${HAPROXY_PASS}" - acl network_allowed src 10.252.0.0/16 127.0.0.1/32 10.2.0.0/16 - block if !network_allowed diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-int-haproxy/templates/configmap.yaml deleted file mode 100644 index 255f8f9e78..0000000000 --- a/kubernetes/vvp/charts/vvp-int-haproxy/templates/configmap.yaml +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-cfg - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/int-haproxy-cfg/*").AsConfig . | indent 2 }} diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-int-haproxy/templates/deployment.yaml deleted file mode 100644 index 7c7db4ccbb..0000000000 --- a/kubernetes/vvp/charts/vvp-int-haproxy/templates/deployment.yaml +++ /dev/null @@ -1,60 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: onapkey - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: 80 - - containerPort: 8080 - - containerPort: 9000 - env: - - name: HAPROXY_USER - valueFrom: - secretKeyRef: - name: haproxy-auth - key: user - - name: HAPROXY_PASS - valueFrom: - secretKeyRef: - name: haproxy-auth - key: pass - volumeMounts: - - mountPath: /usr/local/etc/haproxy/ - name: int-haproxy-cfg - volumes: - - name: int-haproxy-cfg - configMap: - name: {{ include "common.fullname" . }}-cfg - items: - - key: file - path: haproxy.cfg diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/templates/service.yaml b/kubernetes/vvp/charts/vvp-int-haproxy/templates/service.yaml deleted file mode 100644 index 1f8fa2cd64..0000000000 --- a/kubernetes/vvp/charts/vvp-int-haproxy/templates/service.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort1 }} - name: {{ .Values.service.portName1 }} - - port: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - - port: {{ .Values.service.internalPort3 }} - name: {{ .Values.service.portName3 }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/values.yaml b/kubernetes/vvp/charts/vvp-int-haproxy/values.yaml deleted file mode 100644 index 8a304b4cf5..0000000000 --- a/kubernetes/vvp/charts/vvp-int-haproxy/values.yaml +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: docker.io -image: haproxy:1.7.2-alpine -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: NodePort - portName1: web - internalPort1: 80 - portName2: jenkins - internalPort2: 8080 - portName3: stats - internalPort3: 9000 - -ingress: - enabled: false diff --git a/kubernetes/vvp/charts/vvp-jenkins/Chart.yaml b/kubernetes/vvp/charts/vvp-jenkins/Chart.yaml deleted file mode 100644 index 190312fcb0..0000000000 --- a/kubernetes/vvp/charts/vvp-jenkins/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: run validation tasks -name: vvp-jenkins -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-jenkins/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-jenkins/templates/configmap.yaml deleted file mode 100644 index ba58c32eab..0000000000 --- a/kubernetes/vvp/charts/vvp-jenkins/templates/configmap.yaml +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: Secret -apiVersion: v1 -metadata: - name: jenkins-users-admin - namespace: {{ include "common.namespace" . }} -type: Opaque -data: - config.xml: "PD94bWwgdmVyc2lvbj0nMS4wJyBlbmNvZGluZz0nVVRGLTgnPz4KPHVzZXI+CiAgPGZ1bGxOYW1lPmFkbWluPC9mdWxsTmFtZT4KICA8ZGVzY3JpcHRpb24+PC9kZXNjcmlwdGlvbj4KICA8cHJvcGVydGllcz4KICAgIDxodWRzb24uc2VjdXJpdHkuSHVkc29uUHJpdmF0ZVNlY3VyaXR5UmVhbG1fLURldGFpbHM+CiAgICAgIDxwYXNzd29yZEhhc2g+I2piY3J5cHQ6JDJhJDEwJERyaXVLdThPcTdpaWhtdi80bzlKOHV6cmg2QlVBaUtuejMuM21EMXBDb2dzUHJnOW42M1pXPC9wYXNzd29yZEhhc2g+CiAgICA8L2h1ZHNvbi5zZWN1cml0eS5IdWRzb25Qcml2YXRlU2VjdXJpdHlSZWFsbV8tRGV0YWlscz4KICA8L3Byb3BlcnRpZXM+CjwvdXNlcj4K" ---- -kind: Secret -apiVersion: v1 -metadata: - name: jenkins-ssh - namespace: {{ include "common.namespace" . }} -type: Opaque -data: - # .ssh/config isn't really a secret, but it's the easiest way to get it into - # the same directory as the key - config: "SG9zdCAqClVzZXJLbm93bkhvc3RzRmlsZSAvZGV2L251bGwKU3RyaWN0SG9zdEtleUNoZWNraW5nIG5vCklkZW50aXR5RmlsZSAiL3Zhci9qZW5raW5zX2hvbWUvLnNzaC9pZF9lZDI1NTE5Igo=" - id_ed25519: "LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFNd0FBQUF0emMyZ3RaVwpReU5UVXhPUUFBQUNDRDEwanpvNGlSZjF4bTYzSWxMSEpGeTVUK0FoUnVmenZLdmdpMEhwZ1RVQUFBQUpqV3dKZDkxc0NYCmZRQUFBQXR6YzJndFpXUXlOVFV4T1FBQUFDQ0QxMGp6bzRpUmYxeG02M0lsTEhKRnk1VCtBaFJ1Znp2S3ZnaTBIcGdUVUEKQUFBRUFXRktNV0xsNkZnRUJ1Zzk3MSthdE5ZQnQ4R2R1V3pDWWd0L2o5VHU0U2g0UFhTUE9qaUpGL1hHYnJjaVVzY2tYTApsUDRDRkc1L084cStDTFFlbUJOUUFBQUFFM0JoZFd4QVVHRjFiQ2R6SUUxaFl5QlFjbThCQWc9PQotLS0tLUVORCBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0K" diff --git a/kubernetes/vvp/charts/vvp-jenkins/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-jenkins/templates/deployment.yaml deleted file mode 100644 index e0b0a3c5fe..0000000000 --- a/kubernetes/vvp/charts/vvp-jenkins/templates/deployment.yaml +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: onapkey - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - ports: - - containerPort: 8080 - volumeMounts: - - name: jenkins-home - mountPath: /var/jenkins_home - - name: jenkins-users-admin - mountPath: /var/jenkins_home/users/admin - - name: jenkins-ssh - mountPath: /var/jenkins_home/.ssh - volumes: - - name: jenkins-home - emptyDir: {} - - name: jenkins-users-admin - secret: - secretName: jenkins-users-admin - - name: jenkins-ssh - secret: - secretName: jenkins-ssh - diff --git a/kubernetes/vvp/charts/vvp-jenkins/templates/service.yaml b/kubernetes/vvp/charts/vvp-jenkins/templates/service.yaml deleted file mode 100644 index a4260013a4..0000000000 --- a/kubernetes/vvp/charts/vvp-jenkins/templates/service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-jenkins/values.yaml b/kubernetes/vvp/charts/vvp-jenkins/values.yaml deleted file mode 100644 index 083f88a663..0000000000 --- a/kubernetes/vvp/charts/vvp-jenkins/values.yaml +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/vvp/jenkins:1.0.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: NodePort - internalPort: 8080 - portName: jenkins - -ingress: - enabled: false diff --git a/kubernetes/vvp/charts/vvp-postgres/Chart.yaml b/kubernetes/vvp/charts/vvp-postgres/Chart.yaml deleted file mode 100644 index 3f4811b7c4..0000000000 --- a/kubernetes/vvp/charts/vvp-postgres/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: store all data of engagement manager -name: vvp-postgres -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/conf/postgresql.conf b/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/conf/postgresql.conf deleted file mode 100644 index 46dec02e65..0000000000 --- a/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/conf/postgresql.conf +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# -# initdb defaults -# -listen_addresses = '*' # what IP address(es) to listen on; -max_connections = 100 # (change requires restart) -shared_buffers = 32MB # min 128kB -datestyle = 'iso, mdy' -lc_messages = 'en_US.UTF-8' # locale for system error message -lc_monetary = 'en_US.UTF-8' # locale for monetary formatting -lc_numeric = 'en_US.UTF-8' # locale for number formatting -lc_time = 'en_US.UTF-8' # locale for time formatting -default_text_search_config = 'pg_catalog.english' -log_line_prefix = 'user=%u,db=%d ' -# -# our customizations -# -dynamic_shared_memory_type = posix -log_timezone = 'UTC' -timezone = 'UTC' diff --git a/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/cms_db.sh b/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/cms_db.sh deleted file mode 100644 index c2a1f6b6f7..0000000000 --- a/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/cms_db.sh +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# sourced, not executed, by docker-entrypoint.sh (/bin/bash) - -# defaults -: ${ICE_CMS_DB_USER:="icecmsuser"} -: ${ICE_CMS_DB_NAME:="icecmsdb"} -: ${ICE_CMS_DB_PASSWORD:="na"} - -psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<- EOF - CREATE USER ${ICE_CMS_DB_USER} WITH CREATEDB PASSWORD '${ICE_CMS_DB_PASSWORD}'; - CREATE DATABASE ${ICE_CMS_DB_NAME} WITH OWNER ${ICE_CMS_DB_USER} ENCODING 'utf-8'; -EOF diff --git a/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/link_postgresql.sh b/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/link_postgresql.sh deleted file mode 100644 index 9ca36a141e..0000000000 --- a/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/link_postgresql.sh +++ /dev/null @@ -1,16 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# sourced, not executed, by docker-entrypoint.sh (/bin/bash) -ln -sf /etc/postgresql/conf.d/postgresql.conf "${PGDATA}"/postgresql.conf diff --git a/kubernetes/vvp/charts/vvp-postgres/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-postgres/templates/configmap.yaml deleted file mode 100644 index e5773f6e3f..0000000000 --- a/kubernetes/vvp/charts/vvp-postgres/templates/configmap.yaml +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: postgresql-conf - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/postgres/conf/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: postgresql-initdb - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/postgres/init/*").AsConfig . | indent 2 }} diff --git a/kubernetes/vvp/charts/vvp-postgres/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-postgres/templates/deployment.yaml deleted file mode 100644 index f02bcf0e44..0000000000 --- a/kubernetes/vvp/charts/vvp-postgres/templates/deployment.yaml +++ /dev/null @@ -1,72 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: onapkey - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: 5432 - volumeMounts: - - mountPath: /var/lib/postgresql/data - name: postgresql-data - - mountPath: /etc/postgresql/conf.d/ - name: postgresql-conf - - mountPath: /docker-entrypoint-initdb.d/ - name: postgresql-initdb - env: - - name: POSTGRES_DB - value: icedb - - name: ICE_CMS_DB_NAME - value: icecmsdb - - name: POSTGRES_USER - value: em_postgresuser - - name: ICE_CMS_DB_USER - value: cms_postgresuser - - name: ICE_CMS_DB_PASSWORD - valueFrom: - secretKeyRef: - name: postgresql-passwords - key: cmsPassword - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: postgresql-passwords - key: emPassword - volumes: - - name: postgresql-data - emptyDir: {} - - name: postgresql-conf - configMap: - name: postgresql-conf - - name: postgresql-initdb - configMap: - name: postgresql-initdb diff --git a/kubernetes/vvp/charts/vvp-postgres/templates/service.yaml b/kubernetes/vvp/charts/vvp-postgres/templates/service.yaml deleted file mode 100644 index a4260013a4..0000000000 --- a/kubernetes/vvp/charts/vvp-postgres/templates/service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-postgres/values.yaml b/kubernetes/vvp/charts/vvp-postgres/values.yaml deleted file mode 100644 index 000c049522..0000000000 --- a/kubernetes/vvp/charts/vvp-postgres/values.yaml +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/vvp/postgresql:1.0.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - name: vvp-postgres - portName: vvp-postgres - internalPort: 5432 - externalPort: 5432 - -ingress: - enabled: false diff --git a/kubernetes/vvp/charts/vvp-redis/Chart.yaml b/kubernetes/vvp/charts/vvp-redis/Chart.yaml deleted file mode 100644 index 4147dd265f..0000000000 --- a/kubernetes/vvp/charts/vvp-redis/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: in memory key-value store for all project -name: vvp-redis -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-redis/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-redis/templates/deployment.yaml deleted file mode 100644 index ee84c8b154..0000000000 --- a/kubernetes/vvp/charts/vvp-redis/templates/deployment.yaml +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - name: {{ include "common.name" . }} - spec: - hostname: {{ include "common.name" . }} - containers: - - args: - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/vvp/charts/vvp-redis/values.yaml b/kubernetes/vvp/charts/vvp-redis/values.yaml deleted file mode 100644 index 2eddd512da..0000000000 --- a/kubernetes/vvp/charts/vvp-redis/values.yaml +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: docker.io -image: redis:alpine -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - name: vvp-redis - portName: vvp-redis - internalPort: 6379 - externalPort: 6379 - -ingress: - enabled: false diff --git a/kubernetes/vvp/requirements.yaml b/kubernetes/vvp/requirements.yaml deleted file mode 100644 index 9f44c6df28..0000000000 --- a/kubernetes/vvp/requirements.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~3.0.0 - repository: '@local' diff --git a/kubernetes/vvp/resources/config/vvp/file b/kubernetes/vvp/resources/config/vvp/file deleted file mode 100644 index 3acdcd8673..0000000000 --- a/kubernetes/vvp/resources/config/vvp/file +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -pid /nginx.pid; -error_log /dev/stdout warn; - -http { - access_log /dev/stdout; - server { - listen 0.0.0.0:8181; - - location / { - include /etc/nginx/mime.types; - root /usr/share/nginx/html/; - } - - } -} - -events { - worker_connections 4096; -} diff --git a/kubernetes/vvp/resources/config/vvp/service_provider.json b/kubernetes/vvp/resources/config/vvp/service_provider.json deleted file mode 100644 index bcdbbc65fe..0000000000 --- a/kubernetes/vvp/resources/config/vvp/service_provider.json +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -{ - "serviceProvider": { - "name": "NA" - }, - "program": { - "name": "VVP" - } -} diff --git a/kubernetes/vvp/templates/configmap.yaml b/kubernetes/vvp/templates/configmap.yaml deleted file mode 100644 index 0c3eacdad2..0000000000 --- a/kubernetes/vvp/templates/configmap.yaml +++ /dev/null @@ -1,90 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: portal-nginx-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/vvp/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: onapkey -data: - .dockercfg: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOiB7InVzZXJuYW1lIjogImRvY2tlciIsICJwYXNzd29yZCI6ICJkb2NrZXIiLCAiZW1haWwiOiAiZW1haWxAZW1haWwuY29tIn19 -type: kubernetes.io/dockercfg ---- -apiVersion: v1 -kind: Secret -metadata: - name: em-secret -type: Opaque -data: - key: "IzkxZV9fdzNrPTc4MUB5KGVfIzZodTZ0JmgyNTQjdSkmYmorbTl0aHglayE2XiowNnI=" - em_webhook_token: "QWlwN29oeDFlaUhhZXNob2g5c2hhaWx1OWVleDd0aGE=" - gitlab_admin_password: "YW82aWo2d29oV2VpcXU0ZQ==" - jenkins_admin_password: "a29peWVCYWlUaDNrYWlOZw==" - cms_app_client_id: "RWVCNFhlaW1vb2M2eGllU2VlS2FoOGRhZTFlaXBhZTRvdGFlc2hlZQ==" - cms_app_client_secret: "aGFpTW9vcGllWmVlMXdlaTNsZWY0Z2FleWlhMnZhaHdvaHRoMG1haWQ5aXRoMnBoZWVzaGFpdGh1VG9vcjJKb2hzaGVpNWJhZXk3RWlxdWFldGhlaWI4cXVhaXF1ZWU3cGhpYXRoN2V1YjJhaU5haWMzb3U5dmFpemViZWlGNXU=" - slack_api_token: "" - aws_access_key_id: "MlpCMTlVOUQ4SzZYVkpHNzVWWDA=" - aws_secret_access_key: "N3hWV2Vxc0xJb3RLT3VhMHh2aGFwSXNDdDFWVTB4Nk0yRTRmVFJLTw==" ---- -kind: Secret -apiVersion: v1 -metadata: - name: email-secret -type: Opaque -data: - password: "RVhBTVBMRQ==" ---- -kind: Secret -apiVersion: v1 -metadata: - name: site-crt -type: Opaque -data: - # the public part of the certificate, not actually a secret. - site.crt: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURFRENDQWZnQ0NRRGhhaFZLRTkvZVVqQU5CZ2txaGtpRzl3MEJBUXNGQURCS01SQXdEZ1lEVlFRS0RBZEYKZUdGdGNHeGxNUkF3RGdZRFZRUUxEQWRsZUdGdGNHeGxNU1F3SWdZRFZRUUREQnRrWlhabGJHOXdiV1Z1ZEM1MgpkbkF1WlhoaGJYQnNaUzVqYjIwd0hoY05NVGN4TWpJME1UVXpPVEEzV2hjTk1UZ3hNakkwTVRVek9UQTNXakJLCk1SQXdEZ1lEVlFRS0RBZEZlR0Z0Y0d4bE1SQXdEZ1lEVlFRTERBZGxlR0Z0Y0d4bE1TUXdJZ1lEVlFRRERCdGsKWlhabGJHOXdiV1Z1ZEM1MmRuQXVaWGhoYlhCc1pTNWpiMjB3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQgpEd0F3Z2dFS0FvSUJBUUNrdk5HWGUrYmR2TDJrdnJQMkwzV0FCdDJXQ0ZvWjJQbjhQeDBlRXNSaUpIVkQwZVd6CnJnSllIRkp1MEMwY0s5TllTS3hWVkk4TG5LSDdOeTVNRmZNNFRxeXIzVUVPTHMrZlN3YUFxTTV0U3laVS90RUsKcmFjdEE3Ymk5ZkRrMmxrY3MrTEx1Wk1xR1BaMzdVWmNad3NVUTBCT05IUDY2OExxa1dxVDloTkxJTjRlaklucgozMldBM1k3aFBOZDhDaitBYUx0MXgyY1hZemk5aHJFNWwzaDlvZmtPcFhzZ0R6ZUlIbHA0ako2a1hYUWY4VU01CjF2aXFhMkNXWEhCSEVHKzVlZnRMU2FlRTZMQWxOdDVJSjZMY1dFWmdOdFhyMmVzNExKQzNGalhydjBnYzA0Q3AKVTJPZml6cGJoVDExY0xHYWVYT3ExY1VDWE5JYjRGY0pBcG9YQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRApnZ0VCQUZHUERHOWl1ckFoVUtiRmtZOTd4TEE0NDNVMDFiZHdpN2VBVDVUOXFvL1J6T3djYnVLV1hWbTFrNUhLCkNRTzgxbmxMcUxRd2hJMSt1VFRtUjQxZXB1Snh5R0lhRGdVeVNCKzhmTHp5UlNJRmF4S0QrVWVWUGdpcEROWnMKaDBzS1NLck82TW9Xek1MVVl2ZFpSdzZWSWMrVXBTQ3FQWStGS1VCVUhadE1wU0ZMbmhIalJ2VmtpUDRWdkZYagpiN2pRekh1Z2h6ZUlUeWd3czQyZktLL01LN3dRNmJ5YU1WUmJQYlFLUEFYTnhkL1VyU1BlWCtSektSV09aNlI4ClVseXA3ZGV6WENQNzdVYVRaVHN4d2x1clBRSVpOTXNoRHhFL1NiV3QwUTFnMjhyajVLZkFqb1pzNVRnL2dtUTgKTExLSS9iMU92S29oYUFOR1o2V2U1VStjZWVVPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==" ---- -piVersion: v1 -kind: Secret -metadata: - name: postgresql-passwords -type: Opaque -data: - emPassword: "ZW1fcG9zdGdyZXNwYXNz" - cmsPassword: "Y21zX3Bvc3RncmVzcGFzcw==" - ciPassword: "Y2lkYnBhc3M=" ---- -kind: Secret -apiVersion: v1 -metadata: - name: site-pem -type: Opaque -data: - site.pem: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURFRENDQWZnQ0NRRGhhaFZLRTkvZVVqQU5CZ2txaGtpRzl3MEJBUXNGQURCS01SQXdEZ1lEVlFRS0RBZEYKZUdGdGNHeGxNUkF3RGdZRFZRUUxEQWRsZUdGdGNHeGxNU1F3SWdZRFZRUUREQnRrWlhabGJHOXdiV1Z1ZEM1MgpkbkF1WlhoaGJYQnNaUzVqYjIwd0hoY05NVGN4TWpJME1UVXpPVEEzV2hjTk1UZ3hNakkwTVRVek9UQTNXakJLCk1SQXdEZ1lEVlFRS0RBZEZlR0Z0Y0d4bE1SQXdEZ1lEVlFRTERBZGxlR0Z0Y0d4bE1TUXdJZ1lEVlFRRERCdGsKWlhabGJHOXdiV1Z1ZEM1MmRuQXVaWGhoYlhCc1pTNWpiMjB3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQgpEd0F3Z2dFS0FvSUJBUUNrdk5HWGUrYmR2TDJrdnJQMkwzV0FCdDJXQ0ZvWjJQbjhQeDBlRXNSaUpIVkQwZVd6CnJnSllIRkp1MEMwY0s5TllTS3hWVkk4TG5LSDdOeTVNRmZNNFRxeXIzVUVPTHMrZlN3YUFxTTV0U3laVS90RUsKcmFjdEE3Ymk5ZkRrMmxrY3MrTEx1Wk1xR1BaMzdVWmNad3NVUTBCT05IUDY2OExxa1dxVDloTkxJTjRlaklucgozMldBM1k3aFBOZDhDaitBYUx0MXgyY1hZemk5aHJFNWwzaDlvZmtPcFhzZ0R6ZUlIbHA0ako2a1hYUWY4VU01CjF2aXFhMkNXWEhCSEVHKzVlZnRMU2FlRTZMQWxOdDVJSjZMY1dFWmdOdFhyMmVzNExKQzNGalhydjBnYzA0Q3AKVTJPZml6cGJoVDExY0xHYWVYT3ExY1VDWE5JYjRGY0pBcG9YQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRApnZ0VCQUZHUERHOWl1ckFoVUtiRmtZOTd4TEE0NDNVMDFiZHdpN2VBVDVUOXFvL1J6T3djYnVLV1hWbTFrNUhLCkNRTzgxbmxMcUxRd2hJMSt1VFRtUjQxZXB1Snh5R0lhRGdVeVNCKzhmTHp5UlNJRmF4S0QrVWVWUGdpcEROWnMKaDBzS1NLck82TW9Xek1MVVl2ZFpSdzZWSWMrVXBTQ3FQWStGS1VCVUhadE1wU0ZMbmhIalJ2VmtpUDRWdkZYagpiN2pRekh1Z2h6ZUlUeWd3czQyZktLL01LN3dRNmJ5YU1WUmJQYlFLUEFYTnhkL1VyU1BlWCtSektSV09aNlI4ClVseXA3ZGV6WENQNzdVYVRaVHN4d2x1clBRSVpOTXNoRHhFL1NiV3QwUTFnMjhyajVLZkFqb1pzNVRnL2dtUTgKTExLSS9iMU92S29oYUFOR1o2V2U1VStjZWVVPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCgotLS0tLUJFR0lOIFBSSVZBVEUgS0VZLS0tLS0KTUlJRXZRSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2N3Z2dTakFnRUFBb0lCQVFDa3ZOR1hlK2Jkdkwyawp2clAyTDNXQUJ0MldDRm9aMlBuOFB4MGVFc1JpSkhWRDBlV3pyZ0pZSEZKdTBDMGNLOU5ZU0t4VlZJOExuS0g3Ck55NU1GZk00VHF5cjNVRU9McytmU3dhQXFNNXRTeVpVL3RFS3JhY3RBN2JpOWZEazJsa2NzK0xMdVpNcUdQWjMKN1VaY1p3c1VRMEJPTkhQNjY4THFrV3FUOWhOTElONGVqSW5yMzJXQTNZN2hQTmQ4Q2orQWFMdDF4MmNYWXppOQpockU1bDNoOW9ma09wWHNnRHplSUhscDRqSjZrWFhRZjhVTTUxdmlxYTJDV1hIQkhFRys1ZWZ0TFNhZUU2TEFsCk50NUlKNkxjV0VaZ050WHIyZXM0TEpDM0ZqWHJ2MGdjMDRDcFUyT2ZpenBiaFQxMWNMR2FlWE9xMWNVQ1hOSWIKNEZjSkFwb1hBZ01CQUFFQ2dnRUFmaXVua3cvd2FBK3daOGN2YWZRN1dBenFGWWpjQ1VQbllzeXI3bWFOUm1XSgo4cUdGL2pIZDFjSUxXSmZVbE9qeiszL2RqWlV2NGNMYlJONmtkTjJ5NUlOTk9HeEM4U3ZsRkttUGwyYXlnMzYxCkl3L3U1dkROUTJxKzNlRmoyTU5xME5MdGR2N3d1YU5ZMGMxR3dHcWpUNmVhVHN0WnNPcDA1TmJ1KzlmU093ejgKcHJFOUVxU2FpbHBjMFpIMDNUb0JDY1ZpTFBRN0RDeWkzd0QvTHFaWXlqbnNKdnBWVjFGV2paTWRNQjVCTHlQNQp2Wkg5Qk1iQ0Eva2YrUDVYVjBtUU9rcWk3OVN0bEhHc21id3A5YzVEUnZiUHZ3TWdsdUpqVDRRNXZldXNtY1ozClF4ZGpXVVpLeXZUU2w2QmFVV0tmSkxhMGhPWHR1UXB5VHhhMDY3S1RNUUtCZ1FEU2tTUXM4aGhnYVhMQVJDMWUKcWwxK29ZNVNjckxVb3dBbHJoNXYxRjlzcTAyNEkrRXRPa3dUZHZkbDNTQjg0bmhyRDVZQ2JhcXlWRi9uNFRaQQpoMnZkUHVsZ3pOT0FPQUh5bjQyanpuQm5kcWtqaXQrdUhOUVBWVjA3bzVwaDk1N05DT25XNFFPZ01IeFhrbDRzCllROTlVYkJmTmdwTC9PY0NUOWhFbnl3d3pRS0JnUURJU0QvV2poMFZ3Nmd0VXlUcjFUMlQ0S3FzS09HTXNIZ1gKbWVqRkJnQVpoeTNSQTRxSnBLWkdPOWUyK0VvMWRSN1ErVjIzOXhaVy9WdEZDcmdLYUNENm9EWFFQM0grcC93VgpvRXozbDJoMWRrSmxYSVd1Z1ZUY05uOGNHeU1TUi9BMUEycFVQNkMwRTJqSTFXWURpT2VQdnFSVTZpczE4dGYwCkNwMjdnNU5tY3dLQmdGSEUvMUZjNms1MlpKTjVaa3oreDdQbk5RZWJkd3JRQ2J5WU0wV21LVEJnRFp4V2dwazMKckZkYXVaUWJIUVNpUmJUOXBubG04UVN6YzFMdXlFeWl5aVp1eWQ1SGJGSzhiVFUwOUtJS0J1aUcwZ1AxYUF1TApNbWFKOWR5MUdieTFsanQxSEtuUFU4TWZVUW9JMHYxVTY5ajBvaE0zUHlSbkg2WnNMMFhtc2hoNUFvR0FZT0tLCmR5a0NLdUFlUCtiRHFvM2FIdW9FeGdsMHFwRkhWdXR1TGJrc1hTMEdYZURmcUp3TWoxY3RqK1ptUjV2amoyWEMKRDFjbzZHWGhPL0htZTZwSm9kUFVsR3ZNb2tyeTZDZEdkRk03QmU5eVNRUkw2dEhIa2t1T2k3TVk4U1A1c0R0NQp1VTJhV09JMncwaHY4Ky9MVEw4RlVjcUJvclJhQVVVTmJvTkV6NzhDZ1lFQXF0bXI0YmJYeWRnNFpFckY5c2ZWCkh4NUhZdDQweU1QajJrR3hSWm9uQXYvaXBwaHpCNFRXZmZFckdCNlgvdzNnUWpla2Z6S2pFNU5rSGVvMytEQisKbzFqc1BySXhrcFlYSzAydlNWN3RZdnlaczBBWGlGcm5sZFBkSzlhNHRtWHhhZEQwZm1OSkxmU0hwd0tVNXdQagpOR2UzUG5rT1pMUlQ4MHVPWkVpMUx4Zz0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=" ---- -apiVersion: v1 -kind: Secret -metadata: - name: haproxy-auth -type: Opaque -data: - user: "aGFwcm94eXVzZXI=" - pass: "aGFwcm94eXBhc3M=" - diff --git a/kubernetes/vvp/templates/deployment.yaml b/kubernetes/vvp/templates/deployment.yaml deleted file mode 100644 index c0b0f5882f..0000000000 --- a/kubernetes/vvp/templates/deployment.yaml +++ /dev/null @@ -1,50 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /tmp/ - name: portal-nginx-config - ports: - - containerPort: {{ .Values.service.internalPort }} - command: ["nginx", "-g", "daemon off;", "-c", "/tmp/nginx.conf"] - volumes: - - name: portal-nginx-config - configMap: - name: portal-nginx-config - items: - - key: file - path: nginx.conf - - key: service_provider.json - path: service_provider.json - imagePullSecrets: - - name: onapkey diff --git a/kubernetes/vvp/values.yaml b/kubernetes/vvp/values.yaml deleted file mode 100644 index 740811e8c0..0000000000 --- a/kubernetes/vvp/values.yaml +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/vvp/portal:1.0.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - internalPort: 8181 - externalPort: 8181 - -ingress: - enabled: false