From: Mahmoud Abdelhamid Date: Fri, 24 Sep 2021 15:28:28 +0000 (+0200) Subject: [VFC] Use common mariadb-galera instance X-Git-Tag: 9.0.0~95^2 X-Git-Url: https://gerrit.onap.org/r/gitweb?p=oom.git;a=commitdiff_plain;h=a74326fc152d115af5ffa1eae61d592a9e3ca74f [VFC] Use common mariadb-galera instance Have following updates for VFC: - Add section under .Values.global for shared mariadb instance default info with a condition to instantiate local instance. - Update the related section of Mariadb-galera under .Values - Add condition under requirments.yaml to install local mariadb instance * Note: Since Components initiate their own DBs and Users, there is no need to initiate the common mariadb-galera with mariadb-init, instead root password will injected to components to be able to create the DBs. Have following updates for nslcm, vnflcm, vnfmgr and vnfres: - Update .Values to accommodate for the new changes in parent .Values file. - Update root secret with the condition of having local mariadb or using the common. - Update deployments to include the definitions of mariadb service and port defined in (common/_mariadb.tpl) Issue-ID: OOM-2840 Signed-off-by: Mahmoud Abdelhamid Change-Id: Ia6a8e91ca3978928c4bf336a3a86ab1c6d64597a --- diff --git a/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml b/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml index 40ca646e0f..17d8cc263e 100644 --- a/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml @@ -42,7 +42,7 @@ spec: - /app/ready.py args: - --container-name - - {{ .Values.config.mariadbService }} + - '{{ ternary (index .Values "mariadb-galera" "nameOverride") .Values.global.mariadbGalera.service .Values.global.mariadbGalera.localCluster }}' env: - name: NAMESPACE valueFrom: @@ -83,7 +83,7 @@ spec: - name: SSL_ENABLED value: "{{ .Values.global.config.ssl_enabled }}" - name: MYSQL_ADDR - value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}" + value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}' - name: MYSQL_ROOT_USER value: "{{ .Values.global.config.mariadb_admin }}" - name: MYSQL_ROOT_PASSWORD diff --git a/kubernetes/vfc/components/vfc-nslcm/values.yaml b/kubernetes/vfc/components/vfc-nslcm/values.yaml index 5854a370a2..ead1a4ccde 100644 --- a/kubernetes/vfc/components/vfc-nslcm/values.yaml +++ b/kubernetes/vfc/components/vfc-nslcm/values.yaml @@ -19,15 +19,20 @@ global: nodePortPrefix: 302 config: ssl_enabled: false + mariadbGalera: + localCluster: false + service: mariadb-galera + internalPort: 3306 + nameOverride: mariadb-galera ################################################################# # Secrets metaconfig ################################################################# secrets: - - uid: "db-root-pass" - externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}' + - uid: db-root-pass + externalSecret: '{{ ternary (index .Values "mariadb-galera" "rootUser" "externalSecret") (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride))) .Values.global.mariadbGalera.localCluster }}' type: password - password: '{{ .Values.config.mariadbRootPassword }}' + password: '{{ index .Values "mariadb-galera" "rootUser" "password" }}' policy: required ################################################################# @@ -45,13 +50,11 @@ istioSidecar: true # flag to enable debugging - application support required debugEnabled: false -# application configuration -config: - mariadbService: vfc-mariadb - mariadbPort: 3306 - mariadbRootPassword: secretpassword - # mariadbRootPasswordExternalSecret: some secret - +# Local mariadb galera instance default name +mariadb-galera: + rootUser: + externalSecret: '{{ include "common.release" . }}-vfc-db-root-pass' + nameOverride: vfc-mariadb # default number of instances replicaCount: 1 diff --git a/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml index b93d7af02b..75968b2ffe 100644 --- a/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml @@ -42,7 +42,7 @@ spec: - /app/ready.py args: - --container-name - - {{ .Values.config.mariadbService }} + - '{{ ternary (index .Values "mariadb-galera" "nameOverride") .Values.global.mariadbGalera.service .Values.global.mariadbGalera.localCluster }}' env: - name: NAMESPACE valueFrom: @@ -58,7 +58,7 @@ spec: - sh args: - -c - - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh' + - 'MYSQL_AUTH=${MYSQL_ROOT_USER}:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh' image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: @@ -83,7 +83,7 @@ spec: - name: SSL_ENABLED value: "{{ .Values.global.config.ssl_enabled }}" - name: MYSQL_ADDR - value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}" + value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}' - name: MYSQL_ROOT_USER value: "{{ .Values.global.config.mariadb_admin }}" - name: MYSQL_ROOT_PASSWORD diff --git a/kubernetes/vfc/components/vfc-vnflcm/values.yaml b/kubernetes/vfc/components/vfc-vnflcm/values.yaml index acdf006992..cd5e999314 100644 --- a/kubernetes/vfc/components/vfc-vnflcm/values.yaml +++ b/kubernetes/vfc/components/vfc-vnflcm/values.yaml @@ -19,15 +19,20 @@ global: nodePortPrefix: 302 config: ssl_enabled: false + mariadbGalera: + localCluster: false + service: mariadb-galera + internalPort: 3306 + nameOverride: mariadb-galera ################################################################# # Secrets metaconfig ################################################################# secrets: - - uid: "db-root-pass" - externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}' + - uid: db-root-pass + externalSecret: '{{ ternary (index .Values "mariadb-galera" "rootUser" "externalSecret") (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride))) .Values.global.mariadbGalera.localCluster }}' type: password - password: '{{ .Values.config.mariadbRootPassword }}' + password: '{{ index .Values "mariadb-galera" "rootUser" "password" }}' policy: required ################################################################# @@ -45,13 +50,11 @@ istioSidecar: true # flag to enable debugging - application support required debugEnabled: false -# application configuration -config: - mariadbService: vfc-mariadb - mariadbPort: 3306 - mariadbRootPassword: secretpassword - # mariadbRootPasswordExternalSecret: some secret - +# Local mariadb galera instance default name +mariadb-galera: + rootUser: + externalSecret: '{{ include "common.release" . }}-vfc-db-root-pass' + nameOverride: vfc-mariadb # default number of instances replicaCount: 1 diff --git a/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml index 9c8430c9fc..f9a8ba71f2 100644 --- a/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml @@ -42,7 +42,7 @@ spec: - /app/ready.py args: - --container-name - - {{ .Values.config.mariadbService }} + - '{{ ternary (index .Values "mariadb-galera" "nameOverride") .Values.global.mariadbGalera.service .Values.global.mariadbGalera.localCluster }}' env: - name: NAMESPACE valueFrom: @@ -58,7 +58,7 @@ spec: - sh args: - -c - - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh' + - 'MYSQL_AUTH=${MYSQL_ROOT_USER}:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh' image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: @@ -83,7 +83,7 @@ spec: - name: SSL_ENABLED value: "{{ .Values.global.config.ssl_enabled }}" - name: MYSQL_ADDR - value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}" + value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}' - name: REDIS_HOST value: "{{ .Values.global.config.redisServiceName }}" - name: REDIS_PORT diff --git a/kubernetes/vfc/components/vfc-vnfmgr/values.yaml b/kubernetes/vfc/components/vfc-vnfmgr/values.yaml index aa327792b3..35aa0aacd0 100644 --- a/kubernetes/vfc/components/vfc-vnfmgr/values.yaml +++ b/kubernetes/vfc/components/vfc-vnfmgr/values.yaml @@ -19,15 +19,20 @@ global: nodePortPrefix: 302 config: ssl_enabled: false + mariadbGalera: + localCluster: false + service: mariadb-galera + internalPort: 3306 + nameOverride: mariadb-galera ################################################################# # Secrets metaconfig ################################################################# secrets: - - uid: "db-root-pass" - externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}' + - uid: db-root-pass + externalSecret: '{{ ternary (index .Values "mariadb-galera" "rootUser" "externalSecret") (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride))) .Values.global.mariadbGalera.localCluster }}' type: password - password: '{{ .Values.config.mariadbRootPassword }}' + password: '{{ index .Values "mariadb-galera" "rootUser" "password" }}' policy: required ################################################################# @@ -45,12 +50,11 @@ istioSidecar: true # flag to enable debugging - application support required debugEnabled: false -# application configuration -config: - mariadbService: vfc-mariadb - mariadbPort: 3306 - mariadbRootPassword: secretpassword - # mariadbRootPasswordExternalSecret: some secret +# Local mariadb galera instance default name +mariadb-galera: + rootUser: + externalSecret: '{{ include "common.release" . }}-vfc-db-root-pass' + nameOverride: vfc-mariadb # default number of instances replicaCount: 1 diff --git a/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml index 2577887523..06258a0d7e 100644 --- a/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml @@ -42,7 +42,7 @@ spec: - /app/ready.py args: - --container-name - - {{ .Values.config.mariadbService }} + - '{{ ternary (index .Values "mariadb-galera" "nameOverride") .Values.global.mariadbGalera.service .Values.global.mariadbGalera.localCluster }}' env: - name: NAMESPACE valueFrom: @@ -58,7 +58,7 @@ spec: - sh args: - -c - - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh' + - 'MYSQL_AUTH=${MYSQL_ROOT_USER}:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh' image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: @@ -83,7 +83,7 @@ spec: - name: SSL_ENABLED value: "{{ .Values.global.config.ssl_enabled }}" - name: MYSQL_ADDR - value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}" + value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}' - name: REDIS_HOST value: "{{ .Values.global.config.redisServiceName }}" - name: REDIS_PORT diff --git a/kubernetes/vfc/components/vfc-vnfres/values.yaml b/kubernetes/vfc/components/vfc-vnfres/values.yaml index 7683912aa2..204d414e7d 100644 --- a/kubernetes/vfc/components/vfc-vnfres/values.yaml +++ b/kubernetes/vfc/components/vfc-vnfres/values.yaml @@ -19,15 +19,20 @@ global: nodePortPrefix: 302 config: ssl_enabled: false + mariadbGalera: + localCluster: false + service: mariadb-galera + internalPort: 3306 + nameOverride: mariadb-galera ################################################################# # Secrets metaconfig ################################################################# secrets: - - uid: "db-root-pass" - externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}' + - uid: db-root-pass + externalSecret: '{{ ternary (index .Values "mariadb-galera" "rootUser" "externalSecret") (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride))) .Values.global.mariadbGalera.localCluster }}' type: password - password: '{{ .Values.config.mariadbRootPassword }}' + password: '{{ index .Values "mariadb-galera" "rootUser" "password" }}' policy: required ################################################################# @@ -45,13 +50,11 @@ istioSidecar: true # flag to enable debugging - application support required debugEnabled: false -# application configuration -config: - mariadbService: vfc-mariadb - mariadbPort: 3306 - mariadbRootPassword: secretpassword - # mariadbRootPasswordExternalSecret: some secret - +# Local mariadb galera instance default name +mariadb-galera: + rootUser: + externalSecret: '{{ include "common.release" . }}-vfc-db-root-pass' + nameOverride: vfc-mariadb # default number of instances replicaCount: 1 diff --git a/kubernetes/vfc/requirements.yaml b/kubernetes/vfc/requirements.yaml index ab3f4ae979..7f65b021f9 100644 --- a/kubernetes/vfc/requirements.yaml +++ b/kubernetes/vfc/requirements.yaml @@ -19,6 +19,7 @@ dependencies: - name: mariadb-galera version: ~8.x-0 repository: '@local' + condition: global.mariadbGalera.localCluster - name: repositoryGenerator version: ~8.x-0 repository: '@local' diff --git a/kubernetes/vfc/values.yaml b/kubernetes/vfc/values.yaml index 0560832a5f..64bd029bd1 100644 --- a/kubernetes/vfc/values.yaml +++ b/kubernetes/vfc/values.yaml @@ -26,42 +26,47 @@ global: # we use this flag to determine who is responbile for serice registeration # and it can reduce duplicate registration. reg_to_msb_when_start: False - mariadb_admin: root + mariadb_admin: &mariadbAdmin root persistence: mountPath: /dockerdata-nfs + mariadbGalera: &mariadbGalera + #This flag allows VFC to instantiate its own mariadb-galera cluster + localCluster: false + service: mariadb-galera + internalPort: 3306 + nameOverride: mariadb-galera ################################################################# # Secrets metaconfig ################################################################# secrets: - - uid: "db-root-pass" + - uid: db-root-pass name: &dbRootPassSecret '{{ include "common.release" . }}-vfc-db-root-pass' + externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .) (hasSuffix "db-root-pass" (index .Values "mariadb-galera" "rootUser" "externalSecret"))}}' + login: '{{ index .Values "mariadb-galera" "rootUser" "user" }}' + password: '{{ index .Values "mariadb-galera" "rootUser" "password" }}' type: password - password: '{{ .Values.config.mariadbRootPassword }}' # application configuration config: logstashServiceName: log-ls logstashPort: 5044 -mariadb-galera: +mariadb-galera: &localMariadb rootUser: + user: *mariadbAdmin + # password: externalSecret: *dbRootPassSecret - nameOverride: &vfc-mariadb vfc-mariadb + nameOverride: &dbServer vfc-mariadb nfsprovisionerPrefix: vfc persistence: mountSubPath: vfc/data enabled: true disableNfsProvisioner: true serviceAccount: - nameOverride: *vfc-mariadb + nameOverride: *dbServer replicaCount: 1 -db: &dbConfig - mariadbService: vfc-mariadb - mariadbPort: 3306 - mariadbRootPasswordExternalSecret: *dbRootPassSecret - vfc-generic-vnfm-driver: enabled: true @@ -70,26 +75,22 @@ vfc-huawei-vnfm-driver: vfc-nslcm: enabled: true - config: - << : *dbConfig + mariadb-galera: *localMariadb vfc-redis: enabled: true vfc-vnflcm: enabled: true - config: - << : *dbConfig + mariadb-galera: *localMariadb vfc-vnfmgr: enabled: true - config: - << : *dbConfig + mariadb-galera: *localMariadb vfc-vnfres: enabled: true - config: - << : *dbConfig + mariadb-galera: *localMariadb # sub-chart configuration vfc-workflow: