From: Fiachra Corcoran Date: Thu, 4 Aug 2022 06:32:44 +0000 (+0000) Subject: Merge "[DMAAP] DMaaP ServiceMesh compatibility" X-Git-Tag: 11.0.0~95 X-Git-Url: https://gerrit.onap.org/r/gitweb?p=oom.git;a=commitdiff_plain;h=e4aac7a3c577b7bb9eaae93387d482f952ee4b72;hp=0d5c917c02b40b335251a39952bb46f70bcb73ce Merge "[DMAAP] DMaaP ServiceMesh compatibility" --- diff --git a/INFO.yaml b/INFO.yaml index 77261e8702..f9244ec2ac 100644 --- a/INFO.yaml +++ b/INFO.yaml @@ -61,6 +61,11 @@ committers: id: 'djtimoney' company: 'ATT' timezone: 'America/New_York' + - name: 'Andreas Geissler' + email: 'andreas-geissler@telekom.de' + id: 'andreasgeissler' + company: 'Deutsche Telekom' + timezone: 'Europe/Berlin' tsc: approval: 'https://lists.onap.org/pipermail/onap-tsc' changes: @@ -80,3 +85,7 @@ tsc: name: 'Dan Timoney' # yamllint disable-line rule:line-length link: 'https://wiki.onap.org/display/DW/Committer+Promotion+Request+for+%5BOOM%5D+-+Dan+Timoney' + - type: 'Addition' + name: 'Andreas Geissler' + # yamllint disable-line rule:line-length + link: 'https://wiki.onap.org/display/DW/Committer+Promotion+Request+for+%5BOOM%5D+%3A+Andreas+Geissler' diff --git a/docs/Access_Rancher_server_via_web_browser.jpeg b/docs/Access_Rancher_server_via_web_browser.jpeg deleted file mode 100644 index 103fc2731f..0000000000 Binary files a/docs/Access_Rancher_server_via_web_browser.jpeg and /dev/null differ diff --git a/docs/Add_Kubernetes_Environment_to_Rancher.png b/docs/Add_Kubernetes_Environment_to_Rancher.png deleted file mode 100644 index 0d60f156fb..0000000000 Binary files a/docs/Add_Kubernetes_Environment_to_Rancher.png and /dev/null differ diff --git a/docs/Apply_customization_script_for_the_Rancher_VM.jpeg b/docs/Apply_customization_script_for_the_Rancher_VM.jpeg deleted file mode 100644 index 832dda3404..0000000000 Binary files a/docs/Apply_customization_script_for_the_Rancher_VM.jpeg and /dev/null differ diff --git a/docs/Click_create.jpeg b/docs/Click_create.jpeg deleted file mode 100644 index fad185674c..0000000000 Binary files a/docs/Click_create.jpeg and /dev/null differ diff --git a/docs/Click_on_CLI_and_then_click_on_Generate_Config.jpeg b/docs/Click_on_CLI_and_then_click_on_Generate_Config.jpeg deleted file mode 100644 index fec6a35433..0000000000 Binary files a/docs/Click_on_CLI_and_then_click_on_Generate_Config.jpeg and /dev/null differ diff --git a/docs/Click_on_Close_button.jpeg b/docs/Click_on_Close_button.jpeg deleted file mode 100644 index cb02480923..0000000000 Binary files a/docs/Click_on_Close_button.jpeg and /dev/null differ diff --git a/docs/Click_on_Copy_to_Clipboard-wait_until_you_see_a_token-do_not_copy_user+password-the_server_is_not_ready_at_that_point.jpeg b/docs/Click_on_Copy_to_Clipboard-wait_until_you_see_a_token-do_not_copy_user+password-the_server_is_not_ready_at_that_point.jpeg deleted file mode 100644 index bb0f60c4eb..0000000000 Binary files a/docs/Click_on_Copy_to_Clipboard-wait_until_you_see_a_token-do_not_copy_user+password-the_server_is_not_ready_at_that_point.jpeg and /dev/null differ diff --git a/docs/K8s-Assign_Floating_IP_for_external_access.jpeg b/docs/K8s-Assign_Floating_IP_for_external_access.jpeg deleted file mode 100644 index fe84d11707..0000000000 Binary files a/docs/K8s-Assign_Floating_IP_for_external_access.jpeg and /dev/null differ diff --git a/docs/K8s-Key_Pair.jpeg b/docs/K8s-Key_Pair.jpeg deleted file mode 100644 index 1e335d36a6..0000000000 Binary files a/docs/K8s-Key_Pair.jpeg and /dev/null differ diff --git a/docs/K8s-Launch_Instance.jpeg b/docs/K8s-Launch_Instance.jpeg deleted file mode 100644 index 7e2122c429..0000000000 Binary files a/docs/K8s-Launch_Instance.jpeg and /dev/null differ diff --git a/docs/K8s-Launch_new_VM_instance_to_create_a_Kubernetes_single_host_or_cluster.jpeg b/docs/K8s-Launch_new_VM_instance_to_create_a_Kubernetes_single_host_or_cluster.jpeg deleted file mode 100644 index 8d154d4a2d..0000000000 Binary files a/docs/K8s-Launch_new_VM_instance_to_create_a_Kubernetes_single_host_or_cluster.jpeg and /dev/null differ diff --git a/docs/K8s-Manage_Floating_IP_Associations.jpeg b/docs/K8s-Manage_Floating_IP_Associations.jpeg deleted file mode 100644 index f15e5e34c7..0000000000 Binary files a/docs/K8s-Manage_Floating_IP_Associations.jpeg and /dev/null differ diff --git a/docs/K8s-Networking.jpeg b/docs/K8s-Networking.jpeg deleted file mode 100644 index ee4cafca54..0000000000 Binary files a/docs/K8s-Networking.jpeg and /dev/null differ diff --git a/docs/K8s-Security_Group.jpeg b/docs/K8s-Security_Group.jpeg deleted file mode 100644 index 5e852185b2..0000000000 Binary files a/docs/K8s-Security_Group.jpeg and /dev/null differ diff --git a/docs/K8s-Select_Flavor.jpeg b/docs/K8s-Select_Flavor.jpeg deleted file mode 100644 index c3cf4b2c83..0000000000 Binary files a/docs/K8s-Select_Flavor.jpeg and /dev/null differ diff --git a/docs/K8s-Select_Ubuntu_16.04_as_base_image.jpeg b/docs/K8s-Select_Ubuntu_16.04_as_base_image.jpeg deleted file mode 100644 index e9a03e782c..0000000000 Binary files a/docs/K8s-Select_Ubuntu_16.04_as_base_image.jpeg and /dev/null differ diff --git a/docs/Rancher-Allocate_Floating_IP.jpeg b/docs/Rancher-Allocate_Floating_IP.jpeg deleted file mode 100644 index 9d6ff3ff95..0000000000 Binary files a/docs/Rancher-Allocate_Floating_IP.jpeg and /dev/null differ diff --git a/docs/Rancher-Key_Pair.jpeg b/docs/Rancher-Key_Pair.jpeg deleted file mode 100644 index 1bcb6b6eb7..0000000000 Binary files a/docs/Rancher-Key_Pair.jpeg and /dev/null differ diff --git a/docs/Rancher-Launch_Instance.jpeg b/docs/Rancher-Launch_Instance.jpeg deleted file mode 100644 index 38943699e6..0000000000 Binary files a/docs/Rancher-Launch_Instance.jpeg and /dev/null differ diff --git a/docs/Rancher-Launch_new_VM_instance_to_host_the_Rancher_Server.jpeg b/docs/Rancher-Launch_new_VM_instance_to_host_the_Rancher_Server.jpeg deleted file mode 100644 index 2b3fde3fb7..0000000000 Binary files a/docs/Rancher-Launch_new_VM_instance_to_host_the_Rancher_Server.jpeg and /dev/null differ diff --git a/docs/Rancher-Manage_Floating_IP_Associations.jpeg b/docs/Rancher-Manage_Floating_IP_Associations.jpeg deleted file mode 100644 index ae062c1d39..0000000000 Binary files a/docs/Rancher-Manage_Floating_IP_Associations.jpeg and /dev/null differ diff --git a/docs/Rancher-Networking.jpeg b/docs/Rancher-Networking.jpeg deleted file mode 100644 index 16ef380ef5..0000000000 Binary files a/docs/Rancher-Networking.jpeg and /dev/null differ diff --git a/docs/Rancher-Security_Groups.jpeg b/docs/Rancher-Security_Groups.jpeg deleted file mode 100644 index c8ff2e8d76..0000000000 Binary files a/docs/Rancher-Security_Groups.jpeg and /dev/null differ diff --git a/docs/Rancher-Select_Flavor.jpeg b/docs/Rancher-Select_Flavor.jpeg deleted file mode 100644 index a3f35b53ce..0000000000 Binary files a/docs/Rancher-Select_Flavor.jpeg and /dev/null differ diff --git a/docs/Rancher-Select_Ubuntu_16.04_as_base_image.jpeg b/docs/Rancher-Select_Ubuntu_16.04_as_base_image.jpeg deleted file mode 100644 index b80fae4a5c..0000000000 Binary files a/docs/Rancher-Select_Ubuntu_16.04_as_base_image.jpeg and /dev/null differ diff --git a/docs/Return_to_Rancher_environment_eg_SB4_and_wait_for_services_to_complete_10-15_mins.jpeg b/docs/Return_to_Rancher_environment_eg_SB4_and_wait_for_services_to_complete_10-15_mins.jpeg deleted file mode 100644 index 6d62b99f55..0000000000 Binary files a/docs/Return_to_Rancher_environment_eg_SB4_and_wait_for_services_to_complete_10-15_mins.jpeg and /dev/null differ diff --git a/docs/Select_Add_Environment.png b/docs/Select_Add_Environment.png deleted file mode 100644 index 48fffa41bd..0000000000 Binary files a/docs/Select_Add_Environment.png and /dev/null differ diff --git a/docs/and_click_on_Save_accept_defaults.jpeg b/docs/and_click_on_Save_accept_defaults.jpeg deleted file mode 100644 index 9b57927aac..0000000000 Binary files a/docs/and_click_on_Save_accept_defaults.jpeg and /dev/null differ diff --git a/docs/hardcoded_certificates.csv b/docs/certs/hardcoded_certificates.csv similarity index 100% rename from docs/hardcoded_certificates.csv rename to docs/certs/hardcoded_certificates.csv diff --git a/docs/helm-search.txt b/docs/helm-search.txt deleted file mode 100644 index 4e357b6dc8..0000000000 --- a/docs/helm-search.txt +++ /dev/null @@ -1,42 +0,0 @@ -NAME CHART VERSION APP VERSION DESCRIPTION -local/onap 10.0.0 Jakarta Open Network Automation Platform (ONAP) -local/aaf 10.0.0 ONAP Application Authorization Framework -local/aai 10.0.0 ONAP Active and Available Inventory -local/appc 10.0.0 Application Controller -local/cassandra 10.0.0 ONAP cassandra -local/cds 10.0.0 ONAP Controller Design Studio (CDS) -local/clamp 10.0.0 ONAP Clamp -local/cli 10.0.0 ONAP Command Line Interface -local/common 10.0.0 Common templates for inclusion in other charts -local/consul 10.0.0 ONAP Consul Agent -local/contrib 10.0.0 ONAP optional tools -local/cps 10.0.0 ONAP Configuration Persistene Service (CPS) -local/dcaegen2 10.0.0 ONAP DCAE Gen2 -local/dgbuilder 10.0.0 D.G. Builder application -local/dmaap 10.0.0 ONAP DMaaP components -local/log 10.0.0 ONAP Logging ElasticStack -local/mariadb-galera 10.0.0 Chart for MariaDB Galera cluster -local/mongo 10.0.0 MongoDB Server -local/msb 10.0.0 ONAP MicroServices Bus -local/multicloud 10.0.0 ONAP multicloud broker -local/music 10.0.0 MUSIC - Multi-site State Coordination Service -local/mysql 10.0.0 MySQL Server -local/nbi 10.0.0 ONAP Northbound Interface -local/network-name-gen 10.0.0 Name Generation Micro Service -local/nfs-provisioner 10.0.0 NFS provisioner -local/oof 10.0.0 ONAP Optimization Framework -local/policy 10.0.0 ONAP Policy Administration Point -local/pomba 10.0.0 ONAP Post Orchestration Model Based Audit -local/portal 10.0.0 ONAP Web Portal -local/postgres 10.0.0 ONAP Postgres Server -local/robot 10.0.0 A helm Chart for kubernetes-ONAP Robot -local/sdc 10.0.0 Service Design and Creation Umbrella Helm charts -local/sdnc 10.0.0 SDN Controller -local/sdnc-prom 10.0.0 ONAP SDNC Policy Driven Ownership Management -local/sniro-emulator 10.0.0 ONAP Mock Sniro Emulator -local/so 10.0.0 ONAP Service Orchestrator -local/strimzi 10.0.0 ONAP Strimzi Apache Kafka -local/uui 10.0.0 ONAP uui -local/vfc 10.0.0 ONAP Virtual Function Controller (VF-C) -local/vid 10.0.0 ONAP Virtual Infrastructure Deployment -local/vnfsdk 10.0.0 ONAP VNF SDK diff --git a/docs/helm/helm-search.txt b/docs/helm/helm-search.txt new file mode 100644 index 0000000000..75c274957b --- /dev/null +++ b/docs/helm/helm-search.txt @@ -0,0 +1,42 @@ +NAME CHART VERSION APP VERSION DESCRIPTION +local/onap 11.0.0 Kohn Open Network Automation Platform (ONAP) +local/aaf 11.0.0 ONAP Application Authorization Framework +local/aai 11.0.0 ONAP Active and Available Inventory +local/appc 11.0.0 Application Controller +local/cassandra 11.0.0 ONAP cassandra +local/cds 11.0.0 ONAP Controller Design Studio (CDS) +local/clamp 11.0.0 ONAP Clamp +local/cli 11.0.0 ONAP Command Line Interface +local/common 11.0.0 Common templates for inclusion in other charts +local/consul 11.0.0 ONAP Consul Agent +local/contrib 11.0.0 ONAP optional tools +local/cps 11.0.0 ONAP Configuration Persistene Service (CPS) +local/dcaegen2 11.0.0 ONAP DCAE Gen2 +local/dgbuilder 11.0.0 D.G. Builder application +local/dmaap 11.0.0 ONAP DMaaP components +local/log 11.0.0 ONAP Logging ElasticStack +local/mariadb-galera 11.0.0 Chart for MariaDB Galera cluster +local/mongo 11.0.0 MongoDB Server +local/msb 11.0.0 ONAP MicroServices Bus +local/multicloud 11.0.0 ONAP multicloud broker +local/music 11.0.0 MUSIC - Multi-site State Coordination Service +local/mysql 11.0.0 MySQL Server +local/nbi 11.0.0 ONAP Northbound Interface +local/network-name-gen 11.0.0 Name Generation Micro Service +local/nfs-provisioner 11.0.0 NFS provisioner +local/oof 11.0.0 ONAP Optimization Framework +local/policy 11.0.0 ONAP Policy Administration Point +local/pomba 11.0.0 ONAP Post Orchestration Model Based Audit +local/portal 11.0.0 ONAP Web Portal +local/postgres 11.0.0 ONAP Postgres Server +local/robot 11.0.0 A helm Chart for kubernetes-ONAP Robot +local/sdc 11.0.0 Service Design and Creation Umbrella Helm charts +local/sdnc 11.0.0 SDN Controller +local/sdnc-prom 11.0.0 ONAP SDNC Policy Driven Ownership Management +local/sniro-emulator 11.0.0 ONAP Mock Sniro Emulator +local/so 11.0.0 ONAP Service Orchestrator +local/strimzi 11.0.0 ONAP Strimzi Apache Kafka +local/uui 11.0.0 ONAP uui +local/vfc 11.0.0 ONAP Virtual Function Controller (VF-C) +local/vid 11.0.0 ONAP Virtual Infrastructure Deployment +local/vnfsdk 11.0.0 ONAP VNF SDK diff --git a/docs/consulHealth.png b/docs/images/consul/consulHealth.png similarity index 100% rename from docs/consulHealth.png rename to docs/images/consul/consulHealth.png diff --git a/docs/kubernetes_objects.png b/docs/images/k8s/kubernetes_objects.png similarity index 100% rename from docs/kubernetes_objects.png rename to docs/images/k8s/kubernetes_objects.png diff --git a/docs/MSB-OOM-Diagram.png b/docs/images/msb/MSB-OOM-Diagram.png similarity index 100% rename from docs/MSB-OOM-Diagram.png rename to docs/images/msb/MSB-OOM-Diagram.png diff --git a/docs/oomLogoV2-Configure.png b/docs/images/oom_logo/oomLogoV2-Configure.png similarity index 100% rename from docs/oomLogoV2-Configure.png rename to docs/images/oom_logo/oomLogoV2-Configure.png diff --git a/docs/oomLogoV2-Delete.png b/docs/images/oom_logo/oomLogoV2-Delete.png similarity index 100% rename from docs/oomLogoV2-Delete.png rename to docs/images/oom_logo/oomLogoV2-Delete.png diff --git a/docs/oomLogoV2-Deploy.png b/docs/images/oom_logo/oomLogoV2-Deploy.png similarity index 100% rename from docs/oomLogoV2-Deploy.png rename to docs/images/oom_logo/oomLogoV2-Deploy.png diff --git a/docs/oomLogoV2-Heal.png b/docs/images/oom_logo/oomLogoV2-Heal.png similarity index 100% rename from docs/oomLogoV2-Heal.png rename to docs/images/oom_logo/oomLogoV2-Heal.png diff --git a/docs/oomLogoV2-Monitor.png b/docs/images/oom_logo/oomLogoV2-Monitor.png similarity index 100% rename from docs/oomLogoV2-Monitor.png rename to docs/images/oom_logo/oomLogoV2-Monitor.png diff --git a/docs/oomLogoV2-Scale.png b/docs/images/oom_logo/oomLogoV2-Scale.png similarity index 100% rename from docs/oomLogoV2-Scale.png rename to docs/images/oom_logo/oomLogoV2-Scale.png diff --git a/docs/oomLogoV2-Upgrade.png b/docs/images/oom_logo/oomLogoV2-Upgrade.png similarity index 100% rename from docs/oomLogoV2-Upgrade.png rename to docs/images/oom_logo/oomLogoV2-Upgrade.png diff --git a/docs/oomLogoV2-medium.png b/docs/images/oom_logo/oomLogoV2-medium.png similarity index 100% rename from docs/oomLogoV2-medium.png rename to docs/images/oom_logo/oomLogoV2-medium.png diff --git a/docs/index.rst b/docs/index.rst index 89f947490c..94a4bf00e5 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -16,6 +16,6 @@ OOM Documentation Repository oom_setup_paas.rst oom_developer_guide.rst oom_cloud_setup_guide.rst - release-notes.rst + release_notes/release-notes.rst oom_setup_kubernetes_rancher.rst oom_setup_ingress_controller.rst diff --git a/docs/k8s-topology.jpg b/docs/k8s-topology.jpg deleted file mode 100644 index eba8e72b68..0000000000 Binary files a/docs/k8s-topology.jpg and /dev/null differ diff --git a/docs/oom_cloud_setup_guide.rst b/docs/oom_cloud_setup_guide.rst index 4b3ec92ccb..69062894cf 100644 --- a/docs/oom_cloud_setup_guide.rst +++ b/docs/oom_cloud_setup_guide.rst @@ -15,7 +15,7 @@ .. _Cloud Native Deployment Wiki: https://wiki.onap.org/display/DW/Cloud+Native+Deployment .. _ONAP Development - 110 pod limit Wiki: https://wiki.onap.org/display/DW/ONAP+Development#ONAPDevelopment-Changemax-podsfromdefault110podlimit -.. figure:: oomLogoV2-medium.png +.. figure:: images/oom_logo/oomLogoV2-medium.png :align: right .. _cloud-setup-guide-label: @@ -58,6 +58,7 @@ The versions of Kubernetes that are supported by OOM are as follows: guilin 1.15.11 2.16.10 1.15.11 18.09.x honolulu 1.19.9 3.5.2 1.19.9 19.03.x 1.2.0 Istanbul 1.19.11 3.6.3 1.19.11 19.03.x 1.5.4 + Jakarta 1.22.4 3.6.3 1.22.4 20.10.x 1.5.4 ============== =========== ======= ======== ======== ============ Minimum Hardware Configuration diff --git a/docs/oom_developer_guide.rst b/docs/oom_developer_guide.rst index 05cdca1c46..8df8e74acd 100644 --- a/docs/oom_developer_guide.rst +++ b/docs/oom_developer_guide.rst @@ -22,7 +22,7 @@ OOM Developer Guide ################### -.. figure:: oomLogoV2-medium.png +.. figure:: images/oom_logo/oomLogoV2-medium.png :align: right ONAP consists of a large number of components, each of which are substantial @@ -687,7 +687,7 @@ The relationship between these objects is shown in the following figure: .. database PV .. @enduml -.. figure:: kubernetes_objects.png +.. figure:: images/k8s/kubernetes_objects.png OOM uses these Kubernetes objects as described in the following sections. @@ -1074,7 +1074,7 @@ MSB Integration with OOM ------------------------ A preliminary view of the OOM-MSB integration is as follows: -.. figure:: MSB-OOM-Diagram.png +.. figure:: images/msb/MSB-OOM-Diagram.png A message sequence chart of the registration process: diff --git a/docs/oom_hardcoded_certificates.rst b/docs/oom_hardcoded_certificates.rst index c4392c701f..326cd3980f 100644 --- a/docs/oom_hardcoded_certificates.rst +++ b/docs/oom_hardcoded_certificates.rst @@ -15,4 +15,4 @@ ONAP current installation have hardcoded certificates. Here's the list of these certificates: .. csv-table:: - :file: hardcoded_certificates.csv + :file: certs/hardcoded_certificates.csv diff --git a/docs/oom_project_description.rst b/docs/oom_project_description.rst index f1587b4eeb..b672c48bc0 100644 --- a/docs/oom_project_description.rst +++ b/docs/oom_project_description.rst @@ -17,7 +17,7 @@ bare-metal servers or on VMs hosted by a 3rd party management system. OOM ensures that ONAP is easily deployable and maintainable throughout its life cycle while using hardware resources efficiently. -.. figure:: oomLogoV2-medium.png +.. figure:: images/oom_logo/oomLogoV2-medium.png :align: right In summary OOM provides the following capabilities: diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst index a38c6f48bd..b7749b1056 100644 --- a/docs/oom_quickstart_guide.rst +++ b/docs/oom_quickstart_guide.rst @@ -8,7 +8,7 @@ OOM Quick Start Guide ##################### -.. figure:: oomLogoV2-medium.png +.. figure:: images/oom_logo/oomLogoV2-medium.png :align: right Once a Kubernetes environment is available (follow the instructions in @@ -29,6 +29,7 @@ where can be an official release tag, such as * 8.0.0 for Honolulu * 9.0.0 for Istanbul * 10.0.0 for Jakarta +* 11.0.0 for Kohn **Step 2.** Install Helm Plugins required to deploy ONAP:: @@ -166,12 +167,12 @@ observe the following constraints. Example Keystone v2.0 -.. literalinclude:: example-integration-override.yaml +.. literalinclude:: yaml/example-integration-override.yaml :language: yaml Example Keystone v3 (required for Rocky and later releases) -.. literalinclude:: example-integration-override-v3.yaml +.. literalinclude:: yaml/example-integration-override-v3.yaml :language: yaml @@ -203,7 +204,7 @@ follows:: > helm repo update > helm search repo onap -.. literalinclude:: helm-search.txt +.. literalinclude:: helm/helm-search.txt .. note:: The setup of the Helm repository is a one time activity. If you make changes diff --git a/docs/oom_setup_ingress_controller.rst b/docs/oom_setup_ingress_controller.rst index cb385da141..fafe0db987 100644 --- a/docs/oom_setup_ingress_controller.rst +++ b/docs/oom_setup_ingress_controller.rst @@ -12,7 +12,7 @@ .. _Onboarding and Distributing a Vendor Software Product: https://wiki.onap.org/pages/viewpage.action?pageId=1018474 .. _README.md: https://gerrit.onap.org/r/gitweb?p=oom.git;a=blob;f=kubernetes/README.md -.. figure:: oomLogoV2-medium.png +.. figure:: images/oom_logo/oomLogoV2-medium.png :align: right .. _oom_setup_ingress_controller: diff --git a/docs/oom_setup_kubernetes_rancher.rst b/docs/oom_setup_kubernetes_rancher.rst index 6272f83238..767b93925e 100644 --- a/docs/oom_setup_kubernetes_rancher.rst +++ b/docs/oom_setup_kubernetes_rancher.rst @@ -12,7 +12,7 @@ .. _Onboarding and Distributing a Vendor Software Product: https://wiki.onap.org/pages/viewpage.action?pageId=1018474 .. _README.md: https://gerrit.onap.org/r/gitweb?p=oom.git;a=blob;f=kubernetes/README.md -.. figure:: oomLogoV2-medium.png +.. figure:: images/oom_logo/oomLogoV2-medium.png :align: right .. _onap-on-kubernetes-with-rancher: @@ -157,10 +157,10 @@ Assign the key pair that was created/selected previously (e.g. onap_key). Apply customization script for Control Plane VMs ------------------------------------------------ -Click :download:`openstack-k8s-controlnode.sh ` +Click :download:`openstack-k8s-controlnode.sh ` to download the script. -.. literalinclude:: openstack-k8s-controlnode.sh +.. literalinclude:: shell/openstack-k8s-controlnode.sh :language: bash This customization script will: @@ -229,10 +229,10 @@ Assign the key pair that was created/selected previously (e.g. onap_key). Apply customization script for Kubernetes VM(s) ----------------------------------------------- -Click :download:`openstack-k8s-workernode.sh ` to +Click :download:`openstack-k8s-workernode.sh ` to download the script. -.. literalinclude:: openstack-k8s-workernode.sh +.. literalinclude:: shell/openstack-k8s-workernode.sh :language: bash This customization script will: @@ -287,10 +287,10 @@ RKE requires a *cluster.yml* as input. An example file is show below that describes a Kubernetes cluster that will be mapped onto the OpenStack VMs created earlier in this guide. -Click :download:`cluster.yml ` to download the +Click :download:`cluster.yml ` to download the configuration file. -.. literalinclude:: cluster.yml +.. literalinclude:: yaml/cluster.yml :language: yaml Prepare cluster.yml @@ -467,10 +467,10 @@ Assign the key pair that was created/selected previously (e.g. onap_key). Apply customization script for NFS Server VM -------------------------------------------- -Click :download:`openstack-nfs-server.sh ` to download +Click :download:`openstack-nfs-server.sh ` to download the script. -.. literalinclude:: openstack-nfs-server.sh +.. literalinclude:: shell/openstack-nfs-server.sh :language: bash This customization script will: @@ -499,15 +499,15 @@ Resulting floating IP assignments in this example. To properly set up an NFS share on Master and Slave nodes, the user can run the scripts below. -Click :download:`master_nfs_node.sh ` to download the +Click :download:`master_nfs_node.sh ` to download the script. -.. literalinclude:: master_nfs_node.sh +.. literalinclude:: shell/master_nfs_node.sh :language: bash -Click :download:`slave_nfs_node.sh ` to download the script. +Click :download:`slave_nfs_node.sh ` to download the script. -.. literalinclude:: slave_nfs_node.sh +.. literalinclude:: shell/slave_nfs_node.sh :language: bash The master_nfs_node.sh script runs in the NFS Master node and needs the list of diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst index 10b57dc5a7..2ff74b5898 100644 --- a/docs/oom_user_guide.rst +++ b/docs/oom_user_guide.rst @@ -27,7 +27,7 @@ This guide provides many examples of Helm command line operations. For a complete description of these commands please refer to the `Helm Documentation`_. -.. figure:: oomLogoV2-medium.png +.. figure:: images/oom_logo/oomLogoV2-medium.png :align: right The following sections describe the life-cycle operations: @@ -41,7 +41,7 @@ The following sections describe the life-cycle operations: impact - Delete_ - cleanup individual containers or entire deployments -.. figure:: oomLogoV2-Deploy.png +.. figure:: images/oom_logo/oomLogoV2-Deploy.png :align: right Deploy @@ -123,7 +123,7 @@ stable which should be removed to avoid confusion:: To prepare your system for an installation of ONAP, you'll need to:: - > git clone -b jakarta --recurse-submodules -j2 http://gerrit.onap.org/r/oom + > git clone -b kohn --recurse-submodules -j2 http://gerrit.onap.org/r/oom > cd oom/kubernetes @@ -161,12 +161,12 @@ system, and looks for matches:: > helm search repo local NAME VERSION DESCRIPTION - local/appc 10.0.0 Application Controller - local/clamp 10.0.0 ONAP Clamp - local/common 10.0.0 Common templates for inclusion in other charts - local/onap 10.0.0 Open Network Automation Platform (ONAP) - local/robot 10.0.0 A helm Chart for kubernetes-ONAP Robot - local/so 10.0.0 ONAP Service Orchestrator + local/appc 11.0.0 Application Controller + local/clamp 11.0.0 ONAP Clamp + local/common 11.0.0 Common templates for inclusion in other charts + local/onap 11.0.0 Open Network Automation Platform (ONAP) + local/robot 11.0.0 A helm Chart for kubernetes-ONAP Robot + local/so 11.0.0 ONAP Service Orchestrator In any case, setup of the Helm repository is a one time activity. @@ -209,7 +209,7 @@ deployment:: To install a specific version of a single ONAP component (`so` in this example) with the given release name enter:: - > helm deploy so onap/so --version 10.0.0 --set global.masterPassword=password --set global.flavor=unlimited --namespace onap + > helm deploy so onap/so --version 11.0.0 --set global.masterPassword=password --set global.flavor=unlimited --namespace onap .. note:: The dependent components should be installed for component being installed @@ -221,7 +221,7 @@ To display details of a specific resource or group of resources type:: where the pod identifier refers to the auto-generated pod identifier. -.. figure:: oomLogoV2-Configure.png +.. figure:: images/oom_logo/oomLogoV2-Configure.png :align: right Configure @@ -321,7 +321,7 @@ To deploy ONAP with this environment file, enter:: > helm deploy local/onap -n onap -f onap/resources/environments/onap-production.yaml --set global.masterPassword=password -.. include:: environments_onap_demo.yaml +.. include:: yaml/environments_onap_demo.yaml :code: yaml When deploying all of ONAP, the dependencies section of the Chart.yaml file @@ -333,7 +333,7 @@ Here is an excerpt of this file: dependencies: <...> - name: so - version: ~10.0.0 + version: ~11.0.0 repository: '@local' condition: so.enabled <...> @@ -404,7 +404,7 @@ corresponds to the private IP as follows:: portal-app LoadBalancer 10.43.142.201 10.0.0.4 8989:30215/TCP,8006:30213/TCP,8010:30214/TCP 1d app=portal-app,release=dev -In this example, use the 10.0.0.4 private address as a key find the +In this example, use the 11.0.0.4 private address as a key find the corresponding public address which in this example is 10.12.6.155. If you're using OpenStack you'll do the lookup with the horizon GUI or the OpenStack CLI for your tenant (openstack server list). That IP is then used in your @@ -464,7 +464,7 @@ the portal and then simply access now the new ssl-encrypted URL: you can grab this public IP directly (as compared to trying to find the floating IP first) and map this IP in /etc/hosts. -.. figure:: oomLogoV2-Monitor.png +.. figure:: images/oom_logo/oomLogoV2-Monitor.png :align: right Monitor @@ -493,7 +493,7 @@ The Consul server provides a user interface that allows a user to graphically view the current health status of all of the ONAP components for which agents have been created - a sample from the ONAP Integration labs follows: -.. figure:: consulHealth.png +.. figure:: images/consul/consulHealth.png :align: center To see the real-time health of a deployment go to: ``http://:30270/ui/`` @@ -503,7 +503,7 @@ where a GUI much like the following will be found: If Consul GUI is not accessible, you can refer this `kubectl port-forward `_ method to access an application -.. figure:: oomLogoV2-Heal.png +.. figure:: images/oom_logo/oomLogoV2-Heal.png :align: right Heal @@ -532,7 +532,7 @@ creation of a replacement pod:: > kubectl get pods --all-namespaces -o=wide -.. figure:: oomLogoV2-Scale.png +.. figure:: images/oom_logo/oomLogoV2-Scale.png :align: right Scale @@ -563,10 +563,10 @@ Below is the example for the same:: > helm list NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE - dev 1 Wed Oct 14 13:49:52 2020 DEPLOYED onap-10.0.0 Jakarta onap - dev-cassandra 5 Thu Oct 15 14:45:34 2020 DEPLOYED cassandra-10.0.0 onap - dev-contrib 1 Wed Oct 14 13:52:53 2020 DEPLOYED contrib-10.0.0 onap - dev-mariadb-galera 1 Wed Oct 14 13:55:56 2020 DEPLOYED mariadb-galera-10.0.0 onap + dev 1 Wed Oct 14 13:49:52 2020 DEPLOYED onap-11.0.0 Kohn onap + dev-cassandra 5 Thu Oct 15 14:45:34 2020 DEPLOYED cassandra-11.0.0 onap + dev-contrib 1 Wed Oct 14 13:52:53 2020 DEPLOYED contrib-11.0.0 onap + dev-mariadb-galera 1 Wed Oct 14 13:55:56 2020 DEPLOYED mariadb-galera-11.0.0 onap Here the Name column shows the RELEASE NAME, In our case we want to try the scale operation on cassandra, thus the RELEASE NAME would be dev-cassandra. @@ -580,10 +580,10 @@ Below is the example for the same:: > helm search cassandra NAME CHART VERSION APP VERSION DESCRIPTION - local/cassandra 10.0.0 ONAP cassandra - local/portal-cassandra 10.0.0 Portal cassandra - local/aaf-cass 10.0.0 ONAP AAF cassandra - local/sdc-cs 10.0.0 ONAP Service Design and Creation Cassandra + local/cassandra 11.0.0 ONAP cassandra + local/portal-cassandra 11.0.0 Portal cassandra + local/aaf-cass 11.0.0 ONAP AAF cassandra + local/sdc-cs 11.0.0 ONAP Service Design and Creation Cassandra Here the Name column shows the chart name. As we want to try the scale operation for cassandra, thus the corresponding chart name is local/cassandra @@ -626,7 +626,7 @@ even if the pods are physically distributed across multiple nodes. An example of how these capabilities can be used is described in the Running Consul on Kubernetes tutorial. -.. figure:: oomLogoV2-Upgrade.png +.. figure:: images/oom_logo/oomLogoV2-Upgrade.png :align: right Upgrade @@ -645,7 +645,7 @@ Prior to doing an upgrade, determine of the status of the deployed charts:: > helm list NAME REVISION UPDATED STATUS CHART NAMESPACE - so 1 Mon Feb 5 10:05:22 2020 DEPLOYED so-10.0.0 onap + so 1 Mon Feb 5 10:05:22 2020 DEPLOYED so-11.0.0 onap When upgrading a cluster a parameter controls the minimum size of the cluster during the upgrade while another parameter controls the maximum number of nodes @@ -668,21 +668,21 @@ sequence of events described in the previous paragraph would be initiated. For example, to upgrade a container by changing configuration, specifically an environment value:: - > helm upgrade so onap/so --version 8.0.1 --set enableDebug=true + > helm upgrade so onap/so --version 11.0.1 --set enableDebug=true Issuing this command will result in the appropriate container being stopped by Kubernetes and replaced with a new container with the new environment value. To upgrade a component to a new version with a new configuration file enter:: - > helm upgrade so onap/so --version 8.0.1 -f environments/demo.yaml + > helm upgrade so onap/so --version 11.0.1 -f environments/demo.yaml To fetch release history enter:: > helm history so REVISION UPDATED STATUS CHART DESCRIPTION - 1 Mon Feb 5 10:05:22 2020 SUPERSEDED so-9.0.0 Install complete - 2 Mon Feb 5 10:10:55 2020 DEPLOYED so-10.0.0 Upgrade complete + 1 Mon Jul 5 10:05:22 2022 SUPERSEDED so-11.0.0 Install complete + 2 Mon Jul 5 10:10:55 2022 DEPLOYED so-11.0.1 Upgrade complete Unfortunately, not all upgrades are successful. In recognition of this the lineup of pods within an ONAP deployment is tagged such that an administrator @@ -704,9 +704,9 @@ For example, to roll-back back to previous system revision enter:: > helm history so REVISION UPDATED STATUS CHART DESCRIPTION - 1 Mon Feb 5 10:05:22 2020 SUPERSEDED so-9.0.0 Install complete - 2 Mon Feb 5 10:10:55 2020 SUPERSEDED so-10.0.0 Upgrade complete - 3 Mon Feb 5 10:14:32 2020 DEPLOYED so-9.0.0 Rollback to 1 + 1 Mon Jul 5 10:05:22 2022 SUPERSEDED so-11.0.0 Install complete + 2 Mon Jul 5 10:10:55 2022 SUPERSEDED so-11.0.1 Upgrade complete + 3 Mon Jul 5 10:14:32 2022 DEPLOYED so-11.0.0 Rollback to 1 .. note:: @@ -756,7 +756,7 @@ release v1.1.2: The previous so pod will be terminated and a new so pod with an updated so container will be created. -.. figure:: oomLogoV2-Delete.png +.. figure:: images/oom_logo/oomLogoV2-Delete.png :align: right Delete diff --git a/docs/otherwise_select_INFRASTRUCTURE_Hosts_and_click_on_Add_Host.jpg b/docs/otherwise_select_INFRASTRUCTURE_Hosts_and_click_on_Add_Host.jpg deleted file mode 100644 index 18af758a0d..0000000000 Binary files a/docs/otherwise_select_INFRASTRUCTURE_Hosts_and_click_on_Add_Host.jpg and /dev/null differ diff --git a/docs/release-notes-amsterdam.rst b/docs/release_notes/release-notes-amsterdam.rst similarity index 100% rename from docs/release-notes-amsterdam.rst rename to docs/release_notes/release-notes-amsterdam.rst diff --git a/docs/release-notes-beijing.rst b/docs/release_notes/release-notes-beijing.rst similarity index 100% rename from docs/release-notes-beijing.rst rename to docs/release_notes/release-notes-beijing.rst diff --git a/docs/release-notes-casablanca.rst b/docs/release_notes/release-notes-casablanca.rst similarity index 100% rename from docs/release-notes-casablanca.rst rename to docs/release_notes/release-notes-casablanca.rst diff --git a/docs/release-notes-dublin.rst b/docs/release_notes/release-notes-dublin.rst similarity index 100% rename from docs/release-notes-dublin.rst rename to docs/release_notes/release-notes-dublin.rst diff --git a/docs/release-notes-elalto.rst b/docs/release_notes/release-notes-elalto.rst similarity index 100% rename from docs/release-notes-elalto.rst rename to docs/release_notes/release-notes-elalto.rst diff --git a/docs/release-notes-frankfurt.rst b/docs/release_notes/release-notes-frankfurt.rst similarity index 92% rename from docs/release-notes-frankfurt.rst rename to docs/release_notes/release-notes-frankfurt.rst index 7bd4474487..8b07f4a0db 100644 --- a/docs/release-notes-frankfurt.rst +++ b/docs/release_notes/release-notes-frankfurt.rst @@ -96,17 +96,17 @@ Software Deliverables OOM provides `Helm charts `_ that needs to be "compiled" into Helm package. see step 6 in -:doc:`quickstart guide `. +:doc:`quickstart guide <../oom_quickstart_guide>`. Documentation Deliverables ~~~~~~~~~~~~~~~~~~~~~~~~~~ -- :doc:`Project Description ` -- :doc:`Cloud Setup Guide ` -- :doc:`Quick Start Guide ` -- :doc:`Setup Ingress Controller ` -- :doc:`Developer Guide ` -- :doc:`Hardcoded Certificates ` +- :doc:`Project Description <../oom_project_description>` +- :doc:`Cloud Setup Guide <../oom_cloud_setup_guide>` +- :doc:`Quick Start Guide <../oom_quickstart_guide>` +- :doc:`Setup Ingress Controller <../oom_setup_ingress_controller>` +- :doc:`Developer Guide <../oom_developer_guide>` +- :doc:`Hardcoded Certificates <../oom_hardcoded_certificates>` Known Limitations, Issues and Workarounds ========================================= @@ -116,7 +116,7 @@ Known Vulnerabilities - Hard coded password used for all OOM deployments [`OJSI-188 `_] -- :doc:`Hard coded certificates ` in Helm packages +- :doc:`Hard coded certificates <../oom_hardcoded_certificates>` in Helm packages Workarounds ----------- diff --git a/docs/release-notes-guilin.rst b/docs/release_notes/release-notes-guilin.rst similarity index 91% rename from docs/release-notes-guilin.rst rename to docs/release_notes/release-notes-guilin.rst index e0af8f78a8..8d4b4322b8 100644 --- a/docs/release-notes-guilin.rst +++ b/docs/release_notes/release-notes-guilin.rst @@ -92,17 +92,17 @@ Software Deliverables OOM provides `Helm charts `_ that needs to be "compiled" into Helm package. see step 6 in -:doc:`quickstart guide `. +:doc:`quickstart guide <../oom_quickstart_guide>`. Documentation Deliverables ~~~~~~~~~~~~~~~~~~~~~~~~~~ -- :doc:`Project Description ` -- :doc:`Cloud Setup Guide ` -- :doc:`Quick Start Guide ` -- :doc:`Setup Ingress Controller ` -- :doc:`Developer Guide ` -- :doc:`Hardcoded Certificates ` +- :doc:`Project Description <../oom_project_description>` +- :doc:`Cloud Setup Guide <../oom_cloud_setup_guide>` +- :doc:`Quick Start Guide <../oom_quickstart_guide>` +- :doc:`Setup Ingress Controller <../oom_setup_ingress_controller>` +- :doc:`Developer Guide <../oom_developer_guide>` +- :doc:`Hardcoded Certificates <../oom_hardcoded_certificates>` Known Limitations, Issues and Workarounds ========================================= @@ -112,7 +112,7 @@ Known Vulnerabilities - Hard coded password used for all OOM deployments [`OJSI-188 `_] -- :doc:`Hard coded certificates ` in Helm packages +- :doc:`Hard coded certificates <../oom_hardcoded_certificates>` in Helm packages Workarounds ----------- diff --git a/docs/release-notes-honolulu.rst b/docs/release_notes/release-notes-honolulu.rst similarity index 91% rename from docs/release-notes-honolulu.rst rename to docs/release_notes/release-notes-honolulu.rst index 59f40ec0fa..bf91a44a3e 100644 --- a/docs/release-notes-honolulu.rst +++ b/docs/release_notes/release-notes-honolulu.rst @@ -110,17 +110,17 @@ Software Deliverables OOM provides `Helm charts `_ that needs to be "compiled" into Helm package. see step 6 in -:doc:`quickstart guide `. +:doc:`quickstart guide <../oom_quickstart_guide>`. Documentation Deliverables ~~~~~~~~~~~~~~~~~~~~~~~~~~ -- :doc:`Project Description ` -- :doc:`Cloud Setup Guide ` -- :doc:`Quick Start Guide ` -- :doc:`Setup Ingress Controller ` -- :doc:`Developer Guide ` -- :doc:`Hardcoded Certificates ` +- :doc:`Project Description <../oom_project_description>` +- :doc:`Cloud Setup Guide <../oom_cloud_setup_guide>` +- :doc:`Quick Start Guide <../oom_quickstart_guide>` +- :doc:`Setup Ingress Controller <../oom_setup_ingress_controller>` +- :doc:`Developer Guide <../oom_developer_guide>` +- :doc:`Hardcoded Certificates <../oom_hardcoded_certificates>` Known Limitations, Issues and Workarounds ========================================= @@ -130,7 +130,7 @@ Known Vulnerabilities - Hard coded password used for all OOM deployments [`OJSI-188 `_] -- :doc:`Hard coded certificates ` in Helm packages +- :doc:`Hard coded certificates <../oom_hardcoded_certificates>` in Helm packages Workarounds ----------- diff --git a/docs/release-notes.rst b/docs/release_notes/release-notes-isntanbul.rst similarity index 89% rename from docs/release-notes.rst rename to docs/release_notes/release-notes-isntanbul.rst index bb9c2e888c..bd320112c3 100644 --- a/docs/release-notes.rst +++ b/docs/release_notes/release-notes-isntanbul.rst @@ -2,7 +2,9 @@ International License. .. http://creativecommons.org/licenses/by/4.0 .. (c) ONAP Project and its contributors -.. _release_notes: +.. _release_notes_istanbul: + +:orphan: ************************************* ONAP Operations Manager Release Notes @@ -68,17 +70,17 @@ Software Deliverables OOM provides `Helm charts `_ that needs to be "compiled" into Helm package. see step 6 in -:doc:`quickstart guide `. +:doc:`quickstart guide <../oom_quickstart_guide>`. Documentation Deliverables ~~~~~~~~~~~~~~~~~~~~~~~~~~ -- :doc:`Project Description ` -- :doc:`Cloud Setup Guide ` -- :doc:`Quick Start Guide ` -- :doc:`Setup Ingress Controller ` -- :doc:`Developer Guide ` -- :doc:`Hardcoded Certificates ` +- :doc:`Project Description <../oom_project_description>` +- :doc:`Cloud Setup Guide <../oom_cloud_setup_guide>` +- :doc:`Quick Start Guide <../oom_quickstart_guide>` +- :doc:`Setup Ingress Controller <../oom_setup_ingress_controller>` +- :doc:`Developer Guide <../oom_developer_guide>` +- :doc:`Hardcoded Certificates <../oom_hardcoded_certificates>` Known Limitations, Issues and Workarounds ========================================= diff --git a/docs/release_notes/release-notes.rst b/docs/release_notes/release-notes.rst new file mode 100644 index 0000000000..1ab2173e10 --- /dev/null +++ b/docs/release_notes/release-notes.rst @@ -0,0 +1,131 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 + International License. +.. http://creativecommons.org/licenses/by/4.0 +.. (c) ONAP Project and its contributors +.. _release_notes: + +************************************* +ONAP Operations Manager Release Notes +************************************* + +Previous Release Notes +====================== + +- :ref:`Istanbul ` +- :ref:`Honolulu ` +- :ref:`Guilin ` +- :ref:`Frankfurt ` +- :ref:`El Alto ` +- :ref:`Dublin ` +- :ref:`Casablanca ` +- :ref:`Beijing ` +- :ref:`Amsterdam ` + +Abstract +======== + +This document provides the release notes for the Jakarta release. + +Summary +======= + + + +Release Data +============ + ++--------------------------------------+--------------------------------------+ +| **Project** | OOM | +| | | ++--------------------------------------+--------------------------------------+ +| **Docker images** | N/A | +| | | ++--------------------------------------+--------------------------------------+ +| **Release designation** | Jakarta | +| | | ++--------------------------------------+--------------------------------------+ +| **Release date** | | +| | | ++--------------------------------------+--------------------------------------+ + +New features +------------ + + +**Bug fixes** + +A list of issues resolved in this release can be found here: +https://jira.onap.org/projects/OOM/versions/11498 + + +**Known Issues** + + +Deliverables +------------ + +Software Deliverables +~~~~~~~~~~~~~~~~~~~~~ + +OOM provides `Helm charts `_ that needs to be +"compiled" into Helm package. see step 6 in +:doc:`quickstart guide <../oom_quickstart_guide>`. + +Documentation Deliverables +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- :doc:`Project Description <../oom_project_description>` +- :doc:`Cloud Setup Guide <../oom_cloud_setup_guide>` +- :doc:`Quick Start Guide <../oom_quickstart_guide>` +- :doc:`Setup Ingress Controller <../oom_setup_ingress_controller>` +- :doc:`Developer Guide <../oom_developer_guide>` +- :doc:`Hardcoded Certificates <../oom_hardcoded_certificates>` + +Known Limitations, Issues and Workarounds +========================================= + +Known Vulnerabilities +--------------------- + + +Workarounds +----------- + +- `OOM-2754 `_ + Because of *updateEndpoint* property added to *cmpv2issuer* CRD + it is impossible to upgrade platform component from Istanbul to Jakarta + release without manual steps. Actions that should be performed: + + #. Update the CRD definition:: + + > kubectl -n onap apply -f oom/kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml + #. Upgrade the component:: + + > helm -n onap upgrade dev-platform oom/kubernetes/platform + #. Make sure that *cmpv2issuer* contains correct value for + *spec.updateEndpoint*. The value should be: *v1/certificate-update*. + If it's not, edit the resource:: + + > kubectl -n onap edit cmpv2issuer cmpv2-issuer-onap + + +Security Notes +-------------- + +**Fixed Security Issues** + +References +========== + +For more information on the ONAP Istanbul release, please see: + +#. `ONAP Home Page`_ +#. `ONAP Documentation`_ +#. `ONAP Release Downloads`_ +#. `ONAP Wiki Page`_ + + +.. _`ONAP Home Page`: https://www.onap.org +.. _`ONAP Wiki Page`: https://wiki.onap.org +.. _`ONAP Documentation`: https://docs.onap.org +.. _`ONAP Release Downloads`: https://git.onap.org diff --git a/docs/master_nfs_node.sh b/docs/shell/master_nfs_node.sh similarity index 100% rename from docs/master_nfs_node.sh rename to docs/shell/master_nfs_node.sh diff --git a/docs/openstack-k8s-controlnode.sh b/docs/shell/openstack-k8s-controlnode.sh similarity index 100% rename from docs/openstack-k8s-controlnode.sh rename to docs/shell/openstack-k8s-controlnode.sh diff --git a/docs/openstack-k8s-workernode.sh b/docs/shell/openstack-k8s-workernode.sh similarity index 100% rename from docs/openstack-k8s-workernode.sh rename to docs/shell/openstack-k8s-workernode.sh diff --git a/docs/openstack-nfs-server.sh b/docs/shell/openstack-nfs-server.sh similarity index 100% rename from docs/openstack-nfs-server.sh rename to docs/shell/openstack-nfs-server.sh diff --git a/docs/slave_nfs_node.sh b/docs/shell/slave_nfs_node.sh similarity index 100% rename from docs/slave_nfs_node.sh rename to docs/shell/slave_nfs_node.sh diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt deleted file mode 100644 index 5140ec258f..0000000000 --- a/docs/spelling_wordlist.txt +++ /dev/null @@ -1,461 +0,0 @@ -AAF -AAI -ACL -adaptor -Adaptor -adaptors -Adaptors -Alcatel -Ansible -API -APIs -APPC -ASCII -Avro -BPMN -Camunda -Cask -Cassandra -CCSDK -CD -CDAP -Ceilometer -CentOS -CI -CLI -Cloudify -Codec -committer -committers -CommonMark -Contrail -CPU -CRM -CSCF -CSIT -cyber -DBaaS -DCAE -DevOps -DHCP -Django -DMaaP -DNS -DNSaaS -DPDK -Ebook -elasticsearch -Elasticsearch -Enablement -enum -Enum -env -Env -ENV -ethernet -Facebook -failover -fallback -Fcaps -Financials -geocoder -Gerrit -Git -Github -graphSON -guestOS -gui -Hadoop -hardcoded -hashtag -healthcheck -healthCheck -Healthcheck -HealthCheck -healthchecks -heatbridge -heatclient -HeatStack -hostname -hostName -Hostname -hostnames -hostOS -htm -html -http -Http -httpclient -httpcomponents -httpdomain -httpHeader -httpPort -httpreturncode -https -httpStatusCode -Huawei -hyperlink -Hyperlink -hypervisor -Hypervisor -hypervisors -Hypervisors -IaaS -indices -Indices -inline -internet -interoperable -interoperate -Interoperate -interoperation -interwork -Interworking -IoT -ip -Ip -IP -ipAddress -iPAddress -IPAddress -ipam -Ipam -ipVersion -Jacoco -java -javalib -javascript -Javascript -jboss -JBoss -Jenkins -Jira -jpath -json -Json -jsonObject -jsonObjectInstance -jsonObjects -jsonschema -jtosca -junit -Junit -JUnit -Junits -JUnits -Karaf -keypair -Keypair -keypairs -keyserver -keyservers -keyspace -Keyspace -keyspaceName -keyspaces -keystore -keytool -keyValue -Kibana -Kibibytes -kubectl -Kubernetes -LF -lifecycle -Lifecycle -lifecycles -locator -logback -Logback -logfiles -Logfiles -logoffs -Logoffs -logon -Logstash -macAddress -MacAddress -macOS -Malware -MariaDB -metadata -Metadata -microservice -Microservice -microservices -Microservices -middleware -msb -MSB -multicast -multicloud -Multicloud -MultiCloud -multipart -Mysql -NaaS -nameserver -nameservers -namespace -Namespace -namespaced -namespaces -Namespaces -Netconf -nfv -NFV -nfvi -nfvo -nfvparser -Nokia -NSD -OAM -Ocata -ODL -Onap -ONAP -onboard -Onboard -onboarded -Onboarded -onboarding -Onboarding -online -OOF -oom -OOM -OpenDaylight -OpenFlow -openo -OpenO -Opensource -Openstack -OpenStack -OSS -ovs -ovsdb -Pandoc -partitionKey -Partitionkey -passphrase -PCRF -pdf -PGaaS -Phishing -PKI -placemark -Placemark -placemarks -plantUML -playbook -Playbook -playbooks -Playbooks -plugin -Plugin -plugins -Plugins -PNF -PoC -Postgre -Postgres -Postgresql -preload -Preload -proactively -programmatically -proxyhost -pserver -pServer -pservers -QoS -quickstart -Quickstart -Rackspace -readme -readthedocs -Readthedocs -Redhat -Redis -refactored -Refactored -registrator -Registrator -releng -repo -Repo -repos -Restconf -reStructuredText -reusability -Reusability -RMM -roadmap -roadmaps -RPT -rst -RST -RVMI -schemas -screensaver -sdc -Sdc -SDC -sdk -SDK -SDN -sdnc -Sdnc -SDNC -Selenium -servlet -Servlet -Skynet -SLI -SMP -SNMP -SPI -SQL -stateful -subclassed -subclassing -subdomain -subflows -suboperation -suboperations -Suboperations -subtending -syslog -sysLog -Syslog -syslogs -Syslogs -tablename -taxonomical -TBD -Telco -telecom -Telecom -templated -templating -timeframe -timeslots -timestamp -Timestamp -transcoding -UDP -UI -uncheck -undeploy -Undeploy -undeployed -undeploying -Undeployment -uninstall -uninstallation -uninstalled -unitless -Unregistration -updatable -uploadable -url -Url -urls -usecase -Usecase -userid -username -Username -usernames -validator -Validator -vcpu -vcpus -vdns -versioned -Versioned -versioning -Versioning -vertices -Vertices -vf -vF -vfc -vFC -VFC -vfcadaptor -vfirewall -vFirewall -vfmodule -vfModule -VfModule -vfModules -vfstatus -vfStatus -virtualization -Virtualization -virtualize -virtualized -Virtualized -virtualizes -virtualizing -vlan -Vld -vm -Vm -VM -vms -VMs -VMware -vnf -vNF -Vnf -VNF -vnfapi -vnfc -VNFFG -vnfm -Vnfm -VNFM -VNFMs -vnfs -vNFs -vnfsdk -VPN -vrouter -vserver -vServer -Vserver -vservers -Vservers -vswitch -VVP -Vyatta -webapp -webapps -Webpage -webserver -WebServer -Websocket -Websockets -whitebox -whiteboxes -whitepaper -wiki -Wiki -Wikis -Wildfly -Windriver -Wireline -workflow -Workflow -workflows -www -xml -Xmx -Yaml -yamls -zabbix -Zachman -Zookeeper -ZTE diff --git a/docs/cluster.yml b/docs/yaml/cluster.yml similarity index 100% rename from docs/cluster.yml rename to docs/yaml/cluster.yml diff --git a/docs/environments_onap_demo.yaml b/docs/yaml/environments_onap_demo.yaml similarity index 100% rename from docs/environments_onap_demo.yaml rename to docs/yaml/environments_onap_demo.yaml diff --git a/docs/example-integration-override-v3.yaml b/docs/yaml/example-integration-override-v3.yaml similarity index 100% rename from docs/example-integration-override-v3.yaml rename to docs/yaml/example-integration-override-v3.yaml diff --git a/docs/example-integration-override.yaml b/docs/yaml/example-integration-override.yaml similarity index 100% rename from docs/example-integration-override.yaml rename to docs/yaml/example-integration-override.yaml diff --git a/kubernetes/.gitignore b/kubernetes/.gitignore index bc3a4f1ee0..f2b64de479 100644 --- a/kubernetes/.gitignore +++ b/kubernetes/.gitignore @@ -1 +1,3 @@ chartstorage/ +**/charts/*.tgz +helm/plugins/deploy/cache/ diff --git a/kubernetes/a1policymanagement/Chart.yaml b/kubernetes/a1policymanagement/Chart.yaml index 4c9f519e8d..563ee2094a 100644 --- a/kubernetes/a1policymanagement/Chart.yaml +++ b/kubernetes/a1policymanagement/Chart.yaml @@ -20,18 +20,18 @@ apiVersion: v2 appVersion: "1.0.0" description: A Helm chart for A1 Policy Management Service name: a1policymanagement -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml index f70deefaff..17fa320472 100644 --- a/kubernetes/a1policymanagement/values.yaml +++ b/kubernetes/a1policymanagement/values.yaml @@ -63,7 +63,7 @@ certInitializer: echo "*** change ownership of certificates to targeted user" chown -R 1000 . -image: onap/ccsdk-oran-a1policymanagementservice:1.3.0 +image: onap/ccsdk-oran-a1policymanagementservice:1.3.2 userID: 1000 #Should match with image-defined user ID groupID: 999 #Should match with image-defined group ID pullPolicy: IfNotPresent diff --git a/kubernetes/aaf/Chart.yaml b/kubernetes/aaf/Chart.yaml index 2c51172dfb..bcbe9fa155 100644 --- a/kubernetes/aaf/Chart.yaml +++ b/kubernetes/aaf/Chart.yaml @@ -18,46 +18,46 @@ apiVersion: v2 description: ONAP Application Authorization Framework name: aaf -version: 10.0.0 +version: 11.0.0 dependencies: - name: aaf-cass - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-cass' condition: aaf-authz.enabled - name: aaf-cm - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-cm' condition: aaf-authz.enabled - name: aaf-fs - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-fs' condition: aaf-authz.enabled - name: aaf-gui - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-gui' condition: aaf-authz.enabled - name: aaf-hello - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-hello' condition: aaf-hello.enabled - name: aaf-locate - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-locate' condition: aaf-authz.enabled - name: aaf-oauth - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-oauth' condition: aaf-authz.enabled - name: aaf-service - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-service' condition: aaf-authz.enabled - name: aaf-sms - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-sms' condition: aaf-sms.enabled - name: aaf-sshsm - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-sshsm' condition: aaf-sshsm.enabled diff --git a/kubernetes/aaf/components/Makefile b/kubernetes/aaf/components/Makefile index f4c9784bc4..4a15d0251b 100644 --- a/kubernetes/aaf/components/Makefile +++ b/kubernetes/aaf/components/Makefile @@ -19,7 +19,10 @@ SECRET_DIR := $(OUTPUT_DIR)/secrets EXCLUDES := HELM_BIN := helm -HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) +PROCESSED_FIRST := aaf-templates +TO_FILTER := $(PROCESSED_FIRST) $(EXCLUDES) + +HELM_CHARTS := $(PROCESSED_FIRST) $(filter-out $(TO_FILTER), $(sort $(patsubst %/.,%,$(wildcard */.)))) .PHONY: $(EXCLUDES) $(HELM_CHARTS) diff --git a/kubernetes/aaf/components/aaf-cass/Chart.yaml b/kubernetes/aaf/components/aaf-cass/Chart.yaml index 3f1394cc87..0006c9b8f7 100644 --- a/kubernetes/aaf/components/aaf-cass/Chart.yaml +++ b/kubernetes/aaf/components/aaf-cass/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP AAF cassandra name: aaf-cass -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-cm/Chart.yaml b/kubernetes/aaf/components/aaf-cm/Chart.yaml index ab91b7252b..d2d0b5e296 100644 --- a/kubernetes/aaf/components/aaf-cm/Chart.yaml +++ b/kubernetes/aaf/components/aaf-cm/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: ONAP AAF Certificate Manager name: aaf-cm -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-fs/Chart.yaml b/kubernetes/aaf/components/aaf-fs/Chart.yaml index 72b7133f24..660b8d6dba 100644 --- a/kubernetes/aaf/components/aaf-fs/Chart.yaml +++ b/kubernetes/aaf/components/aaf-fs/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP AAF File Server name: aaf-fs -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-gui/Chart.yaml b/kubernetes/aaf/components/aaf-gui/Chart.yaml index be01174cea..1527051771 100644 --- a/kubernetes/aaf/components/aaf-gui/Chart.yaml +++ b/kubernetes/aaf/components/aaf-gui/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP AAF GUI name: aaf-gui -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-hello/Chart.yaml b/kubernetes/aaf/components/aaf-hello/Chart.yaml index 5a368d5430..bc4c38de28 100644 --- a/kubernetes/aaf/components/aaf-hello/Chart.yaml +++ b/kubernetes/aaf/components/aaf-hello/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP AAF Hello name: aaf-hello -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-locate/Chart.yaml b/kubernetes/aaf/components/aaf-locate/Chart.yaml index 15ac5ee554..629b2e06a9 100644 --- a/kubernetes/aaf/components/aaf-locate/Chart.yaml +++ b/kubernetes/aaf/components/aaf-locate/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP AAF Locate name: aaf-locate -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-oauth/Chart.yaml b/kubernetes/aaf/components/aaf-oauth/Chart.yaml index 31239e9f68..b22deca963 100644 --- a/kubernetes/aaf/components/aaf-oauth/Chart.yaml +++ b/kubernetes/aaf/components/aaf-oauth/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP AAF OAuth name: aaf-oauth -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-service/Chart.yaml b/kubernetes/aaf/components/aaf-service/Chart.yaml index 5cd6cc5a83..18813fc6e2 100644 --- a/kubernetes/aaf/components/aaf-service/Chart.yaml +++ b/kubernetes/aaf/components/aaf-service/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP AAF Service name: aaf-service -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../aaf-templates' \ No newline at end of file diff --git a/kubernetes/aaf/components/aaf-sms/Chart.yaml b/kubernetes/aaf/components/aaf-sms/Chart.yaml index c3e1692dc9..769a4df7cb 100644 --- a/kubernetes/aaf/components/aaf-sms/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sms/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: ONAP Secret Management Service name: aaf-sms -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-sms-quorumclient - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-sms-quorumclient' - name: aaf-sms-vault - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-sms-vault' diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/Chart.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/Chart.yaml index b777223e89..96cf7a1b83 100644 --- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP Secret Management Service Quorum Client name: aaf-sms-quorumclient -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/Chart.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/Chart.yaml index b3935d4372..9f06ec172b 100644 --- a/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/Chart.yaml @@ -18,12 +18,12 @@ apiVersion: v2 description: Chart to launch Vault as SMS backend name: aaf-sms-vault appVersion: 0.9.5 -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-sms/templates/job.yaml b/kubernetes/aaf/components/aaf-sms/templates/job.yaml index 8dbe276d97..2370cf60de 100644 --- a/kubernetes/aaf/components/aaf-sms/templates/job.yaml +++ b/kubernetes/aaf/components/aaf-sms/templates/job.yaml @@ -201,6 +201,7 @@ spec: affinity: {{ toYaml .Values.affinity | indent 10 }} {{- end }} + {{ include "common.waitForJobContainer" . | indent 6 | trim }} volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - name: localtime hostPath: diff --git a/kubernetes/aaf/components/aaf-sms/values.yaml b/kubernetes/aaf/components/aaf-sms/values.yaml index da268ccf06..114ad23672 100644 --- a/kubernetes/aaf/components/aaf-sms/values.yaml +++ b/kubernetes/aaf/components/aaf-sms/values.yaml @@ -276,3 +276,8 @@ resources: cpu: 25m memory: 100Mi unlimited: {} + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}-preload' + diff --git a/kubernetes/aaf/components/aaf-sshsm/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/Chart.yaml index a7fd8f5fe2..2cd0cf4671 100644 --- a/kubernetes/aaf/components/aaf-sshsm/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 description: ONAP Hardware Security Components name: aaf-sshsm -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aaf-sshsm-abrmd - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-sshsm-abrmd' condition: aaf-sshsm-abrmd.enabled - name: aaf-sshsm-distcenter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-sshsm-distcenter' condition: aaf-sshsm-distcenter.enabled - name: aaf-sshsm-testca - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aaf-sshsm-testca' condition: aaf-sshsm-testca.testca.enabled diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/Chart.yaml index f9dd2b9cb2..2149739897 100644 --- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP Trusted Platform Module Resource Manager name: aaf-sshsm-abrmd -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/Chart.yaml index 1f6b6f9afb..b0a9b9a05f 100644 --- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP Trusted Platform Module Distribution Center name: aaf-sshsm-distcenter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/Chart.yaml index 73ff507f91..617c742048 100644 --- a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP Trusted Platform Module Test CA Service name: aaf-sshsm-testca -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-templates/Chart.yaml b/kubernetes/aaf/components/aaf-templates/Chart.yaml index 9d0ecad16e..b4b01b06d6 100644 --- a/kubernetes/aaf/components/aaf-templates/Chart.yaml +++ b/kubernetes/aaf/components/aaf-templates/Chart.yaml @@ -16,9 +16,9 @@ apiVersion: v2 description: ONAP Application Authorization Framework Templates name: aaf-templates -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl index 50da519a89..c0614b255e 100644 --- a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl +++ b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl @@ -23,6 +23,10 @@ spec: replicas: {{ .Values.replicaCount }} template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} + {{- if (include "common.onServiceMesh" .) }} + annotations: + sidecar.istio.io/inject: "false" + {{- end }} spec: {{ include "aaf.initContainers" . | nindent 6 }} containers: - name: {{ include "common.name" . }} diff --git a/kubernetes/aai/Chart.yaml b/kubernetes/aai/Chart.yaml index 278e1cd595..9bab1ee1ab 100644 --- a/kubernetes/aai/Chart.yaml +++ b/kubernetes/aai/Chart.yaml @@ -18,56 +18,56 @@ apiVersion: v2 description: ONAP Active and Available Inventory name: aai -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: cassandra - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' condition: global.cassandra.localCluster - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: aai-babel - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aai-babel' condition: aai-babel.enabled - name: aai-graphadmin - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aai-graphadmin' condition: aai-graphadmin.enabled - name: aai-modelloader - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aai-modelloader' condition: aai-modelloader.enabled - name: aai-resources - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aai-resources' condition: aai-resources.enabled - name: aai-schema-service - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aai-schema-service' condition: aai-schema-service.enabled - name: aai-sparky-be - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aai-sparky-be' condition: aai-sparky-be.enabled - name: aai-traversal - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/aai-traversal' condition: aai-traversal.enabled - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aai/components/aai-babel/Chart.yaml b/kubernetes/aai/components/aai-babel/Chart.yaml index 30140136a9..5f36a0e94f 100644 --- a/kubernetes/aai/components/aai-babel/Chart.yaml +++ b/kubernetes/aai/components/aai-babel/Chart.yaml @@ -18,21 +18,21 @@ apiVersion: v2 description: Babel microservice name: aai-babel -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aai/components/aai-graphadmin/Chart.yaml b/kubernetes/aai/components/aai-graphadmin/Chart.yaml index 0d5978aef7..d5d0851552 100644 --- a/kubernetes/aai/components/aai-graphadmin/Chart.yaml +++ b/kubernetes/aai/components/aai-graphadmin/Chart.yaml @@ -22,21 +22,21 @@ apiVersion: v2 description: ONAP AAI GraphAdmin name: aai-graphadmin -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml index b8adba8117..a93c6107e7 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml @@ -126,7 +126,9 @@ spec: args: - -c - | - bash docker-entrypoint.sh dataSnapshot.sh + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} + bash docker-entrypoint.sh dataSnapshot.sh; {{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }} env: - name: LOCAL_USER_ID diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml index 76a11fad54..a9349028f4 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml @@ -126,7 +126,9 @@ spec: args: - -c - | - bash docker-entrypoint.sh createDBSchema.sh + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} + bash docker-entrypoint.sh createDBSchema.sh; {{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }} env: - name: LOCAL_USER_ID diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml index d2d0809afb..10b8255c50 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml @@ -171,6 +171,8 @@ spec: args: - -c - | + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} bash docker-entrypoint.sh run_Migrations.sh -e UpdateAaiUriIndexMigration --commit --skipPreMigrationSnapShot --runDisabled RebuildAllEdges ; {{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }} env: @@ -325,6 +327,8 @@ spec: args: - -c - | + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} bash docker-entrypoint.sh dataSnapshot.sh {{ include "common.serviceMesh.killSidecar" . | indent 11 | trim }} env: diff --git a/kubernetes/aai/components/aai-modelloader/Chart.yaml b/kubernetes/aai/components/aai-modelloader/Chart.yaml index a56dfdc088..468b41b757 100644 --- a/kubernetes/aai/components/aai-modelloader/Chart.yaml +++ b/kubernetes/aai/components/aai-modelloader/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: ONAP AAI modelloader name: aai-modelloader -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties b/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties index 09eb397860..2d7cf7f98c 100644 --- a/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties +++ b/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties @@ -26,6 +26,9 @@ ml.distribution.PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go {{ else }} ml.distribution.ASDC_ADDRESS=sdc-be.{{.Release.Namespace}}:8080 ml.distribution.ASDC_USE_HTTPS=false +ml.distribution.KEYSTORE_PASSWORD= +ml.distribution.KEYSTORE_FILE= +ml.distribution.PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp {{ end }} ml.distribution.CONSUMER_GROUP=aai-ml-group ml.distribution.CONSUMER_ID=aai-ml diff --git a/kubernetes/aai/components/aai-resources/Chart.yaml b/kubernetes/aai/components/aai-resources/Chart.yaml index c5ccf82da9..729d8087a7 100644 --- a/kubernetes/aai/components/aai-resources/Chart.yaml +++ b/kubernetes/aai/components/aai-resources/Chart.yaml @@ -18,21 +18,21 @@ apiVersion: v2 description: ONAP AAI resources name: aai-resources -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aai/components/aai-schema-service/Chart.yaml b/kubernetes/aai/components/aai-schema-service/Chart.yaml index 2553c943bd..f608b7596f 100644 --- a/kubernetes/aai/components/aai-schema-service/Chart.yaml +++ b/kubernetes/aai/components/aai-schema-service/Chart.yaml @@ -18,21 +18,21 @@ apiVersion: v2 description: ONAP AAI Schema Service name: aai-schema-service -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aai/components/aai-sparky-be/Chart.yaml b/kubernetes/aai/components/aai-sparky-be/Chart.yaml index ec1812e5e8..0a2c028721 100644 --- a/kubernetes/aai/components/aai-sparky-be/Chart.yaml +++ b/kubernetes/aai/components/aai-sparky-be/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: ONAP AAI sparky-be name: aai-sparky-be -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml index 6e5ab8b32b..d23d9cf6a8 100644 --- a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml @@ -33,6 +33,8 @@ spec: app: {{ include "common.name" . }} template: metadata: + annotations: + sidecar.istio.io/rewriteAppHTTPProbers: "false" labels: app: {{ include "common.name" . }} release: {{ include "common.release" . }} diff --git a/kubernetes/aai/components/aai-traversal/Chart.yaml b/kubernetes/aai/components/aai-traversal/Chart.yaml index 41dbe23aa3..13cda281f4 100644 --- a/kubernetes/aai/components/aai-traversal/Chart.yaml +++ b/kubernetes/aai/components/aai-traversal/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: ONAP AAI traversal name: aai-traversal -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/aai/templates/service.yaml b/kubernetes/aai/templates/service.yaml index d93bfc9fd3..750e1babc3 100644 --- a/kubernetes/aai/templates/service.yaml +++ b/kubernetes/aai/templates/service.yaml @@ -35,4 +35,3 @@ spec: type: {{ .Values.service.type }} selector: app: {{ include "common.name" . }} - clusterIP: {{ .Values.service.aaiServiceClusterIp }} diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index 62d1d2eabd..ebbf8b688c 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -389,9 +389,6 @@ service: externalPort: 8443 internalPort: 8443 nodePort: 33 - # POLICY hotfix - Note this must be temporary - # See https://jira.onap.org/browse/POLICY-510 - aaiServiceClusterIp: externalPlainPort: 80 internalPlainPort: 8080 nodeport: 33 diff --git a/kubernetes/appc/Chart.yaml b/kubernetes/appc/Chart.yaml index d08a83ec4d..d65bbfbcbc 100644 --- a/kubernetes/appc/Chart.yaml +++ b/kubernetes/appc/Chart.yaml @@ -18,26 +18,26 @@ apiVersion: v2 description: Application Controller name: appc -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dgbuilder - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: appc-ansible-server - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/appc-ansible-server' condition: appc-ansible-server.enabled - name: appc-cdt - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/appc-cdt' condition: appc-cdt.enabled diff --git a/kubernetes/appc/components/appc-ansible-server/Chart.yaml b/kubernetes/appc/components/appc-ansible-server/Chart.yaml index 6bdd1ecaef..6daa29ca4f 100644 --- a/kubernetes/appc/components/appc-ansible-server/Chart.yaml +++ b/kubernetes/appc/components/appc-ansible-server/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP APPC Ansible Server name: appc-ansible-server -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/appc/components/appc-cdt/Chart.yaml b/kubernetes/appc/components/appc-cdt/Chart.yaml index 3cb22a4db6..faabb71acf 100644 --- a/kubernetes/appc/components/appc-cdt/Chart.yaml +++ b/kubernetes/appc/components/appc-cdt/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP APPC Self Service Controller Design Tool name: appc-cdt -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/cds/Chart.yaml b/kubernetes/cds/Chart.yaml index 2659767929..7115e9e39f 100644 --- a/kubernetes/cds/Chart.yaml +++ b/kubernetes/cds/Chart.yaml @@ -17,32 +17,32 @@ apiVersion: v2 description: ONAP Controller Design Studio (CDS) name: cds -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: cds-blueprints-processor - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/cds-blueprints-processor' condition: cds-blueprints-processor.enabled - name: cds-command-executor - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/cds-command-executor' condition: cds-command-executor.enabled - name: cds-py-executor - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/cds-py-executor' condition: cds-py-executor.enabled - name: cds-sdc-listener - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/cds-sdc-listener' condition: cds-sdc-listener.enabled - name: cds-ui - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/cds-ui' condition: cds-ui.enabled diff --git a/kubernetes/cds/components/cds-blueprints-processor/Chart.yaml b/kubernetes/cds/components/cds-blueprints-processor/Chart.yaml index 4374926e40..2002e5695b 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/Chart.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: ONAP CDS Blueprints Processor name: cds-blueprints-processor -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties b/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties index ea799e2119..2818fd99b4 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties +++ b/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties @@ -1,6 +1,6 @@ {{/* # -# Copyright (c) 2017-2019 AT&T, IBM, Bell Canada, Nordix Foundation. +# Copyright (c) 2017-2022 AT&T, IBM, Bell Canada, Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,7 +18,7 @@ ### START -Controller Blueprints Properties # Load Resource Source Mappings */}} -resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,vault-data=source-rest,script=source-capability +resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,vault-data=source-rest,script=source-capability,cps-data=source-rest # Blueprint Processor File Execution and Handling Properties blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy @@ -101,27 +101,90 @@ blueprintsprocessor.restclient.sdnc.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoG # AAI Data REST Client settings blueprintsprocessor.restclient.aai-data.type=basic-auth -blueprintsprocessor.restclient.aai-data.url=https://aai:8443 +{{ if ( include "common.needTLS" .) }} +blueprintsprocessor.restclient.aai-data.url=https://{{ .Values.global.aaiData.ServiceName }}:8443 +{{- else -}} +blueprintsprocessor.restclient.aai-data.url=http://{{ .Values.global.aaiData.ServiceName }}:{{ .Values.global.aaiData.ExternalPlainPort }} +{{- end }} blueprintsprocessor.restclient.aai-data.username=aai@aai.onap.org blueprintsprocessor.restclient.aai-data.password=demo123456! blueprintsprocessor.restclient.aai-data.additionalHeaders.X-TransactionId=cds-transaction-id blueprintsprocessor.restclient.aai-data.additionalHeaders.X-FromAppId=cds-app-id blueprintsprocessor.restclient.aai-data.additionalHeaders.Accept=application/json +# CPS Data +blueprintsprocessor.restclient.cps-data.type=basic-auth +blueprintsprocessor.restclient.cps-data.url=http://cps-core:8080 +blueprintsprocessor.restclient.cps-data.username=${CPS_USER} +blueprintsprocessor.restclient.cps-data.password=${CPS_PASS_PLAIN} +blueprintsprocessor.restclient.cps-data.additionalHeaders.Accept=application/json +blueprintsprocessor.restclient.cps-data.additionalHeaders.Content-Type=application/json + # Self Service Request Kafka Message Consumer -blueprintsprocessor.messageconsumer.self-service-api.kafkaEnable=false -blueprintsprocessor.messageconsumer.self-service-api.type=kafka-basic-auth -blueprintsprocessor.messageconsumer.self-service-api.bootstrapServers=message-router-kafka:9092 -blueprintsprocessor.messageconsumer.self-service-api.groupId=cds-consumer-group -blueprintsprocessor.messageconsumer.self-service-api.topic=cds-consumer -blueprintsprocessor.messageconsumer.self-service-api.clientId=cds-client -blueprintsprocessor.messageconsumer.self-service-api.pollMillSec=1000 +blueprintsprocessor.messageconsumer.self-service-api.kafkaEnable={{ .Values.kafkaRequestConsumer.enabled }} +blueprintsprocessor.messageconsumer.self-service-api.type={{ .Values.kafkaRequestConsumer.type }} +{{ if eq .Values.useStrimziKafka true }} +blueprintsprocessor.messageconsumer.self-service-api.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092 +{{- else -}} +blueprintsprocessor.messageconsumer.self-service-api.bootstrapServers={{ .Values.kafkaRequestConsumer.bootstrapServers }} +{{- end }} +blueprintsprocessor.messageconsumer.self-service-api.groupId={{ .Values.kafkaRequestConsumer.groupId }} +blueprintsprocessor.messageconsumer.self-service-api.topic={{ .Values.kafkaRequestConsumer.topic }} +blueprintsprocessor.messageconsumer.self-service-api.clientId={{ .Values.kafkaRequestConsumer.clientId }} +blueprintsprocessor.messageconsumer.self-service-api.pollMillSec={{ .Values.kafkaRequestConsumer.pollMillSec }} +{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }} +# SCRAM +blueprintsprocessor.messageconsumer.self-service-api.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }} +blueprintsprocessor.messageconsumer.self-service-api.scramPassword=${JAAS_PASS} +{{ end }} # Self Service Response Kafka Message Producer -blueprintsprocessor.messageproducer.self-service-api.bootstrapServers=message-router-kafka:9092 - -# Kafka Audit Service Configurations -blueprintsprocessor.messageproducer.self-service-api.audit.kafkaEnable=false +blueprintsprocessor.messageproducer.self-service-api.type={{ .Values.kafkaRequestProducer.type }} +{{ if eq .Values.useStrimziKafka true }} +blueprintsprocessor.messageproducer.self-service-api.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092 +{{- else -}} +blueprintsprocessor.messageproducer.self-service-api.bootstrapServers={{ .Values.kafkaRequestProducer.bootstrapServers }} +{{- end }} +blueprintsprocessor.messageproducer.self-service-api.clientId={{ .Values.kafkaRequestProducer.clientId }} +blueprintsprocessor.messageproducer.self-service-api.topic={{ .Values.kafkaRequestProducer.topic }} +{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }} +# SCRAM +blueprintsprocessor.messageproducer.self-service-api.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }} +blueprintsprocessor.messageproducer.self-service-api.scramPassword=${JAAS_PASS} +{{ end }} + +# AUDIT KAFKA FEATURE CONFIGURATION +# Audit feature dumps CDS request to a topic as well as a truncated response message to another topic. +## Audit request +blueprintsprocessor.messageproducer.self-service-api.audit.kafkaEnable={{ .Values.kafkaAuditRequest.enabled }} +blueprintsprocessor.messageproducer.self-service-api.audit.request.type={{ .Values.kafkaAuditRequest.type }} +{{ if eq .Values.useStrimziKafka true }} +blueprintsprocessor.messageproducer.self-service-api.audit.request.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092 +{{- else -}} +blueprintsprocessor.messageproducer.self-service-api.audit.request.bootstrapServers={{ .Values.kafkaAuditRequest.bootstrapServers }} +{{- end }} +blueprintsprocessor.messageproducer.self-service-api.audit.request.clientId={{ .Values.kafkaAuditRequest.clientId }} +blueprintsprocessor.messageproducer.self-service-api.audit.request.topic={{ .Values.kafkaAuditRequest.topic }} +{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }} +# SCRAM +blueprintsprocessor.messageproducer.self-service-api.audit.request.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }} +blueprintsprocessor.messageproducer.self-service-api.audit.request.scramPassword=${JAAS_PASS} +{{ end }} + +## Audit response +blueprintsprocessor.messageproducer.self-service-api.audit.response.type={{ .Values.kafkaAuditResponse.type }} +{{ if eq .Values.useStrimziKafka true }} +blueprintsprocessor.messageproducer.self-service-api.audit.response.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092 +{{- else -}} +blueprintsprocessor.messageproducer.self-service-api.audit.response.bootstrapServers={{ .Values.kafkaAuditRequest.bootstrapServers }} +{{- end }} +blueprintsprocessor.messageproducer.self-service-api.audit.response.clientId={{ .Values.kafkaAuditResponse.clientId }} +blueprintsprocessor.messageproducer.self-service-api.audit.response.topic={{ .Values.kafkaAuditResponse.topic }} +{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }} +# SCRAM +blueprintsprocessor.messageproducer.self-service-api.audit.response.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }} +blueprintsprocessor.messageproducer.self-service-api.audit.response.scramPassword=${JAAS_PASS} +{{ end }} # Executor Options blueprintsprocessor.resourceResolution.enabled=true @@ -132,10 +195,10 @@ blueprintsprocessor.remoteScriptCommand.enabled=true ## Enable py-executor blueprintsprocessor.streamingRemoteExecution.enabled=true -# Used in Health Check -blueprintsprocessor.messageproducer.self-service-api.type=kafka-basic-auth -blueprintsprocessor.messageproducer.self-service-api.clientId=cds-client -blueprintsprocessor.messageproducer.self-service-api.topic=cds-producer +## Used in Health Check +#blueprintsprocessor.messageproducer.self-service-api.type=kafka-basic-auth +#blueprintsprocessor.messageproducer.self-service-api.clientId=cds-client +#blueprintsprocessor.messageproducer.self-service-api.topic=cds-producer #Encrypted username and password for health check service @@ -143,7 +206,7 @@ endpoints.user.name=eHbVUbJAj4AG2522cSbrOQ== endpoints.user.password=eHbVUbJAj4AG2522cSbrOQ== #BaseUrls for health check blueprint processor services -blueprintprocessor.healthcheck.baseUrl=http://localhost:8080/ +blueprintprocessor.healthcheck.baseUrl=http://cds-blueprints-processor-http:8080/ blueprintprocessor.healthcheck.mapping-service-name-with-service-link=[Execution service,/api/v1/execution-service/health-check],[Resources service,/api/v1/resources/health-check],[Template service,/api/v1/template/health-check] #BaseUrls for health check Cds Listener services diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-topics.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-topics.yaml new file mode 100644 index 0000000000..555f4d4e60 --- /dev/null +++ b/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-topics.yaml @@ -0,0 +1,68 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{ if eq .Values.useStrimziKafka true }} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.kafkaRequestConsumer.topic }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: 10 + replicas: 2 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.kafkaRequestProducer.topic }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: 10 + replicas: 2 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.kafkaAuditRequest.topic }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: 10 + replicas: 2 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.kafkaAuditResponse.topic }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: 10 + replicas: 2 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +{{ end }} \ No newline at end of file diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-user.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-user.yaml new file mode 100644 index 0000000000..65ee1d2a96 --- /dev/null +++ b/kubernetes/cds/components/cds-blueprints-processor/templates/cds-kafka-user.yaml @@ -0,0 +1,49 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{ if eq .Values.useStrimziKafka true }} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaUser +metadata: + name: {{ include "common.release" . }}-{{ .Values.cdsKafkaUser }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + authentication: + type: scram-sha-512 + authorization: + type: simple + acls: + - resource: + type: group + name: {{ .Values.kafkaRequestConsumer.groupId }} + operation: All + - resource: + type: topic + name: {{ .Values.kafkaRequestConsumer.topic }} + operation: All + - resource: + type: topic + name: {{ .Values.kafkaRequestProducer.topic }} + operation: All + - resource: + type: topic + name: {{ .Values.kafkaAuditRequest.topic }} + operation: All + - resource: + type: topic + name: {{ .Values.kafkaAuditResponse.topic }} + operation: All +{{ end }} \ No newline at end of file diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml index d92f09a4c8..1e4f5e10a0 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml @@ -1,6 +1,7 @@ {{/* # Copyright (c) 2019 IBM, Bell Canada # Copyright (c) 2020 Samsung Electronics +# Modification Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -78,10 +79,6 @@ spec: args: - --container-name - cds-db - {{- if .Values.dmaapEnabled }} - - --container-name - - message-router - {{ end }} env: - name: NAMESPACE valueFrom: @@ -121,6 +118,14 @@ spec: fieldPath: metadata.name - name: CLUSTER_CONFIG_FILE value: {{ .Values.config.appConfigDir }}/hazelcast.yaml + - name: CPS_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "login") | indent 12 }} + - name: CPS_PASS_PLAIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "password") | indent 12 }} + {{ if .Values.useStrimziKafka }} + - name: JAAS_PASS + value: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-kafka-secret" "key" "password") | indent 12 }} + {{ end }} ports: - containerPort: {{ .Values.service.http.internalPort }} - containerPort: {{ .Values.service.grpc.internalPort }} diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/service.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/service.yaml index 5d2e438e1e..153740c553 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/templates/service.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/templates/service.yaml @@ -33,7 +33,7 @@ spec: {{- if eq .Values.service.http.type "NodePort"}} nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.http.nodePort }} {{- end}} - name: {{ .Values.service.http.portName | default "http" }} + name: {{ .Values.service.http.portName | default "http" }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} selector: app: {{ include "common.name" . }} release: {{ include "common.release" . }} diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml index a5180c53c6..023bf4917b 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml @@ -1,5 +1,6 @@ # Copyright (c) 2019 IBM, Bell Canada # Copyright (c) 2020 Samsung Electronics +# Modification Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -27,10 +28,17 @@ global: persistence: mountPath: /dockerdata-nfs - #This configuration specifies Service and port for SDNC OAM interface + # This configuration specifies Service and port for SDNC OAM interface sdncOamService: sdnc-oam sdncOamPort: 8282 + # This concerns CDS/AAI communication through HTTP when TLS is not being needed + # Port value should match the one in aai/values.yml : service.externalPlainPort + aaiData: + ExternalPlainPort: 80 # when TLS is not needed + ServiceName: aai # domain + # http://aai:80 or https://aai:443 + #AAF is enabled by default #aafEnabled: true @@ -57,6 +65,19 @@ secrets: externalSecret: '{{ tpl (default "" .Values.config.sdncDB.dbRootPassExternalSecret) . }}' password: '{{ .Values.config.sdncDB.dbRootPass }}' passwordPolicy: required + - uid: cds-kafka-secret + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: password + value: '{{ .Values.config.someConfig }}' + policy: generate + - uid: cps-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.cps.cpsUserExternalSecret) . }}' + login: '{{ .Values.config.cps.cpsUsername }}' + password: '{{ .Values.config.cps.cpsPassword }}' + passwordPolicy: required ################################################################# # AAF part @@ -100,7 +121,7 @@ config: dbService: mariadb-galera dbPort: 3306 dbName: sdnctl - #dbRootPass: Custom root password + # dbRootPass: Custom root password dbRootPassExternalSecret: '{{ include "common.mariadb.secret.rootPassSecretName" ( dict "dot" . "chartName" .Values.config.sdncDB.dbService ) }}' cdsDB: dbServer: cds-db @@ -111,6 +132,11 @@ config: # dbCredsExternalSecret: # dbRootPassword: password # dbRootPassExternalSecret + someConfig: blah + cps: + cpsUsername: '' + cpsPassword: '' + cpsUserExternalSecret: '{{ include "common.release" . }}-cps-core-app-user-creds' # default number of instances replicaCount: 1 @@ -119,10 +145,40 @@ nodeSelector: {} affinity: {} -# flag for kafka-listener dependency. Set to true if you are using message-router otherwise set to false if you are using -# custom kafka cluster. -dmaapEnabled: true +# If useStrimziKafka is true, the following also applies: +# strimzi will create an associated kafka user and the topics defined for Request and Audit elements below. +# The connection type must be kafka-scram-plain-text-auth +# The bootstrapServers will target the strimzi kafka cluster by default +useStrimziKafka: false +cdsKafkaUser: cds-kafka-user +kafkaRequestConsumer: + enabled: false + type: kafka-scram-plain-text-auth + bootstrapServers: host:port + groupId: cds-consumer + topic: cds.blueprint-processor.self-service-api.request + clientId: request-receiver-client-id + pollMillSec: 1000 +kafkaRequestProducer: + type: kafka-scram-plain-text-auth + bootstrapServers: host:port + clientId: request-producer-client-id + topic: cds.blueprint-processor.self-service-api.response + enableIdempotence: false +kafkaAuditRequest: + enabled: false + type: kafka-scram-plain-text-auth + bootstrapServers: host:port + clientId: audit-request-producer-client-id + topic: cds.blueprint-processor.self-service-api.audit.request + enableIdempotence: false +kafkaAuditResponse: + type: kafka-scram-plain-text-auth + bootstrapServers: host:port + clientId: audit-response-producer-client-id + topic: cds.blueprint-processor.self-service-api.audit.response + enableIdempotence: false # probe configuration parameters startup: @@ -131,12 +187,12 @@ startup: periodSeconds: 10 liveness: - initialDelaySeconds: 0 + initialDelaySeconds: 1 periodSeconds: 20 - timeoutSeconds: 20 + timeoutSeconds: 30 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container - enabled: true + enabled: false readiness: initialDelaySeconds: 120 @@ -146,17 +202,17 @@ readiness: service: http: type: ClusterIP - portName: blueprints-processor-http + portName: http internalPort: 8080 externalPort: 8080 grpc: type: ClusterIP - portName: blueprints-processor-grpc + portName: grpc internalPort: 9111 externalPort: 9111 cluster: type: ClusterIP - portName: blueprints-processor-cluster + portName: tcp-cluster internalPort: 5701 externalPort: 5701 @@ -184,8 +240,8 @@ ingress: - baseaddr: "blueprintsprocessorhttp" name: "cds-blueprints-processor-http" port: 8080 - config: - ssl: "none" + config: + ssl: "none" logback: rootLogLevel: INFO diff --git a/kubernetes/cds/components/cds-command-executor/Chart.yaml b/kubernetes/cds/components/cds-command-executor/Chart.yaml index e6b87930e3..6749d8d9e8 100755 --- a/kubernetes/cds/components/cds-command-executor/Chart.yaml +++ b/kubernetes/cds/components/cds-command-executor/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP CDS Command Executor name: cds-command-executor -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/cds/components/cds-command-executor/values.yaml b/kubernetes/cds/components/cds-command-executor/values.yaml index b0c1e35cba..e2511401f3 100755 --- a/kubernetes/cds/components/cds-command-executor/values.yaml +++ b/kubernetes/cds/components/cds-command-executor/values.yaml @@ -63,11 +63,11 @@ readiness: service: type: ClusterIP grpc: - portName: command-executor-grpc + portName: grpc internalPort: 50051 externalPort: 50051 metrics: - portName: command-executor-metrics + portName: tcp-metrics internalPort: 10005 externalPort: 10005 @@ -105,7 +105,7 @@ serviceAccount: metrics: serviceMonitor: enabled: false - port: command-executor-metrics + port: tcp-metrics path: /actuator/prometheus basicAuth: enabled: false diff --git a/kubernetes/cds/components/cds-py-executor/Chart.yaml b/kubernetes/cds/components/cds-py-executor/Chart.yaml index 702d183555..cf09b56b96 100755 --- a/kubernetes/cds/components/cds-py-executor/Chart.yaml +++ b/kubernetes/cds/components/cds-py-executor/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP CDS Py Executor name: cds-py-executor -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/cds/components/cds-py-executor/values.yaml b/kubernetes/cds/components/cds-py-executor/values.yaml index 9dc4a3181e..a1eb0a0818 100755 --- a/kubernetes/cds/components/cds-py-executor/values.yaml +++ b/kubernetes/cds/components/cds-py-executor/values.yaml @@ -60,9 +60,9 @@ service: type: ClusterIP ports: - port: 50052 - name: executor-grpc + name: grpc-executor - port: 50053 - name: manager-grpc + name: grpc-manager secrets: - uid: api-credentials diff --git a/kubernetes/cds/components/cds-sdc-listener/Chart.yaml b/kubernetes/cds/components/cds-sdc-listener/Chart.yaml index 3c547b9c76..14cd147255 100755 --- a/kubernetes/cds/components/cds-sdc-listener/Chart.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP CDS SDC listener microservice name: cds-sdc-listener -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml b/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml index 7ef5959a1b..3710f5f510 100644 --- a/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml @@ -1,6 +1,6 @@ listenerservice: config: - asdcAddress: sdc-be.{{include "common.namespace" .}}:8443 #SDC-BE + asdcAddress: sdc-be.{{include "common.namespace" .}}:{{ (eq "true" (include "common.needTLS" .)) | ternary 8443 8080 }} #SDC-BE messageBusAddress: message-router.{{include "common.namespace" .}} #Message-Router user: cds #SDC-username password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U #SDC-password @@ -14,7 +14,7 @@ listenerservice: keyStorePath: activateServerTLSAuth : false isUseHttpsWithDmaap: false - isUseHttpsWithSDC: true + isUseHttpsWithSDC: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }} archivePath: /opt/app/onap/sdc-listener/ grpcAddress: cds-blueprints-processor-grpc grpcPort: 9111 @@ -24,14 +24,11 @@ listenerservice: httpsProxyPort: 0 httpProxyPort: 0 - - cdslistener: healthcheck: baseUrl: http://localhost:9000/ mapping-service-name-with-service-link: "[SDC Listener service,/api/v1/sdclistener/healthcheck]" - management: endpoint: health: diff --git a/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml b/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml index 4ac847005e..3a6d76165b 100644 --- a/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml @@ -63,18 +63,19 @@ spec: value: {{ .Values.config.appConfigDir }} ports: - containerPort: {{ .Values.service.http.internalPort }} + name: {{ .Values.service.http.portName }} {{ if .Values.liveness.enabled }} livenessProbe: httpGet: path: /api/v1/sdclistener/healthcheck - port: {{ .Values.service.http.internalPort }} + port: {{ .Values.service.http.portName }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{end}} readinessProbe: httpGet: path: /api/v1/sdclistener/healthcheck - port: {{ .Values.service.http.internalPort }} + port: {{ .Values.service.http.portName }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: diff --git a/kubernetes/cds/components/cds-sdc-listener/templates/service.yaml b/kubernetes/cds/components/cds-sdc-listener/templates/service.yaml index af837f2b3a..42bd2b33e9 100644 --- a/kubernetes/cds/components/cds-sdc-listener/templates/service.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/templates/service.yaml @@ -31,7 +31,7 @@ spec: {{- if eq .Values.service.type "NodePort"}} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} {{- end}} - name: {{ .Values.service.http.portName | default "http" }} + name: {{ .Values.service.http.portName | default "http" }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} selector: app: {{ include "common.name" . }} release: {{ include "common.release" . }} diff --git a/kubernetes/cds/components/cds-sdc-listener/values.yaml b/kubernetes/cds/components/cds-sdc-listener/values.yaml index ac1e3b4dde..1499ad5b04 100644 --- a/kubernetes/cds/components/cds-sdc-listener/values.yaml +++ b/kubernetes/cds/components/cds-sdc-listener/values.yaml @@ -62,7 +62,7 @@ readiness: service: type: ClusterIP http: - portName: cds-sdc-listener-http + portName: http internalPort: 8080 externalPort: 8080 diff --git a/kubernetes/cds/components/cds-ui/Chart.yaml b/kubernetes/cds/components/cds-ui/Chart.yaml index e220b0ceab..c356a0f9b0 100644 --- a/kubernetes/cds/components/cds-ui/Chart.yaml +++ b/kubernetes/cds/components/cds-ui/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: ONAP CDS UI name: cds-ui -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/cds/components/cds-ui/values.yaml b/kubernetes/cds/components/cds-ui/values.yaml index 05f766e186..14fc014920 100644 --- a/kubernetes/cds/components/cds-ui/values.yaml +++ b/kubernetes/cds/components/cds-ui/values.yaml @@ -105,8 +105,8 @@ ingress: - baseaddr: "cdsui" name: "cds-ui" port: 3000 - config: - ssl: "redirect" + config: + ssl: "redirect" # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/cds/values.yaml b/kubernetes/cds/values.yaml index edac066f6f..58e6b65c6f 100644 --- a/kubernetes/cds/values.yaml +++ b/kubernetes/cds/values.yaml @@ -1,6 +1,7 @@ # Copyright © 2020 Samsung Electronics # Copyright © 2019 Orange, Bell Canada # Copyright © 2017 Amdocs, Bell Canada +# Modification Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -22,6 +23,7 @@ global: nodePortPrefixExt: 304 persistence: mountPath: /dockerdata-nfs + cdsKafkaUser: cds-kafka-user ################################################################# # Secrets metaconfig @@ -212,6 +214,7 @@ cds-blueprints-processor: dbPort: 3306 dbName: *mysqlDbName dbCredsExternalSecret: *dbUserSecretName + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.kafkaUser }}' cds-command-executor: enabled: true diff --git a/kubernetes/cli/Chart.yaml b/kubernetes/cli/Chart.yaml index 3f91203c1d..1432f750f5 100644 --- a/kubernetes/cli/Chart.yaml +++ b/kubernetes/cli/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: ONAP Command Line Interface name: cli -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/cli/values.yaml b/kubernetes/cli/values.yaml index 28d227645a..58c649c326 100644 --- a/kubernetes/cli/values.yaml +++ b/kubernetes/cli/values.yaml @@ -90,9 +90,9 @@ service: type: NodePort name: cli externalPort: 443 - externalPort1: 9090 + externalPort1: 9443 internalPort: "443" - internalPort1: 9090 + internalPort1: 9443 nodePort: "60" nodePort1: "71" @@ -104,7 +104,7 @@ ingress: port: 443 - baseaddr: "cli2.api" name: cli - port: 9090 + port: 9443 config: ssl: "redirect" diff --git a/kubernetes/common/cassandra/Chart.yaml b/kubernetes/common/cassandra/Chart.yaml index f2f7ffa6a2..8095acbddd 100644 --- a/kubernetes/common/cassandra/Chart.yaml +++ b/kubernetes/common/cassandra/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: ONAP cassandra name: cassandra -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../serviceAccount' diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml index 597174ee0a..7d017f266b 100644 --- a/kubernetes/common/cassandra/values.yaml +++ b/kubernetes/common/cassandra/values.yaml @@ -99,7 +99,11 @@ service: - name: tcp-agent port: 61621 -podAnnotations: {} +podAnnotations: + # sidecar.istio.io/inject: "false" + traffic.sidecar.istio.io/excludeInboundPorts: "7000,7001" + traffic.sidecar.istio.io/includeInboundPorts: '*' + traffic.sidecar.istio.io/excludeOutboundPorts: "7000,7001" podManagementPolicy: OrderedReady updateStrategy: type: RollingUpdate diff --git a/kubernetes/common/cert-wrapper/Chart.yaml b/kubernetes/common/cert-wrapper/Chart.yaml index 550de8d618..fbafd9a4f8 100644 --- a/kubernetes/common/cert-wrapper/Chart.yaml +++ b/kubernetes/common/cert-wrapper/Chart.yaml @@ -17,9 +17,9 @@ apiVersion: v2 description: Wrapper chart to allow truststore to be shared among cert-initializer instances name: cert-wrapper -version: 10.0.0 +version: 11.0.0 dependencies: - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../certInitializer' diff --git a/kubernetes/common/certInitializer/Chart.yaml b/kubernetes/common/certInitializer/Chart.yaml index 0f62dc7ae8..f083bf8f53 100644 --- a/kubernetes/common/certInitializer/Chart.yaml +++ b/kubernetes/common/certInitializer/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: Template used to obtain certificates in onap name: certInitializer -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../readinessCheck' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' diff --git a/kubernetes/common/certManagerCertificate/Chart.yaml b/kubernetes/common/certManagerCertificate/Chart.yaml index 807b90d4c2..b65f9f38fd 100644 --- a/kubernetes/common/certManagerCertificate/Chart.yaml +++ b/kubernetes/common/certManagerCertificate/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 name: certManagerCertificate description: A Helm chart for Cert-Manager Certificate CRD template -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: cmpv2Config - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../cmpv2Config' diff --git a/kubernetes/common/cmpv2Config/Chart.yaml b/kubernetes/common/cmpv2Config/Chart.yaml index 5210061426..7689e08d97 100644 --- a/kubernetes/common/cmpv2Config/Chart.yaml +++ b/kubernetes/common/cmpv2Config/Chart.yaml @@ -17,9 +17,9 @@ apiVersion: v2 description: Template used to store cmpv2 configuration in onap name: cmpv2Config -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' diff --git a/kubernetes/common/common/Chart.yaml b/kubernetes/common/common/Chart.yaml index 15a3f721c3..aeb07eeb15 100644 --- a/kubernetes/common/common/Chart.yaml +++ b/kubernetes/common/common/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v2 description: Common templates for inclusion in other charts name: common -version: 10.0.0 +version: 11.0.0 diff --git a/kubernetes/common/common/templates/_dmaapProvisioning.tpl b/kubernetes/common/common/templates/_dmaapProvisioning.tpl index eefd00d7bf..11d7501256 100644 --- a/kubernetes/common/common/templates/_dmaapProvisioning.tpl +++ b/kubernetes/common/common/templates/_dmaapProvisioning.tpl @@ -1,6 +1,7 @@ {{/* ################################################################################ # Copyright (C) 2021 Nordix Foundation. # +# Copyright (c) 2022 J. F. Lucas. All rights reserved. # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # @@ -18,14 +19,14 @@ {{/* This template generates a Kubernetes init containers common template to enable applications to provision - DMaaP topics (on Message Router) and feeds (on Data Router), with associated authorization (on AAF). + DMaaP feeds (on Data Router), with associated authorization. DMaap Bus Controller endpoints are used to provision: - - Authorized topic on MR, and to create and grant permission for publishers and subscribers. + - Feed on DR, with associated user authentication. common.dmaap.provisioning.initContainer: This template make use of Dmaap Bus Controller docker image to create resources on Dmaap Data Router - microservice, with the help of dbc-client.sh script it makes use of Bus Controller API to create Feed, Topics. + microservice, with the help of dbc-client.sh script it makes use of Bus Controller API to create Feeds. If the resource creation is successful via script response is logged back at particular location with appropriate naming convention. @@ -57,20 +58,7 @@ privilegedSubscriber: True deliveryURL: https://dcae-pm-mapper:8443/delivery - # MessageRouter Topic, Publisher Configuration - mrTopicsConfig: - - topicName: PERFORMANCE_MEASUREMENTS - topicDescription: Description about Topic - owner: dcaecm - tnxEnabled: false - clients: - - dcaeLocationName: san-francisco - clientRole: org.onap.dcae.pmPublisher - action: - - pub - - view - - # ConfigMap Configuration for DR Feed, Dr_Publisher, Dr_Subscriber, MR Topics + # ConfigMap Configuration for DR Feed, Dr_Publisher, Dr_Subscriber volumes: - name: feeds-config path: /opt/app/config/feeds @@ -78,8 +66,6 @@ path: /opt/app/config/dr_pubs - name: drsub-config path: /opt/app/config/dr_subs - - name: topics-config - path: /opt/app/config/topics In deployments/jobs/stateful include: initContainers: @@ -113,8 +99,7 @@ {{- define "common.dmaap.provisioning.initContainer" -}} {{- $dot := default . .dot -}} {{- $drFeedConfig := default $dot.Values.drFeedConfig .drFeedConfig -}} -{{- $mrTopicsConfig := default $dot.Values.mrTopicsConfig .mrTopicsConfig -}} -{{- if or $drFeedConfig $mrTopicsConfig -}} +{{- if $drFeedConfig -}} - name: {{ include "common.name" $dot }}-init-dmaap-provisioning image: {{ include "repositoryGenerator.image.dbcClient" $dot }} imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }} diff --git a/kubernetes/common/common/templates/_kafkaNodes.tpl b/kubernetes/common/common/templates/_kafkaNodes.tpl deleted file mode 100644 index f428b58d63..0000000000 --- a/kubernetes/common/common/templates/_kafkaNodes.tpl +++ /dev/null @@ -1,34 +0,0 @@ -{{/* -# Copyright © 2021 Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} -{{/* - Generate comma separated list of kafka or zookeper nodes to reuse in message router charts. - How to use: - - zookeeper servers list: {{ include "common.kafkaNodes" (dict "dot" . "replicaCount" (index .Values "message-router-zookeeper" "replicaCount") "componentName" .Values.zookeeper.name "port" .Values.zookeeper.port ) }} - kafka servers list: {{ include "common.kafkaNodes" (dict "dot" . "replicaCount" (index .Values "message-router-kafka" "replicaCount") "componentName" .Values.kafka.name "port" .Values.kafka.port ) }} - -*/}} -{{- define "common.kafkaNodes" -}} -{{- $dot := .dot -}} -{{- $replicaCount := .replicaCount -}} -{{- $componentName := .componentName -}} -{{- $port := .port -}} -{{- $kafkaNodes := list -}} -{{- range $i, $e := until (int $replicaCount) -}} -{{- $kafkaNodes = print (include "common.release" $dot) "-" $componentName "-" $i "." $componentName "." (include "common.namespace" $dot) ".svc.cluster.local:" $port | append $kafkaNodes -}} -{{- end -}} -{{- $kafkaNodes | join "," -}} -{{- end -}} diff --git a/kubernetes/common/common/templates/_serviceMonitor.tpl b/kubernetes/common/common/templates/_serviceMonitor.tpl index 81d7a74578..907d9c6a9c 100644 --- a/kubernetes/common/common/templates/_serviceMonitor.tpl +++ b/kubernetes/common/common/templates/_serviceMonitor.tpl @@ -135,7 +135,7 @@ spec: {{- else if $dot.Values.metrics.serviceMonitor.targetPort }} targetPort: {{ $dot.Values.metrics.serviceMonitor.targetPort }} {{- else }} - port: metrics + port: tcp-metrics {{- end }} {{- if $dot.Values.metrics.serviceMonitor.isHttps }} scheme: https diff --git a/kubernetes/common/dgbuilder/Chart.yaml b/kubernetes/common/dgbuilder/Chart.yaml index 54106955fd..1a1b8e2d86 100644 --- a/kubernetes/common/dgbuilder/Chart.yaml +++ b/kubernetes/common/dgbuilder/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: D.G. Builder application name: dgbuilder -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../serviceAccount' diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml index 9257dc89f9..ddad8d7360 100644 --- a/kubernetes/common/dgbuilder/values.yaml +++ b/kubernetes/common/dgbuilder/values.yaml @@ -69,7 +69,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/ccsdk-dgbuilder-image:1.3.1 +image: onap/ccsdk-dgbuilder-image:1.3.4 pullPolicy: Always # flag to enable debugging - application support required @@ -130,7 +130,7 @@ readiness: service: type: NodePort name: dgbuilder - portName: dgbuilder + portName: http externalPort: 3000 internalPort: 3100 nodePort: 28 diff --git a/kubernetes/common/elasticsearch/Chart.yaml b/kubernetes/common/elasticsearch/Chart.yaml index 6f6df2247d..cd187ffdbd 100644 --- a/kubernetes/common/elasticsearch/Chart.yaml +++ b/kubernetes/common/elasticsearch/Chart.yaml @@ -18,26 +18,26 @@ apiVersion: v2 description: ONAP elasticsearch name: elasticsearch -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: master - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/master' - name: data - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/data' condition: elasticsearch.data.enabled,data.enabled - name: curator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/curator' condition: elasticsearch.curator.enabled,curator.enabled - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../certInitializer' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' diff --git a/kubernetes/common/elasticsearch/components/curator/Chart.yaml b/kubernetes/common/elasticsearch/components/curator/Chart.yaml index b1e80f034c..21017c4999 100644 --- a/kubernetes/common/elasticsearch/components/curator/Chart.yaml +++ b/kubernetes/common/elasticsearch/components/curator/Chart.yaml @@ -18,12 +18,12 @@ apiVersion: v2 description: ONAP elasticsearch curator name: curator -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../repositoryGenerator' \ No newline at end of file diff --git a/kubernetes/common/elasticsearch/components/data/Chart.yaml b/kubernetes/common/elasticsearch/components/data/Chart.yaml index fc5d402a95..fc890719cb 100644 --- a/kubernetes/common/elasticsearch/components/data/Chart.yaml +++ b/kubernetes/common/elasticsearch/components/data/Chart.yaml @@ -18,12 +18,12 @@ apiVersion: v2 description: ONAP elasticsearch data name: data -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../repositoryGenerator' diff --git a/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml b/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml index ea805c1813..a7278ba104 100644 --- a/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml +++ b/kubernetes/common/elasticsearch/components/data/templates/statefulset.yaml @@ -111,6 +111,12 @@ spec: value: "yes" - name: ELASTICSEARCH_NODE_TYPE value: "data" + - name: network.bind_host + value: 127.0.0.1 + - name: network.publish_host + valueFrom: + fieldRef: + fieldPath: status.podIP ports: {{- include "common.containerPorts" . |indent 12 }} {{- if .Values.livenessProbe.enabled }} livenessProbe: diff --git a/kubernetes/common/elasticsearch/components/data/values.yaml b/kubernetes/common/elasticsearch/components/data/values.yaml index 1328a20439..1dc9ab8588 100644 --- a/kubernetes/common/elasticsearch/components/data/values.yaml +++ b/kubernetes/common/elasticsearch/components/data/values.yaml @@ -47,7 +47,7 @@ replicaCount: 0 service: ## list of ports for "common.containerPorts" ports: - - name: http-transport + - name: tcp-transport port: 9300 image: bitnami/elasticsearch:7.9.3 diff --git a/kubernetes/common/elasticsearch/components/master/Chart.yaml b/kubernetes/common/elasticsearch/components/master/Chart.yaml index 01ee8f3c20..43fe42f62b 100644 --- a/kubernetes/common/elasticsearch/components/master/Chart.yaml +++ b/kubernetes/common/elasticsearch/components/master/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP elasticsearch master name: master -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../repositoryGenerator' diff --git a/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml b/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml index a35b4bf741..85ea2bbc54 100644 --- a/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml +++ b/kubernetes/common/elasticsearch/components/master/templates/statefulset.yaml @@ -115,6 +115,12 @@ spec: value: {{ .Values.dedicatednode | quote }} - name: ELASTICSEARCH_NODE_TYPE value: "master" + - name: network.bind_host + value: 127.0.0.1 + - name: network.publish_host + valueFrom: + fieldRef: + fieldPath: status.podIP ports: {{- include "common.containerPorts" . |indent 12 }} {{- if .Values.livenessProbe.enabled }} livenessProbe: diff --git a/kubernetes/common/elasticsearch/components/master/values.yaml b/kubernetes/common/elasticsearch/components/master/values.yaml index 33804494e9..2eae0de4c0 100644 --- a/kubernetes/common/elasticsearch/components/master/values.yaml +++ b/kubernetes/common/elasticsearch/components/master/values.yaml @@ -170,7 +170,7 @@ service: ## list of ports for "common.containerPorts" ## Elasticsearch transport port ports: - - name: http-transport + - name: tcp-transport port: 9300 ## master-eligible service type ## diff --git a/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml b/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml index 22de4dbf37..05e09cb696 100644 --- a/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml +++ b/kubernetes/common/elasticsearch/templates/coordinating-deploy.yaml @@ -113,6 +113,12 @@ spec: value: "coordinating" - name: ELASTICSEARCH_PORT_NUMBER value: "9000" + - name: network.bind_host + value: 127.0.0.1 + - name: network.publish_host + valueFrom: + fieldRef: + fieldPath: status.podIP {{/*ports: {{- include "common.containerPorts" . | indent 12 -}} */}} {{- if .Values.livenessProbe.enabled }} livenessProbe: diff --git a/kubernetes/common/elasticsearch/values.yaml b/kubernetes/common/elasticsearch/values.yaml index a3f15645a3..6c46f32c96 100644 --- a/kubernetes/common/elasticsearch/values.yaml +++ b/kubernetes/common/elasticsearch/values.yaml @@ -148,7 +148,7 @@ nginx: service: name: nginx ports: - - name: elasticsearch + - name: http-es port: 8080 ## Custom server block to be added to NGINX configuration ## PHP-FPM example server block: @@ -230,7 +230,7 @@ service: ## type: ClusterIP headlessPorts: - - name: http-transport + - name: tcp-transport port: 9300 headless: suffix: discovery @@ -240,7 +240,7 @@ service: ## Elasticsearch tREST API port ## ports: - - name: elasticsearch + - name: http-es port: 9200 diff --git a/kubernetes/common/etcd-init/Chart.yaml b/kubernetes/common/etcd-init/Chart.yaml index 7f1e89e433..b4c36c368e 100644 --- a/kubernetes/common/etcd-init/Chart.yaml +++ b/kubernetes/common/etcd-init/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: Chart for etcd init job name: etcd-init -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' \ No newline at end of file diff --git a/kubernetes/common/etcd-init/templates/job.yaml b/kubernetes/common/etcd-init/templates/job.yaml index 69bcfaaf99..9d7dcc26da 100644 --- a/kubernetes/common/etcd-init/templates/job.yaml +++ b/kubernetes/common/etcd-init/templates/job.yaml @@ -55,6 +55,8 @@ spec: - /bin/sh - -ec - | + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} # Create users export ETCDCTL_ENDPOINTS=http://${ETCD_HOST}:${ETCD_PORT} export ETCDCTL_API=3 @@ -89,6 +91,7 @@ spec: name: localtime readOnly: true resources: {{ include "common.resources" . | nindent 12 }} + {{ include "common.waitForJobContainer" . | indent 6 | trim }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} {{- end -}} diff --git a/kubernetes/common/etcd-init/values.yaml b/kubernetes/common/etcd-init/values.yaml index c99c9f1e5b..6ccfb3e5d7 100644 --- a/kubernetes/common/etcd-init/values.yaml +++ b/kubernetes/common/etcd-init/values.yaml @@ -72,3 +72,7 @@ resources: cpu: 20m memory: 20Mi unlimited: {} + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}' diff --git a/kubernetes/common/etcd/Chart.yaml b/kubernetes/common/etcd/Chart.yaml index 9bc3702501..44649199fa 100644 --- a/kubernetes/common/etcd/Chart.yaml +++ b/kubernetes/common/etcd/Chart.yaml @@ -17,7 +17,7 @@ apiVersion: v2 name: etcd home: https://github.com/coreos/etcd -version: 10.0.0 +version: 11.0.0 appVersion: 2.2.5 description: Distributed reliable key-value store for the most critical data of a distributed system. @@ -27,8 +27,8 @@ sources: dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' diff --git a/kubernetes/common/logConfiguration/Chart.yaml b/kubernetes/common/logConfiguration/Chart.yaml index 3bdad3d339..5b9286ddb8 100644 --- a/kubernetes/common/logConfiguration/Chart.yaml +++ b/kubernetes/common/logConfiguration/Chart.yaml @@ -17,9 +17,9 @@ apiVersion: v2 description: Template used to create same STDOUT log configuration name: logConfiguration -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' diff --git a/kubernetes/common/mariadb-galera/Chart.yaml b/kubernetes/common/mariadb-galera/Chart.yaml index c255227262..ddbaacca40 100644 --- a/kubernetes/common/mariadb-galera/Chart.yaml +++ b/kubernetes/common/mariadb-galera/Chart.yaml @@ -18,7 +18,7 @@ apiVersion: v2 description: Chart for MariaDB Galera cluster name: mariadb-galera -version: 10.0.0 +version: 11.0.0 keywords: - mariadb - mysql @@ -29,14 +29,14 @@ keywords: dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../readinessCheck' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../serviceAccount' \ No newline at end of file diff --git a/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml b/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml index e71351e9cb..841aab3e17 100644 --- a/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml +++ b/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml @@ -27,8 +27,8 @@ metadata: spec: type: {{ .Values.metrics.service.type }} ports: - - name: metrics + - name: tcp-metrics port: {{ .Values.metrics.service.port }} - targetPort: metrics + targetPort: tcp-metrics selector: {{- include "common.matchLabels" . | nindent 4 }} {{- end }} diff --git a/kubernetes/common/mariadb-galera/templates/service.yaml b/kubernetes/common/mariadb-galera/templates/service.yaml index 75aff985e5..9b4c05ef70 100644 --- a/kubernetes/common/mariadb-galera/templates/service.yaml +++ b/kubernetes/common/mariadb-galera/templates/service.yaml @@ -18,3 +18,20 @@ {{ include "common.service" . }} --- {{ include "common.headlessService" . }} +{{- if (include "common.onServiceMesh" .) }} +{{- if eq (default "istio" .Values.global.serviceMesh.engine) "istio" }} +--- +apiVersion: security.istio.io/v1beta1 +kind: PeerAuthentication +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "common.servicename" . }} + portLevelMtls: + {{ .Values.service.internalPort }}: + mode: DISABLE +{{- end}} +{{- end}} diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml index 22832c936d..c95b572465 100644 --- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml +++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml @@ -197,12 +197,12 @@ spec: - | DATA_SOURCE_NAME="$MARIADB_ROOT_USER:$MARIADB_ROOT_PASSWORD@(localhost:3306)/" /bin/mysqld_exporter $MARIADB_METRICS_EXTRA_FLAGS ports: - - name: metrics + - name: tcp-metrics containerPort: 9104 livenessProbe: httpGet: path: /metrics - port: metrics + port: tcp-metrics initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }} @@ -211,7 +211,7 @@ spec: readinessProbe: httpGet: path: /metrics - port: metrics + port: tcp-metrics initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }} diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index 112b8c0618..e9fe577233 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -50,7 +50,7 @@ global: clusterDomain: cluster.local metrics: {} -image: bitnami/mariadb-galera:10.6.5-debian-10-r28 +image: bitnami/mariadb-galera:10.5.8 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images @@ -89,14 +89,14 @@ service: headless: {} internalPort: &dbPort 3306 ports: - - name: mysql + - name: tcp-mysql port: *dbPort headlessPorts: - - name: galera + - name: tcp-galera port: 4567 - - name: ist + - name: tcp-ist port: 4568 - - name: sst + - name: tcp-sst port: 4444 @@ -380,8 +380,13 @@ updateStrategy: ## Additional pod annotations for MariaDB Galera pods ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## -> here required to enable mariadb-galera in istio ## -podAnnotations: {} +podAnnotations: + # sidecar.istio.io/inject: "false" + traffic.sidecar.istio.io/excludeInboundPorts: "4444,4567,4568" + traffic.sidecar.istio.io/includeInboundPorts: '*' + traffic.sidecar.istio.io/excludeOutboundPorts: "4444,4567,4568" ## Pod affinity preset ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity @@ -504,14 +509,14 @@ livenessProbe: enabled: true initialDelaySeconds: 1 periodSeconds: 10 - timeoutSeconds: 1 + timeoutSeconds: 180 successThreshold: 1 failureThreshold: 3 readinessProbe: enabled: true initialDelaySeconds: 1 periodSeconds: 10 - timeoutSeconds: 1 + timeoutSeconds: 180 successThreshold: 1 failureThreshold: 3 startupProbe: @@ -520,7 +525,7 @@ startupProbe: enabled: true initialDelaySeconds: 10 periodSeconds: 10 - timeoutSeconds: 1 + timeoutSeconds: 180 successThreshold: 1 # will wait up for initialDelaySeconds + failureThreshold*periodSeconds before # stating startup wasn't good (910s per default) @@ -644,7 +649,7 @@ metrics: release: prometheus ## Rules as a map. - rules: {} + rules: [] # - alert: MariaDB-Down # annotations: # message: 'MariaDB instance {{ $labels.instance }} is down' diff --git a/kubernetes/common/mariadb-init/Chart.yaml b/kubernetes/common/mariadb-init/Chart.yaml index ab8110fde7..b9fa78f814 100644 --- a/kubernetes/common/mariadb-init/Chart.yaml +++ b/kubernetes/common/mariadb-init/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: Chart for MariaDB Galera init job name: mariadb-init -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' \ No newline at end of file diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml index 96d1dc54a4..e911d46d12 100644 --- a/kubernetes/common/mariadb-init/templates/job.yaml +++ b/kubernetes/common/mariadb-init/templates/job.yaml @@ -59,6 +59,8 @@ spec: - /bin/sh - -c - | + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} /db_init/db_init.sh {{ if or .Values.dbScriptConfigMap .Values.dbScript }} && /db_config/db_cmd.sh{{ end }} env: @@ -91,6 +93,7 @@ spec: {{- end }} resources: {{ include "common.resources" . | indent 12 }} + {{ include "common.waitForJobContainer" . | indent 6 | trim }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/common/mariadb-init/values.yaml b/kubernetes/common/mariadb-init/values.yaml index b2c0a05e46..9104dd84d6 100644 --- a/kubernetes/common/mariadb-init/values.yaml +++ b/kubernetes/common/mariadb-init/values.yaml @@ -117,3 +117,7 @@ resources: cpu: 20m memory: 20Mi unlimited: {} + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}' diff --git a/kubernetes/common/mongo/Chart.yaml b/kubernetes/common/mongo/Chart.yaml index 5a97afed4e..229da3530f 100644 --- a/kubernetes/common/mongo/Chart.yaml +++ b/kubernetes/common/mongo/Chart.yaml @@ -16,12 +16,12 @@ apiVersion: v2 description: MongoDB Server name: mongo -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' \ No newline at end of file diff --git a/kubernetes/common/music/Chart.yaml b/kubernetes/common/music/Chart.yaml index 723a125008..f275168967 100644 --- a/kubernetes/common/music/Chart.yaml +++ b/kubernetes/common/music/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: MUSIC - Multi-site State Coordination Service name: music -version: 10.0.0 +version: 11.0.0 dependencies: - name: music-cassandra - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/music-cassandra' - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../certInitializer' \ No newline at end of file diff --git a/kubernetes/common/music/components/music-cassandra/Chart.yaml b/kubernetes/common/music/components/music-cassandra/Chart.yaml index b902dd73f5..8a575c72f7 100644 --- a/kubernetes/common/music/components/music-cassandra/Chart.yaml +++ b/kubernetes/common/music/components/music-cassandra/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP - Cassandra Database name: music-cassandra -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../repositoryGenerator' \ No newline at end of file diff --git a/kubernetes/common/network-name-gen/Chart.yaml b/kubernetes/common/network-name-gen/Chart.yaml index 2712596e9b..2c4ed9e581 100644 --- a/kubernetes/common/network-name-gen/Chart.yaml +++ b/kubernetes/common/network-name-gen/Chart.yaml @@ -17,20 +17,20 @@ apiVersion: v2 description: Name Generation Micro Service name: network-name-gen -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../mariadb-galera' condition: global.mariadbGalera.localCluster - name: mariadb-init - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../mariadb-init' condition: not global.mariadbGalera.localCluster \ No newline at end of file diff --git a/kubernetes/common/network-name-gen/templates/deployment.yaml b/kubernetes/common/network-name-gen/templates/deployment.yaml index 9bdf19c7ec..97fece8a54 100644 --- a/kubernetes/common/network-name-gen/templates/deployment.yaml +++ b/kubernetes/common/network-name-gen/templates/deployment.yaml @@ -80,7 +80,11 @@ spec: - name: POL_BASIC_AUTH_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pol-basic-auth-secret" "key" "password") | indent 10}} - name: POL_URL - value: "{{ .Values.config.polUrl }}" + {{- if (include "common.needTLS" .) }} + value: "{{ .Values.config.polUrl.https }}" + {{- else }} + value: "{{ .Values.config.polUrl.http }}" + {{- end }} - name: POL_ENV value: "{{ .Values.config.polEnv }}" - name: POL_REQ_ID @@ -90,7 +94,11 @@ spec: - name: AAI_CERT_PATH value: "{{ .Values.config.aaiCertPath }}" - name: AAI_URI - value: "{{ .Values.config.aaiUri }}" + {{- if (include "common.needTLS" .) }} + value: "{{ .Values.config.aaiUri.https }}" + {{- else }} + value: "{{ .Values.config.aaiUri.http }}" + {{- end }} - name: AAI_AUTH value: "{{ .Values.config.aaiAuth }}" - name: DISABLE_HOST_VERIFICATION diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml index 5f864a6555..e5e2a7a338 100644 --- a/kubernetes/common/network-name-gen/values.yaml +++ b/kubernetes/common/network-name-gen/values.yaml @@ -87,14 +87,18 @@ config: polClientAuth: cHl0aG9uOnRlc3Q= polBasicAuthUser: healthcheck polBasicAuthPassword: zb!XztG34 - polUrl: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision + polUrl: + https: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision + http: http://policy-xacml-pdp:8080/policy/pdpx/v1/decision polEnv: TEST polReqId: xx disableHostVerification: true aaiCertPass: changeit aaiCertPath: /opt/etc/config/aai_keystore aaiAuth: QUFJOkFBSQ== - aaiUri: https://aai:8443/aai/v14/ + aaiUri: + https: https://aai:8443/aai/v14/ + http: http://aai:8080/aai/v14/ # default number of instances replicaCount: 1 @@ -118,7 +122,7 @@ readiness: service: type: ClusterIP name: neng-serv - portName: neng-serv-port + portName: http internalPort: 8080 externalPort: 8080 diff --git a/kubernetes/common/postgres-init/Chart.yaml b/kubernetes/common/postgres-init/Chart.yaml index eacba404ed..ff8c98cd13 100644 --- a/kubernetes/common/postgres-init/Chart.yaml +++ b/kubernetes/common/postgres-init/Chart.yaml @@ -16,13 +16,13 @@ apiVersion: v2 description: Chart for Postgres init job name: postgres-init -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' \ No newline at end of file diff --git a/kubernetes/common/postgres-init/templates/job.yaml b/kubernetes/common/postgres-init/templates/job.yaml index 01151bb4a9..d9a7386f83 100644 --- a/kubernetes/common/postgres-init/templates/job.yaml +++ b/kubernetes/common/postgres-init/templates/job.yaml @@ -59,6 +59,8 @@ spec: } export PG_PASSWORD=`prepare_password $PG_PASSWORD_INPUT`; export PG_ROOT_PASSWORD=`prepare_password $PG_ROOT_PASSWORD_INPUT`; + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done; psql "postgresql://postgres:$PG_ROOT_PASSWORD@$PG_HOST" < /config/setup.sql env: @@ -98,6 +100,7 @@ spec: name: pgconf resources: {{ include "common.resources" . | indent 12 }} + {{ include "common.waitForJobContainer" . | indent 6 | trim }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/common/postgres-init/values.yaml b/kubernetes/common/postgres-init/values.yaml index 7bcd8e23b4..d6d51f0b51 100644 --- a/kubernetes/common/postgres-init/values.yaml +++ b/kubernetes/common/postgres-init/values.yaml @@ -89,3 +89,7 @@ resources: cpu: 1 memory: 2Gi unlimited: {} + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}-update-config' \ No newline at end of file diff --git a/kubernetes/common/postgres/Chart.yaml b/kubernetes/common/postgres/Chart.yaml index 7cf590a275..8644bcfd6d 100644 --- a/kubernetes/common/postgres/Chart.yaml +++ b/kubernetes/common/postgres/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP Postgres Server name: postgres -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' \ No newline at end of file diff --git a/kubernetes/common/readinessCheck/Chart.yaml b/kubernetes/common/readinessCheck/Chart.yaml index 7591363143..3997aeb260 100644 --- a/kubernetes/common/readinessCheck/Chart.yaml +++ b/kubernetes/common/readinessCheck/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: Template used to wait for other deployment/sts/jobs in onap name: readinessCheck -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' \ No newline at end of file diff --git a/kubernetes/common/repository-wrapper/Chart.yaml b/kubernetes/common/repository-wrapper/Chart.yaml index 49f747433a..c385a3bb36 100644 --- a/kubernetes/common/repository-wrapper/Chart.yaml +++ b/kubernetes/common/repository-wrapper/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: Wrapper chart to allow docker secret to be shared all instances name: repository-wrapper -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' \ No newline at end of file diff --git a/kubernetes/common/repositoryGenerator/Chart.yaml b/kubernetes/common/repositoryGenerator/Chart.yaml index 230525f415..fe710e1a2f 100644 --- a/kubernetes/common/repositoryGenerator/Chart.yaml +++ b/kubernetes/common/repositoryGenerator/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v2 description: Template used to generate the right repository link name: repositoryGenerator -version: 10.0.0 +version: 11.0.0 diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml index 34ce466f48..10703eff6e 100644 --- a/kubernetes/common/repositoryGenerator/values.yaml +++ b/kubernetes/common/repositoryGenerator/values.yaml @@ -35,7 +35,7 @@ global: jreImage: onap/integration-java11:10.0.0 kubectlImage: bitnami/kubectl:1.22.4 loggingImage: beats/filebeat:5.5.0 - mariadbImage: bitnami/mariadb:10.6.5-debian-10-r28 + mariadbImage: bitnami/mariadb:10.5.8 nginxImage: bitnami/nginx:1.21.4 postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1 readinessImage: onap/oom/readiness:3.0.1 diff --git a/kubernetes/common/roles-wrapper/Chart.yaml b/kubernetes/common/roles-wrapper/Chart.yaml index 855dd52e81..8024abafd8 100644 --- a/kubernetes/common/roles-wrapper/Chart.yaml +++ b/kubernetes/common/roles-wrapper/Chart.yaml @@ -16,9 +16,9 @@ apiVersion: v2 description: Wrapper chart to allow default roles to be shared among onap instances name: roles-wrapper -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' \ No newline at end of file diff --git a/kubernetes/common/serviceAccount/Chart.yaml b/kubernetes/common/serviceAccount/Chart.yaml index 6ddb8357c6..3309753f37 100644 --- a/kubernetes/common/serviceAccount/Chart.yaml +++ b/kubernetes/common/serviceAccount/Chart.yaml @@ -17,9 +17,9 @@ apiVersion: v2 description: Template used to create the right Service Accounts / Role / RoleBinding name: serviceAccount -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../common' \ No newline at end of file diff --git a/kubernetes/common/timescaledb/Chart.yaml b/kubernetes/common/timescaledb/Chart.yaml index 6099351928..5e84be191b 100644 --- a/kubernetes/common/timescaledb/Chart.yaml +++ b/kubernetes/common/timescaledb/Chart.yaml @@ -22,15 +22,15 @@ apiVersion: v2 appVersion: "1.0" description: ONAP timescaledb name: timescaledb -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../repositoryGenerator' \ No newline at end of file diff --git a/kubernetes/consul/Chart.yaml b/kubernetes/consul/Chart.yaml index c80c318f7a..c180bc16f0 100644 --- a/kubernetes/consul/Chart.yaml +++ b/kubernetes/consul/Chart.yaml @@ -18,22 +18,22 @@ apiVersion: v2 description: ONAP Consul Agent name: consul -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: consul-server - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/consul-server' condition: consul-server.enabled - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/consul/components/consul-server/Chart.yaml b/kubernetes/consul/components/consul-server/Chart.yaml index 7460980a40..e1f838142a 100644 --- a/kubernetes/consul/components/consul-server/Chart.yaml +++ b/kubernetes/consul/components/consul-server/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 description: ONAP Consul Server name: consul-server -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh index 1d99c516b7..1b721b363c 100644 --- a/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh +++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh @@ -19,7 +19,7 @@ NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-clampdb[^[:space:]]*") if [ -n "$NAME" ]; then - if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then + if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then echo Success. CLAMP DBHost is running. 2>&1 exit 0 else diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/policy-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/policy-mariadb-script.sh index 30f324b7cf..865d477b7d 100644 --- a/kubernetes/consul/resources/config/consul-agent-config/scripts/policy-mariadb-script.sh +++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/policy-mariadb-script.sh @@ -19,7 +19,7 @@ NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-policydb[^[:space:]]*") if [ -n "$NAME" ]; then - if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then + if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then echo Success. mariadb process is running. 2>&1 exit 0 else diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh index db5dcad558..a0974c0a45 100755 --- a/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh +++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh @@ -19,7 +19,7 @@ NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-so-db[^[:space:]]*") if [ -n "$NAME" ]; then - if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then + if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then echo Success. mariadb process is running. 2>&1 exit 0 else diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh index f5d9941395..7b0bc246f6 100755 --- a/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh +++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh @@ -19,7 +19,7 @@ NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-vid-mariadb[^[:space:]]*") if [ -n "$NAME" ]; then - if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then + if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- sh -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then echo Success. mariadb process is running. 2>&1 exit 0 else diff --git a/kubernetes/contrib/Chart.yaml b/kubernetes/contrib/Chart.yaml index 1b5552a22e..0d366ff68f 100755 --- a/kubernetes/contrib/Chart.yaml +++ b/kubernetes/contrib/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 description: ONAP optional tools name: contrib -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: awx - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/awx' condition: awx.enabled - name: ejbca - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/ejbca' condition: global.cmpv2Enabled - name: netbox - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/netbox' condition: netbox.enabled - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/contrib/components/awx/Chart.yaml b/kubernetes/contrib/components/awx/Chart.yaml index b29a3d79b3..3eea511656 100755 --- a/kubernetes/contrib/components/awx/Chart.yaml +++ b/kubernetes/contrib/components/awx/Chart.yaml @@ -19,18 +19,18 @@ description: Ansible AWX name: awx sources: - https://github.com/ansible/awx -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: awx-postgres - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/awx-postgres' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml index 2999873ec7..be7254a892 100755 --- a/kubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml +++ b/kubernetes/contrib/components/awx/components/awx-postgres/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: Ansible AWX database name: awx-postgres -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/contrib/components/awx/components/awx-postgres/values.yaml b/kubernetes/contrib/components/awx/components/awx-postgres/values.yaml index 4cf03b2482..a6dc5ff90a 100755 --- a/kubernetes/contrib/components/awx/components/awx-postgres/values.yaml +++ b/kubernetes/contrib/components/awx/components/awx-postgres/values.yaml @@ -75,7 +75,7 @@ persistence: service: type: ClusterIP name: awx-postgresql - portName: awx-postgresql + portName: tcp-postgresql internalPort: 5432 externalPort: 5432 diff --git a/kubernetes/contrib/components/awx/templates/job.yaml b/kubernetes/contrib/components/awx/templates/job.yaml index f974f446c2..1ebe340a68 100644 --- a/kubernetes/contrib/components/awx/templates/job.yaml +++ b/kubernetes/contrib/components/awx/templates/job.yaml @@ -51,11 +51,16 @@ spec: apiVersion: v1 fieldPath: metadata.namespace containers: - - command: ["/bin/sh","-c"] - args: ["/etc/tower/job-entrypoint.sh"] + - name: {{ include "common.name" . }}-mgnt + command: + - /bin/sh + - -cx + - | + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} + /etc/tower/job-entrypoint.sh image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.task }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-mgnt resources: requests: cpu: 1500m @@ -78,7 +83,7 @@ spec: name: awx-secret-key readOnly: true subPath: SECRET_KEY - + {{ include "common.waitForJobContainer" . | indent 6 | trim }} volumes: - configMap: defaultMode: 0777 diff --git a/kubernetes/contrib/components/awx/templates/service.yaml b/kubernetes/contrib/components/awx/templates/service.yaml index 10f031da82..85ec8c8428 100755 --- a/kubernetes/contrib/components/awx/templates/service.yaml +++ b/kubernetes/contrib/components/awx/templates/service.yaml @@ -49,7 +49,6 @@ spec: ports: - port: {{ .Values.service.web.externalPort }} targetPort: {{ .Values.service.web.internalPort }} - nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.web.nodePort }} name: {{ .Values.service.web.portName }} selector: app: {{ include "common.fullname" . }} diff --git a/kubernetes/contrib/components/awx/values.yaml b/kubernetes/contrib/components/awx/values.yaml index 0a247c5743..c30999fa6d 100755 --- a/kubernetes/contrib/components/awx/values.yaml +++ b/kubernetes/contrib/components/awx/values.yaml @@ -88,23 +88,22 @@ persistence: service: rmqmgmt: type: ClusterIP - portName: rmqmgmt + portName: http-rmqmgmt internalPort: 15672 externalPort: 15672 web: - type: NodePort - portName: web + type: ClusterIP + portName: http-web internalPort: 8052 externalPort: 8052 - nodePort: 78 rabbitmq: type: ClusterIP http: - portName: http + portName: http-rmq internalPort: 15672 externalPort: 15672 amqp: - portName: amqp + portName: tcp-amqp internalPort: 5672 externalPort: 5672 @@ -115,3 +114,7 @@ serviceAccount: nameOverride: awx roles: - read + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}-mgnt' diff --git a/kubernetes/contrib/components/ejbca/Chart.yaml b/kubernetes/contrib/components/ejbca/Chart.yaml index 2d683269af..9b675c8b1e 100644 --- a/kubernetes/contrib/components/ejbca/Chart.yaml +++ b/kubernetes/contrib/components/ejbca/Chart.yaml @@ -17,26 +17,26 @@ apiVersion: v2 description: ONAP EJBCA test server name: ejbca -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.mariadbGalera.localCluster - name: mariadb-init - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: not global.mariadbGalera.localCluster - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: cmpv2Config - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/contrib/components/ejbca/templates/deployment.yaml b/kubernetes/contrib/components/ejbca/templates/deployment.yaml index 6bd5b259ea..a36dcacb23 100644 --- a/kubernetes/contrib/components/ejbca/templates/deployment.yaml +++ b/kubernetes/contrib/components/ejbca/templates/deployment.yaml @@ -22,6 +22,16 @@ spec: selector: {{- include "common.selectors" . | nindent 4 }} template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} + {{- if (include "common.onServiceMesh" . ) }} + annotations: + {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }} + linkerd.io/inject: disabled + {{- end }} + {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }} + sidecar.istio.io/rewriteAppHTTPProbers: "false" + proxy.istio.io/config: '{ "holdApplicationUntilProxyStarts": true }' + {{- end }} + {{- end }} spec: imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" @@ -51,7 +61,11 @@ spec: lifecycle: postStart: exec: - command: ["/bin/sh", "-c", "/opt/primekey/scripts/ejbca-config.sh"] + command: + - sh + - -c + - | + sleep 60; /opt/primekey/scripts/ejbca-config.sh volumeMounts: - name: "{{ include "common.fullname" . }}-volume" mountPath: /opt/primekey/scripts/ diff --git a/kubernetes/contrib/components/ejbca/values.yaml b/kubernetes/contrib/components/ejbca/values.yaml index 52e0e750a0..b777a7d388 100644 --- a/kubernetes/contrib/components/ejbca/values.yaml +++ b/kubernetes/contrib/components/ejbca/values.yaml @@ -86,14 +86,14 @@ affinity: {} # probe configuration parameters liveness: path: /ejbca/publicweb/healthcheck/ejbcahealth - port: api - initialDelaySeconds: 30 + port: 8443 + initialDelaySeconds: 180 periodSeconds: 30 readiness: path: /ejbca/publicweb/healthcheck/ejbcahealth - port: api - initialDelaySeconds: 30 + port: 8443 + initialDelaySeconds: 180 periodSeconds: 30 service: @@ -106,7 +106,7 @@ service: port_protocol: http # Resource Limit flavor -By Default using small -flavor: small +flavor: unlimited # Segregation for Different environment (Small and Large) resources: small: diff --git a/kubernetes/contrib/components/netbox/Chart.yaml b/kubernetes/contrib/components/netbox/Chart.yaml index 24c9801ded..a0a8cdc7fb 100755 --- a/kubernetes/contrib/components/netbox/Chart.yaml +++ b/kubernetes/contrib/components/netbox/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: Netbox IPAM name: netbox -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: netbox-app - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/netbox-app' - name: netbox-nginx - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/netbox-nginx' - name: netbox-postgres - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/netbox-postgres' \ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml b/kubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml index 19087d3999..d820ee4250 100755 --- a/kubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-app/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: Netbox - Application (WSGI + Gunicorn) name: netbox-app -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml b/kubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml index 4e4fdc0a28..bad4be1585 100755 --- a/kubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-nginx/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: Netbox - Nginx web server name: netbox-nginx -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml b/kubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml index 85654d953f..8aca215a71 100755 --- a/kubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml +++ b/kubernetes/contrib/components/netbox/components/netbox-postgres/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: Netbox Posgres database name: netbox-postgres -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/cps/Chart.yaml b/kubernetes/cps/Chart.yaml index 9052e00058..7b60d63c19 100644 --- a/kubernetes/cps/Chart.yaml +++ b/kubernetes/cps/Chart.yaml @@ -17,25 +17,25 @@ apiVersion: v2 description: ONAP Configuration Persistance Service (CPS) name: cps -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: roles-wrapper - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: standaloneDeployment - name: cps-core - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: cps-core.enabled - name: cps-temporal - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: cps-temporal.enabled - name: ncmp-dmi-plugin - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: ncmp-dmi-plugin.enabled diff --git a/kubernetes/cps/components/cps-core/Chart.yaml b/kubernetes/cps/components/cps-core/Chart.yaml index 95201a0d4a..fcaee60ac3 100644 --- a/kubernetes/cps/components/cps-core/Chart.yaml +++ b/kubernetes/cps/components/cps-core/Chart.yaml @@ -18,26 +18,26 @@ apiVersion: v2 description: ONAP Configuration Persistance Service (CPS) - Core name: cps-core -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.postgres.localCluster - name: postgres-init - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: postgres.postgresInit - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/cps/components/cps-core/resources/config/application-helm.yml b/kubernetes/cps/components/cps-core/resources/config/application-helm.yml index e9958f1114..e295a37b45 100644 --- a/kubernetes/cps/components/cps-core/resources/config/application-helm.yml +++ b/kubernetes/cps/components/cps-core/resources/config/application-helm.yml @@ -1,7 +1,7 @@ {{/* # Copyright (C) 2021 Pantheon.tech # Modifications Copyright (C) 2020 Bell Canada. -# Modifications Copyright (C) 2021 Nordix Foundation. +# Modifications Copyright (C) 2021-2022 Nordix Foundation. # Modifications Copyright (C) 2021 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,17 +28,21 @@ spring: password: ${DB_PASSWORD} driverClassName: org.postgresql.Driver initialization-mode: always - liquibase: change-log: classpath:changelog/changelog-master.yaml labels: {{ .Values.config.liquibaseLabels }} + kafka: + producer: + client-id: cps-core + security: - # comma-separated uri patterns which do not require authorization - permit-uri: /manage/**,/swagger-ui/**,/swagger-resources/**,/api-docs - auth: - username: ${CPS_USERNAME} - password: ${CPS_PASSWORD} + # comma-separated uri patterns which do not require authorization + permit-uri: /manage/**,/swagger-ui/**,/swagger-resources/**,/api-docs + auth: + username: ${CPS_USERNAME} + password: ${CPS_PASSWORD} + logging: level: org: @@ -49,12 +53,18 @@ dmi: username: ${DMI_USERNAME} password: ${DMI_PASSWORD} -{{- if .Values.config.eventPublisher }} +{{- if .Values.config.useStrimziKafka }} +spring.kafka.bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +spring.kafka.security.protocol: SASL_PLAINTEXT +spring.kafka.properties.sasl.mechanism: SCRAM-SHA-512 +spring.kafka.properties.sasl.jaas.config: ${JAASLOGIN} +{{ else }} {{ toYaml .Values.config.eventPublisher | nindent 2 }} {{- end }} {{- if .Values.config.additional }} {{ toYaml .Values.config.additional | nindent 2 }} {{- end }} + # Last empty line is required otherwise the last property will be missing from application.yml file in the pod. diff --git a/kubernetes/cps/components/cps-core/templates/deployment.yaml b/kubernetes/cps/components/cps-core/templates/deployment.yaml index e6ee161feb..a247f148a7 100644 --- a/kubernetes/cps/components/cps-core/templates/deployment.yaml +++ b/kubernetes/cps/components/cps-core/templates/deployment.yaml @@ -1,7 +1,7 @@ {{/* # Copyright (C) 2021 Pantheon.tech, Orange # Modifications Copyright (C) 2021 Bell Canada. -# Modifications Copyright (C) 2021 Nordix Foundation. +# Modifications Copyright (C) 2021-2022 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -57,7 +57,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmi-plugin-user-creds" "key" "login") | indent 12 }} - name: DMI_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmi-plugin-user-creds" "key" "password") | indent 12 }} - + {{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-kafka-user" "key" "sasl.jaas.config") | indent 12 }} + {{- end }} volumeMounts: - mountPath: /config-input name: init-data-input @@ -85,6 +88,12 @@ spec: path: {{ .Values.readiness.path }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + startupProbe: + httpGet: + path: {{ .Values.startup.path }} + port: {{ .Values.startup.port }} + failureThreshold: {{ .Values.startup.failureThreshold }} + periodSeconds: {{ .Values.startup.periodSeconds }} env: - name: SPRING_PROFILES_ACTIVE value: {{ .Values.config.spring.profile }} diff --git a/kubernetes/cps/components/cps-core/values.yaml b/kubernetes/cps/components/cps-core/values.yaml index d65924e90f..5a10b2f4ae 100644 --- a/kubernetes/cps/components/cps-core/values.yaml +++ b/kubernetes/cps/components/cps-core/values.yaml @@ -1,5 +1,6 @@ # Copyright (C) 2021 Pantheon.tech, Orange, Bell Canada. # Modifications Copyright (C) 2022 Bell Canada +# Modifications Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -42,6 +43,13 @@ secrets: login: '{{ .Values.config.dmiPluginUserName }}' password: '{{ .Values.config.dmiPluginUserPassword }}' passwordPolicy: generate + - uid: cps-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate ################################################################# # Global configuration defaults. @@ -67,7 +75,7 @@ global: container: name: postgres -image: onap/cps-and-ncmp:3.0.0 +image: onap/cps-and-ncmp:3.0.1 containerPort: &svc_port 8080 managementPort: &mgt_port 8081 @@ -137,6 +145,12 @@ readiness: path: /manage/health port: *mgt_port +startup: + failureThreshold: 5 + periodSeconds: 60 + path: /manage/health + port: *mgt_port + ingress: enabled: true service: @@ -170,17 +184,23 @@ config: #appUserPassword: dmiPluginUserName: dmiuser # Any new property can be added in the env by setting in overrides in the format mentioned below -# All the added properties must be in "key: value" format insead of yaml. +# All the added properties must be in "key: value" format instead of yaml. # additional: # spring.config.max-size: 200 # spring.config.min-size: 10 - eventPublisher: - spring.kafka.bootstrap-servers: message-router-kafka:9092 - spring.kafka.security.protocol: SASL_PLAINTEXT - spring.kafka.properties.sasl.mechanism: PLAIN - spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username=admin password=admin_secret; - spring.kafka.producer.client-id: cps-core +# kafka config + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. + +# eventPublisher: +# spring.kafka.bootstrap-servers: :9092 +# spring.kafka.security.protocol: SASL_PLAINTEXT +# spring.kafka.properties.sasl.mechanism: PLAIN +# spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username=admin password=admin_secret; additional: notification.data-updated.enabled: true diff --git a/kubernetes/cps/components/cps-temporal/Chart.yaml b/kubernetes/cps/components/cps-temporal/Chart.yaml index 502131bc7c..cbda1175d6 100644 --- a/kubernetes/cps/components/cps-temporal/Chart.yaml +++ b/kubernetes/cps/components/cps-temporal/Chart.yaml @@ -21,21 +21,21 @@ apiVersion: v2 description: ONAP Configuration Persistance Service (CPS) - Temporal name: cps-temporal -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: timescaledb - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml b/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml index 32ae51b51a..6e80843949 100644 --- a/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml +++ b/kubernetes/cps/components/cps-temporal/resources/config/application-helm.yml @@ -1,6 +1,7 @@ {{/* # ============LICENSE_START======================================================= # Copyright (c) 2021 Bell Canada. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -24,19 +25,31 @@ spring: username: ${DB_USERNAME} password: ${DB_PASSWORD} -security: - auth: - username: ${APP_USERNAME} - password: ${APP_PASSWORD} + kafka: + consumer: + group-id: {{ .Values.config.kafka.consumer.groupId }} + +app: + listener: + data-updated: + topic: {{ .Values.config.app.listener.dataUpdatedTopic }} -# Event consumption properties (kafka) -{{- if .Values.config.eventConsumption }} -{{ toYaml .Values.config.eventConsumption | nindent 2 }} +{{- if .Values.config.useStrimziKafka }} +spring.kafka.bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 +spring.kafka.security.protocol: SASL_PLAINTEXT +spring.kafka.properties.sasl.mechanism: SCRAM-SHA-512 +spring.kafka.properties.sasl.jaas.config: ${JAASLOGIN} +{{ else }} +{{ toYaml .Values.config.eventPublisher | nindent 2 }} {{- end }} -# Additional properties {{- if .Values.config.additional }} {{ toYaml .Values.config.additional | nindent 2 }} {{- end }} +security: + auth: + username: ${APP_USERNAME} + password: ${APP_PASSWORD} + # Last empty line is required otherwise the last property will be missing from application.yml file in the pod. diff --git a/kubernetes/cps/components/cps-temporal/templates/deployment.yaml b/kubernetes/cps/components/cps-temporal/templates/deployment.yaml index 806e65a865..71ff37193b 100644 --- a/kubernetes/cps/components/cps-temporal/templates/deployment.yaml +++ b/kubernetes/cps/components/cps-temporal/templates/deployment.yaml @@ -1,6 +1,7 @@ {{/* # ============LICENSE_START======================================================= # Copyright (c) 2021 Bell Canada. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -53,6 +54,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "login") | indent 12 }} - name: APP_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "password") | indent 12 }} + {{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-kafka-user" "key" "sasl.jaas.config") | indent 12 }} + {{- end }} volumeMounts: - mountPath: /config-input name: init-data-input diff --git a/kubernetes/cps/components/cps-temporal/values.yaml b/kubernetes/cps/components/cps-temporal/values.yaml index 68bc2a7e8a..a92791e019 100644 --- a/kubernetes/cps/components/cps-temporal/values.yaml +++ b/kubernetes/cps/components/cps-temporal/values.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= # Copyright (c) 2021 Bell Canada. +# Modifications Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -39,6 +40,13 @@ secrets: login: '{{ .Values.config.appUserName }}' password: '{{ .Values.config.appUserPassword }}' passwordPolicy: generate + - uid: cps-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate image: onap/cps-temporal:1.1.0 containerPort: &svc_port 8080 @@ -139,13 +147,23 @@ config: profile: helm #appUserPassword: - # Event consumption (kafka) properties - # All Kafka properties must be in "key: value" format instead of yaml. - eventConsumption: - spring.kafka.bootstrap-servers: message-router-kafka:9092 - spring.kafka.security.protocol: PLAINTEXT - spring.kafka.consumer.group-id: cps-temporal-group - app.listener.data-updated.topic: cps.data-updated-events +# Event consumption (kafka) properties + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap + kafka: + consumer: + groupId: cps-temporal-group + app: + listener: + dataUpdatedTopic: cps.data-updated-events +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. + +# eventConsumption: +# spring.kafka.bootstrap-servers: :9092 +# spring.kafka.security.protocol: PLAINTEXT +# spring.kafka.consumer.group-id: cps-temporal-group # Any new property can be added in the env by setting in overrides in the format mentioned below # All the added properties must be in "key: value" format instead of yaml. diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/Chart.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/Chart.yaml index 10c2aab323..669be9e274 100644 --- a/kubernetes/cps/components/ncmp-dmi-plugin/Chart.yaml +++ b/kubernetes/cps/components/ncmp-dmi-plugin/Chart.yaml @@ -21,18 +21,18 @@ apiVersion: v2 description: ONAP Configuration Persistance Service (CPS) - NCMP-DMI-Plugin name: ncmp-dmi-plugin -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/poddisruptionbudget.yaml b/kubernetes/cps/templates/cps-kafka-topic.yaml similarity index 55% rename from kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/poddisruptionbudget.yaml rename to kubernetes/cps/templates/cps-kafka-topic.yaml index db81b890ef..1a23ddfc9b 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/poddisruptionbudget.yaml +++ b/kubernetes/cps/templates/cps-kafka-topic.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2018 AT&T +# Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,18 +13,16 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget +{{- if .Values.config.useStrimziKafka }} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic metadata: - name: {{ include "common.fullname" . }}-pdb + name: {{ .Values.config.dataUpdatedTopic.name }} labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} + strimzi.io/cluster: {{ include "common.release" . }}-strimzi spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - maxUnavailable: {{ include "zk.maxUnavailable" . }} + partitions: {{ .Values.config.dataUpdatedTopic.partitions }} + config: + retention.ms: {{ .Values.config.dataUpdatedTopic.retentionMs }} + segment.bytes: {{ .Values.config.dataUpdatedTopic.segmentBytes }} +{{- end }} \ No newline at end of file diff --git a/kubernetes/cps/templates/cps-kafka-user.yaml b/kubernetes/cps/templates/cps-kafka-user.yaml new file mode 100644 index 0000000000..b3136d7f04 --- /dev/null +++ b/kubernetes/cps/templates/cps-kafka-user.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- if .Values.config.useStrimziKafka }} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaUser +metadata: + name: {{ include "common.release" . }}-{{ .Values.global.cpsKafkaUser }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + authentication: + type: scram-sha-512 + authorization: + type: simple + acls: + - resource: + type: group + name: {{ .Values.config.dataUpdatedTopic.consumer.groupId }} + operation: Read + - resource: + type: topic + name: {{ .Values.config.dataUpdatedTopic.name }} + operation: Read + - resource: + type: topic + name: {{ .Values.config.dataUpdatedTopic.name }} + operation: Write +{{- end }} \ No newline at end of file diff --git a/kubernetes/cps/values.yaml b/kubernetes/cps/values.yaml index 754b016fe8..700ad38844 100755 --- a/kubernetes/cps/values.yaml +++ b/kubernetes/cps/values.yaml @@ -1,4 +1,5 @@ # Copyright (C) 2021 Bell Canada +# Modifications Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -40,9 +41,20 @@ global: virtualhost: baseurl: "simpledemo.onap.org" + kafkaBootstrap: strimzi-kafka-bootstrap + cpsKafkaUser: cps-kafka-user + config: coreUserName: cpsuser dmiPluginUserName: dmiuser + useStrimziKafka: true + dataUpdatedTopic: + name: cps.data-updated-events + partitions: 10 + retentionMs: 7200000 + segmentBytes: 1073741824 + consumer: + groupId: cps-temporal-group # Enable all CPS components by default cps-core: @@ -50,9 +62,12 @@ cps-core: config: appUserExternalSecret: *core-creds-secret dmiPluginUserExternalSecret: *dmi-plugin-creds-secret + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.cpsKafkaUser }}' cps-temporal: enabled: true + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.cpsKafkaUser }}' ncmp-dmi-plugin: enabled: true diff --git a/kubernetes/dcaegen2-services/Chart.yaml b/kubernetes/dcaegen2-services/Chart.yaml index 4710acc2b3..23d0bbd929 100644 --- a/kubernetes/dcaegen2-services/Chart.yaml +++ b/kubernetes/dcaegen2-services/Chart.yaml @@ -18,92 +18,88 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE Microservices name: dcaegen2-services -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - - name: dcae-bbs-eventprocessor-ms - version: ~10.x-0 - repository: '@local' - condition: dcae-bbs-eventprocessor-ms.enabled - name: dcae-datafile-collector - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-datafile-collector.enabled - name: dcae-datalake-admin-ui - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-datalake-admin-ui.enabled - name: dcae-datalake-des - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-datalake-des.enabled - name: dcae-datalake-feeder - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-datalake-feeder.enabled - name: dcae-heartbeat - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-heartbeat.enabled - name: dcae-hv-ves-collector - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-hv-ves-collector.enabled - name: dcae-kpi-ms - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-kpi-ms.enabled - name: dcae-ms-healthcheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-ms-healthcheck.enabled - name: dcae-pm-mapper - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-pm-mapper.enabled - name: dcae-pmsh - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-pmsh.enabled - name: dcae-prh - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-prh.enabled - name: dcae-restconf-collector - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-restconf-collector.enabled - name: dcae-slice-analysis-ms - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-slice-analysis-ms.enabled - name: dcae-snmptrap-collector - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-snmptrap-collector.enabled - name: dcae-son-handler - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-son-handler.enabled - name: dcae-tcagen2 - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-tcagen2.enabled - name: dcae-ves-collector - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-ves-collector.enabled - name: dcae-ves-mapper - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcae-ves-mapper.enabled - name: dcae-ves-openapi-manager - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-ves-openapi-manager' condition: dcae-ves-openapi-manager.enabled diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/Chart.yaml b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/Chart.yaml index b3c0146aed..25fa92b696 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/Chart.yaml +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/Chart.yaml @@ -18,12 +18,12 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE Microservices Common templates name: dcaegen2-services-common -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl index f76be4c190..afd3c38f31 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl @@ -1,7 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2019 AT&T -# Copyright (c) 2021 J. F. Lucas. All rights reserved. +# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved. # Copyright (c) 2021 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -30,14 +30,21 @@ use of templates from the ONAP "common" collection) references data in .Release. The template always produces a configMap containing the microservice's -initial configuration data. This configMap is used by an initContainer -that loads the configuration into Consul. (See the documentation for +initial configuration data. (See the documentation for dcaegen2-services-common.microserviceDeployment for more details.) -If the microservice is using a logging sidecar (again, see the documentation -for dcaegen2-services-common.microserviceDeployment for more details), the -template generates an additiona configMap that supplies configuration -information for the logging sidecar. +If the microservice is using one or more Data Router (DR) feeds, the +template produces a configMap containing the information needed to +provision the feed(s). An init container performs the provisioning. + +If the microservice acts as a DR publisher for one or more feeds, the +template produces a configMap containing the information needed to +provision the publisher(s). An init container performs the provisioning. + +If the microservice acts as a DR subscriber for one or more feeds, the +template produces a configMap containing the information needed to +provision the subscribeer(s). An init container performs the provisioning. + */}} {{- define "dcaegen2-services-common.configMap" -}} @@ -96,19 +103,4 @@ data: {{ $drsub | toJson | indent 2 }} {{- end }} {{- end }} - -{{- if .Values.mrTopicsConfig }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-topics-config - namespace: {{ include "common.namespace" . }} - labels: {{ include "common.labels" . | nindent 6 }} -data: - {{- range $i, $topics := .Values.mrTopicsConfig }} - topicsConfig-{{$i}}.json: |- - {{ $topics | toJson | indent 2 }} - {{- end }} -{{- end }} {{- end }} diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index fbaaedf0dd..6c742c07de 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -33,7 +33,7 @@ provided to all microservices. The template expects a single argument, pointing to the caller's global context. Microservice-specific environment variables can be specified in two ways: - 1. As literal string values. + 1. As literal string values. (The values can also be Helm template fragments.) 2. As values that are sourced from a secret, identified by the secret's uid and the key within the secret that provides the value. @@ -58,7 +58,7 @@ the the literal string "An example value". {{- range $envName, $envValue := .Values.applicationEnv }} {{- if kindIs "string" $envValue }} - name: {{ $envName }} - value: {{ $envValue | quote }} + value: {{ tpl $envValue $global | quote }} {{- else }} {{ if or (not $envValue.secretUid) (not $envValue.key) }} {{ fail (printf "Env %s definition is not a string and does not contain secretUid or key fields" $envName) }} @@ -180,21 +180,6 @@ The sidecar is included if .Values.log.path is set. The logging sidecar and the DCAE microservice container share a volume where the microservice logs are written. -The Deployment includes an initContainer that checks for the -readiness of other components that the microservice relies on. -This container is generated by the "common.readinessCheck.waitfor" -template. - -If the microservice acts as a TLS client or server, the Deployment will -include an initContainer that retrieves certificate information from -the AAF certificate manager. The information is mounted at the -mount point specified in .Values.certDirectory. If the microservice is -a TLS server (indicated by setting .Values.tlsServer to true), the -certificate information will include a server cert and key, in various -formats. It will also include the AAF CA cert. If the microservice is -a TLS client only (indicated by setting .Values.tlsServer to false), the -certificate information includes only the AAF CA cert. - Deployed POD may also include a Policy-sync sidecar container. The sidecar is included if .Values.policies is set. The Policy-sync sidecar polls PolicyEngine (PDP) periodically based @@ -212,6 +197,35 @@ policies: policyRelease: "onap" policyID: | '["onap.vfirewall.tca","onap.vdns.tca"]' + +The Deployment includes an initContainer that checks for the +readiness of other components that the microservice relies on. +This container is generated by the "common.readinessCheck.waitfor" +template. See the documentation for this template +(oom/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl). + +If the microservice uses a DMaaP Data Router (DR) feed, the Deployment +includes an initContainer that makes provisioning requests to the DMaaP +bus controller (dmaap-bc) to create the feed and to set up a publisher +and/or subscriber to the feed. The Deployment also includes a second +initContainer that merges the information returned by the provisioning +process into the microservice's configuration. See the documentation for +the common DMaaP provisioning template +(oom/kubernetes/common/common/templates/_dmaapProvisioning.tpl). + +If the microservice acts as a TLS client or server, the Deployment will +include an initContainer that retrieves certificate information from +the AAF certificate manager. The information is mounted at the +mount point specified in .Values.certDirectory. If the microservice is +a TLS server (indicated by setting .Values.tlsServer to true), the +certificate information will include a server cert and key, in various +formats. It will also include the AAF CA cert. If the microservice is +a TLS client only (indicated by setting .Values.tlsServer to false), the +certificate information includes only the AAF CA cert. + +If the microservice uses certificates from an external CMPv2 provider, +the Deployment will include an initContainer that performs certificate +post-processing. */}} {{- define "dcaegen2-services-common.microserviceDeployment" -}} @@ -236,30 +250,6 @@ spec: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - {{- if not $drFeedConfig }} - - command: - - sh - args: - - -c - - | - {{- range $var := .Values.customEnvVars }} - export {{ $var.name }}="{{ $var.value }}"; - {{- end }} - cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done - env: - {{- range $cred := .Values.credentials }} - - name: {{ $cred.name }} - {{- include "common.secret.envFromSecretFast" (dict "global" $ "uid" $cred.uid "key" $cred.key) | indent 10 }} - {{- end }} - volumeMounts: - - mountPath: /config-input - name: app-config-input - - mountPath: /config - name: app-config - image: {{ include "repositoryGenerator.image.envsubst" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-update-config - {{- end }} {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} {{- include "common.dmaap.provisioning.initContainer" . | nindent 6 }} {{- if $certDir }} @@ -331,7 +321,7 @@ spec: resources: {{ include "common.resources" . | nindent 2 }} volumeMounts: - mountPath: /app-config - name: app-config + name: {{ ternary "app-config-input" "app-config" (not $drFeedConfig) }} - mountPath: /app-config-input name: app-config-input {{- if $logDir }} diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/Chart.yaml deleted file mode 100644 index 5463d37a6e..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/Chart.yaml +++ /dev/null @@ -1,41 +0,0 @@ -# ================================ LICENSE_START ============================= -# ============================================================================ -# Copyright (c) 2021 AT&T Intellectual Property -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# ============================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ================================= LICENSE_END ============================== - -apiVersion: v2 -appVersion: "Jakarta" -description: DCAE BBS-EventProcessor Microservice -name: dcae-bbs-eventprocessor-ms -version: 10.0.0 - -dependencies: - - name: common - version: ~10.x-0 - repository: '@local' - - name: readinessCheck - version: ~10.x-0 - repository: '@local' - - name: repositoryGenerator - version: ~10.x-0 - repository: '@local' - - name: dcaegen2-services-common - version: ~10.x-0 - repository: '@local' - - name: serviceAccount - version: ~10.x-0 - repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/configmap.yaml deleted file mode 100644 index a914446c99..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/configmap.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -################################################################################ -# Copyright (c) 2021 AT&T Intellectual Property # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ -*/}} - -{{ include "dcaegen2-services-common.configMap" . }} \ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/deployment.yaml deleted file mode 100644 index 0ad66b62a9..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/deployment.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -################################################################################ -# Copyright (c) 2021 AT&T Intellectual Property # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ -*/}} - -{{ include "dcaegen2-services-common.microserviceDeployment" . }} \ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/secret.yaml deleted file mode 100644 index 6b70356ca9..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/secret.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -################################################################################ -# Copyright (c) 2021 AT&T Intellectual Property # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ -*/}} - -{{ include "common.secretFast" . }} \ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/service.yaml deleted file mode 100644 index cf11d2a0c5..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/templates/service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -################################################################################ -# Copyright (c) 2021 AT&T Intellectual Property # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ -*/}} - -{{ include "common.service" . }} \ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml deleted file mode 100644 index f55aeecdbd..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-bbs-eventprocessor-ms/values.yaml +++ /dev/null @@ -1,211 +0,0 @@ -# ================================ LICENSE_START ============================= -# ============================================================================ -# Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. -# ============================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ================================= LICENSE_END ============================== - -################################################################# -# Global Configuration Defaults. -################################################################# -global: - nodePortPrefix: 302 - nodePortPrefixExt: 304 - centralizedLoggingEnabled: true - -################################################################# -# Filebeat Configuration Defaults. -################################################################# -filebeatConfig: - logstashServiceName: log-ls - logstashPort: 5044 - -################################################################# -# Secrets Configuration. -################################################################# -secrets: - - uid: &aafCredsUID aafcreds - type: basicAuth - login: '{{ .Values.aafCreds.identity }}' - password: '{{ .Values.aafCreds.password }}' - passwordPolicy: required - - uid: &aaiCredsUID aaicreds - type: basicAuth - login: '{{ .Values.aaiCreds.username }}' - password: '{{ .Values.aaiCreds.password }}' - passwordPolicy: required - - -################################################################# -# InitContainer Images. -################################################################# -tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 - -################################################################# -# Application Configuration Defaults. -################################################################# -# Application Image -image: onap/org.onap.dcaegen2.services.components.bbs-event-processor:2.1.1 -pullPolicy: Always - -# Log directory where logging sidecar should look for log files -# if path is set to null sidecar won't be deployed in spite of -# global.centralizedLoggingEnabled setting. -log: - path: /opt/app/bbs-event-processor/logs -logConfigMapNamePrefix: '{{ include "common.fullname" . }}' - -# Directory where TLS certs should be stored -# if absent, no certs will be retrieved and stored -certDirectory: /opt/app/bbs-event-processor/etc/cert/ - -# TLS role -- set to true if microservice acts as server -# If true, an init container will retrieve a server cert -# and key from AAF and mount them in certDirectory. -tlsServer: true - -# Dependencies -readinessCheck: - wait_for: - - dcae-config-binding-service - - aaf-cm - -# Probe Configuration -readiness: - initialDelaySeconds: 120 - periodSeconds: 180 - timeoutSeconds: 5 - path: /heartbeat - scheme: HTTP - port: 8100 - - -# Service Configuration -service: - type: ClusterIP - name: dcae-bbs-eventprocessor - ports: - - name: https - port: 8100 - port_protocol: http - -# AAF Credentials -aafCreds: - identity: dcae@dcae.onap.org - password: demo123456! - -# AAI Credentials -aaiCreds: - username: AAI - password: AAI - -credentials: -- name: AAF_USERNAME - uid: *aafCredsUID - key: login -- name: AAF_PASSWORD - uid: *aafCredsUID - key: password -- name: AAI_USERNAME - uid: *aaiCredsUID - key: login -- name: AAI_PASSWORD - uid: *aaiCredsUID - key: password - - -# Initial Application Configuration -applicationConfig: - streams_subscribes: - pnf_reregistration: - type: message_router - aaf_username: ${AAF_USERNAME} - aaf_password: ${AAF_PASSWORD} - dmaap_info: - topic_url: https:message-router:3905/events/unauthenticated.PNF_UPDATE - cpe_authentication: - type: message_router - aaf_username: ${AAF_USERNAME} - aaf_password: ${AAF_PASSWORD} - dmaap_info: - topic_url: https:message-router:3905/events/unauthenticated.CPE_AUTHENTICATION - streams_publishes: - close_loop: - type: message_router - aaf_username: ${AAF_USERNAME} - aaf_password: ${AAF_PASSWORD} - dmaap_info: - topic_url: https:message-router:3905/events/unauthenticated.DCAE_CL_OUTPUT - dmaap.protocol: https - dmaap.contentType: application/json - dmaap.consumer.consumerId: c12 - dmaap.consumer.consumerGroup: OpenDcae-c12 - dmaap.messageLimit: -1 - dmaap.timeoutMs: -1 - aai.host: aai.onap - aai.port: 8443 - aai.protocol: https - aai.username: ${AAI_USERNAME} - aai.password: ${AAF_PASSWORD} - aai.aaiIgnoreSslCertificateErrors: true - application.pipelinesPollingIntervalSec: 25 - application.pipelinesTimeoutSec: 15 - application.cbsPollingIntervalSec: 120 - application.policyVersion: 1.0.0.5 - application.clTargetType: VM - application.clEventStatus: ONSET - application.clVersion: 1.0.2 - application.clTarget: vserver.vserver-name - application.clOriginator: DCAE-BBS-ep - application.reregistration.policyScope: policyScopeReReg - application.reregistration.clControlName: clControlNameReReg - application.cpe.authentication.policyScope: policyScopeCpeAuth - application.cpe.authentication.clControlName: clControlNameCpeAuth - application.reregistration.configKey: pnf_reregistration - application.cpeAuth.configKey: cpe_authentication - application.closeLoop.configKey: close_loop - application.loggingLevel: INFO - application.ssl.keyStorePath: "/opt/app/bbs-event-processor/etc/cert/cert.jks" - application.ssl.keyStorePasswordPath: "/opt/app/bbs-event-processor/etc/cert/jks.pass" - application.ssl.trustStorePath: "/opt/app/bbs-event-processor/etc/cert/trust.jks" - application.ssl.trustStorePasswordPath: "/opt/app/bbs-event-processor/etc/cert/trust.pass" - application.ssl.enableAaiCertAuth: true - application.ssl.enableDmaapCertAuth: true - -# Resource Limit Flavor -By Default Using Small -flavor: small - -# Segregation for Different Environment (Small and Large) -resources: - small: - limits: - cpu: 1 - memory: 1Gi - requests: - cpu: 1 - memory: 1Gi - large: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 2 - memory: 2Gi - unlimited: {} - -#Pods Service Account -serviceAccount: - nameOverride: dcae-bbs-eventprocessor-ms - roles: - - read diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/Chart.yaml index 36edd4b6ae..c51c2221dd 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/Chart.yaml @@ -18,27 +18,27 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE DataFile Collector Helm charts name: dcae-datafile-collector -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certManagerCertificate - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml index 14dd89a186..3fffb9c79b 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml @@ -52,7 +52,7 @@ certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice- # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.7.1 +image: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.8.0 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -139,6 +139,7 @@ applicationConfig: dmaap.certificateConfig.keyPasswordPath: /opt/app/datafile/etc/cert/p12.pass dmaap.certificateConfig.trustedCa: /opt/app/datafile/etc/cert/trust.jks dmaap.certificateConfig.trustedCaPasswordPath: /opt/app/datafile/etc/cert/trust.pass + dmaap.certificateConfig.enableCertAuth: true dmaap.dmaapConsumerConfiguration.consumerGroup: OpenDcae-c12 dmaap.dmaapConsumerConfiguration.consumerId: C12 dmaap.dmaapConsumerConfiguration.timeoutMs: -1 diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/Chart.yaml index d61a50c7bd..c4843d639c 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-admin-ui/Chart.yaml @@ -18,24 +18,24 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE datalake-admin-ui helm chart name: dcae-datalake-admin-ui -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-des/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-des/Chart.yaml index 7d2f36c350..20b65f03f9 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datalake-des/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-des/Chart.yaml @@ -18,24 +18,24 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE Datalake DES MS charts name: dcae-datalake-des -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/Chart.yaml index c62cbd1a0f..3d1ea6e1f3 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datalake-feeder/Chart.yaml @@ -18,27 +18,27 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE Datalake feeder MS charts name: dcae-datalake-feeder -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-heartbeat/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-heartbeat/Chart.yaml index 207052f077..056696a45c 100644 --- a/kubernetes/dcaegen2-services/components/dcae-heartbeat/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-heartbeat/Chart.yaml @@ -18,27 +18,27 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE Heartbeat Microservice name: dcae-heartbeat -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml index 30d73f3844..0c9732a242 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml @@ -18,27 +18,27 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE HV VES collector name: dcae-hv-ves-collector -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certManagerCertificate - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml new file mode 100644 index 0000000000..ff977aaa32 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml @@ -0,0 +1,47 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaUser +metadata: + name: {{ include "common.release" . }}-{{ .Values.hvVesKafkaUser }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + authentication: + type: scram-sha-512 + authorization: + type: simple + acls: + - resource: + type: topic + name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-fault-supervision" "kafka_info" "topic_name" }} + operation: Write + - resource: + type: topic + name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-provisioning" "kafka_info" "topic_name" }} + operation: Write + - resource: + type: topic + name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-heartbeat" "kafka_info" "topic_name" }} + operation: Write + - resource: + type: topic + name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-performance-assurance" "kafka_info" "topic_name" }} + operation: Write + - resource: + type: topic + name: {{ .Values.applicationConfig.streams_publishes.perf3gpp.kafka_info.topic_name }} + operation: Write diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml new file mode 100644 index 0000000000..e40775833a --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml @@ -0,0 +1,79 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: ves-3gpp-fault-supervision + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-fault-supervision" "kafka_info" "topic_name" }} + partitions: 10 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: ves-3gpp-provisioning + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-provisioning" "kafka_info" "topic_name" }} + partitions: 10 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: ves-3gpp-heartbeat + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-heartbeat" "kafka_info" "topic_name" }} + partitions: 10 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: ves-3gpp-performance-assurance + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-performance-assurance" "kafka_info" "topic_name" }} + partitions: 10 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: perf3gpp + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + topicName: {{ .Values.applicationConfig.streams_publishes.perf3gpp.kafka_info.topic_name }} + partitions: 10 + config: + retention.ms: 7200000 + segment.bytes: 1073741824 diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml index 5a6283697c..67add37cea 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml @@ -2,6 +2,7 @@ # ================================================================================ # Copyright (c) 2021-2022 J. F. Lucas. All rights reserved. # Copyright (c) 2021-2022 Nokia. All rights reserved. +# Copyright © 2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -61,11 +62,15 @@ certDirectory: /etc/ves-hv/ssl tlsServer: true secrets: - - uid: &aafCredsUID aafcreds - type: basicAuth - login: '{{ .Values.aafCreds.user }}' - password: '{{ .Values.aafCreds.password }}' - passwordPolicy: required + - uid: hv-ves-kafka-secret + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate +config: + someConfig: blah # CMPv2 certificate # It is used only when: @@ -113,17 +118,8 @@ service: port_protocol: http nodePort: 22 -aafCreds: - user: admin - password: admin_secret - -credentials: -- name: AAF_USER - uid: *aafCredsUID - key: login -- name: AAF_PASSWORD - uid: *aafCredsUID - key: password +#strimzi kafka config +hvVesKafkaUser: dcae-hv-ves-kafka-user # initial application configuration applicationConfig: @@ -139,48 +135,38 @@ applicationConfig: streams_publishes: ves-3gpp-fault-supervision: type: kafka - aaf_credentials: - username: ${AAF_USER} - password: ${AAF_PASSWORD} kafka_info: - bootstrap_servers: message-router-kafka:9092 + bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} topic_name: SEC_3GPP_FAULTSUPERVISION_OUTPUT ves-3gpp-provisioning: type: kafka - aaf_credentials: - username: ${AAF_USER} - password: ${AAF_PASSWORD} kafka_info: - bootstrap_servers: message-router-kafka:9092 + bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} topic_name: SEC_3GPP_PROVISIONING_OUTPUT ves-3gpp-heartbeat: type: kafka - aaf_credentials: - username: ${AAF_USER} - password: ${AAF_PASSWORD} kafka_info: - bootstrap_servers: message-router-kafka:9092 + bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} topic_name: SEC_3GPP_HEARTBEAT_OUTPUT ves-3gpp-performance-assurance: type: kafka - aaf_credentials: - username: ${AAF_USER} - password: ${AAF_PASSWORD} kafka_info: - bootstrap_servers: message-router-kafka:9092 + bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} topic_name: SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT perf3gpp: type: kafka - aaf_credentials: - username: ${AAF_USER} - password: ${AAF_PASSWORD} kafka_info: - bootstrap_servers: message-router-kafka:9092 + bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS} topic_name: HV_VES_PERF3GPP applicationEnv: JAVA_OPTS: '-Dlogback.configurationFile=/etc/ONAP/dcae-hv-ves-collector/logback.xml' CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml' + KAFKA_BOOTSTRAP_SERVERS: '{{ include "common.release" . }}-strimzi-kafka-bootstrap:9092' + USE_SCRAM: 'true' + JAAS_CONFIG: + secretUid: hv-ves-kafka-secret + key: sasl.jaas.config # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/Chart.yaml index 53b070ea90..ff18e15e3d 100644 --- a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/Chart.yaml @@ -18,24 +18,24 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE KPI MS chart name: dcae-kpi-ms -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml index 72c6a4bcce..6ce0a1f98a 100644 --- a/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-kpi-ms/values.yaml @@ -70,10 +70,12 @@ certDirectory: /opt/app/kpims/etc/cert/ tlsServer: true enable_tls: true -dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 -policies: - policyID: | - '["com.Config_KPIMS_CONFIG_POLICY"]' +# Optional Policy configuration properties +# if present, policy-sync side car will be deployed +#dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 +#policies: +# policyID: | +# '["com.Config_KPIMS_CONFIG_POLICY"]' # Dependencies readinessCheck: @@ -123,15 +125,11 @@ applicationConfig: cid: kpi-cid streams_subscribes: performance_management_topic: - aafUsername: ${AAF_IDENTITY} - aafPassword: ${AAF_PASSWORD} type: message-router dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.PERFORMANCE_MEASUREMENTS streams_publishes: kpi_topic: - aafUsername: ${AAF_IDENTITY} - aafPassword: ${AAF_PASSWORD} type: message-router dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.DCAE_KPI_OUTPUT diff --git a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/Chart.yaml index 73331aa66a..2e13863cbe 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/Chart.yaml @@ -20,18 +20,18 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: ONAP DCAE Microservice Health Check name: dcae-ms-healthcheck -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/Chart.yaml index d3a128f653..5aa8feaab0 100644 --- a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/Chart.yaml @@ -18,24 +18,24 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE PM-Mapper Helm charts name: dcae-pm-mapper -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../common/dcaegen2-services-common' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml index e023d819b8..eaa961c53a 100644 --- a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml @@ -178,27 +178,12 @@ drSubConfig: privilegedSubscriber: true deliveryURL: http://dcae-pm-mapper:8081/delivery -# MessageRouter Topic, Publisher Configuration -mrTopicsConfig: - - topicName: PERFORMANCE_MEASUREMENTS - topicDescription: PM Mapper publishes perf3gpp VES PM Events to authenticated MR topic - owner: dcaecm - tnxEnabled: false - clients: - - dcaeLocationName: san-francisco - clientRole: org.onap.dcae.pmPublisher - action: - - pub - - view - # ConfigMap Configuration for Dr Feed, Subscriber, MR Topics volumes: - name: feeds-config path: /opt/app/config/feeds - name: drsub-config path: /opt/app/config/dr_subs - - name: topics-config - path: /opt/app/config/topics # Resource Limit Flavor -By Default Using Small flavor: small diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/Chart.yaml index 25f25e69cb..f68e715184 100644 --- a/kubernetes/dcaegen2-services/components/dcae-pmsh/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/Chart.yaml @@ -19,27 +19,27 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE PMSH Service name: dcae-pmsh -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml index 1c6d68969c..971d7bfd24 100644 --- a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml @@ -57,7 +57,7 @@ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.pmsh:2.0.0 +image: onap/org.onap.dcaegen2.services.pmsh:2.2.2 pullPolicy: Always # Log directory where logging sidecar should look for log files diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/Chart.yaml index 14e5e87b89..54d1fce96a 100644 --- a/kubernetes/dcaegen2-services/components/dcae-prh/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-prh/Chart.yaml @@ -18,24 +18,24 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE PRH name: dcae-prh -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml index cac362a3a8..ddb0b08833 100644 --- a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml @@ -99,10 +99,6 @@ credentials: uid: *aaiCredsUID key: password -customEnvVars: -- name: AUTH_HDR - value: "Basic `echo -n ${AAI_USER}:${AAI_PASSWORD} | base64`" - # initial application configuration applicationConfig: dmaap.dmaapConsumerConfiguration.dmaapContentType: "application/json" @@ -127,7 +123,7 @@ applicationConfig: X-TransactionId: "9999" Accept: "application/json" Real-Time: "true" - Authorization: $AUTH_HDR + Authorization: ${AUTH_HDR} security.trustStorePath: "/opt/app/prh/etc/cert/trust.jks" security.trustStorePasswordPath: "/opt/app/prh/etc/cert/trust.pass" security.keyStorePath: "/opt/app/prh/etc/cert/cert.jks" @@ -151,6 +147,7 @@ applicationConfig: applicationEnv: CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml' + AUTH_HDR: '{{ printf "Basic %s" (print .Values.aaiCreds.user ":" .Values.aaiCreds.password | b64enc) }}' # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/Chart.yaml index cec9575e9b..e78d480a2f 100644 --- a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/Chart.yaml @@ -18,24 +18,24 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE RESTConf Collector name: dcae-restconf-collector -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml index 41b671d66d..ecbfb72661 100644 --- a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml @@ -139,7 +139,10 @@ applicationConfig: topic_url: http://message-router:3904/events/unauthenticated.DCAE_RCC_OUTPUT type: message_router #rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"${CONTROLLER_IP}:{CONTROLLER_PORT}","controller_restapiUser":"${CONTROLLER_USERNAME}","controller_restapiPassword":"${CONTROLLER_PASSWORD}","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]' - rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"172.30.0.55:26335","controller_restapiUser":"${CONTROLLER_USERNAME}","controller_restapiPassword":"${CONTROLLER_PASSWORD}","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]' + # Workaround while DCAEGEN2-3234 is being resolved--hardcording the ${CONTROLLER_USERNAME} and ${CONTROLLER_PASSWORD} until the restconf-collector uses the latest CBS client SDK that can handle multiple substitutions in a string. + # The line immediately below this one should be used once DCAEGEN-3234 is resolved. + #rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"172.30.0.55:26335","controller_restapiUser":"${CONTROLLER_USERNAME}","controller_restapiPassword":"${CONTROLLER_PASSWORD}","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]' + rcc_policy: '[{"controller_name":"AccessM&C","controller_restapiUrl":"172.30.0.55:26335","controller_restapiUser":"access","controller_restapiPassword":"Huawei@123","controller_accessTokenUrl":"/rest/plat/smapp/v1/oauth/token","controller_accessTokenFile":"./etc/access-token.json","controller_accessTokenMethod":"put","controller_subsMethod":"post","controller_subscriptionUrl":"/restconf/v1/operations/huawei-nce-notification-action:establish-subscription","controller_disableSsl":"true","event_details":[{"event_name":"ONT_registration","event_description":"ONTregistartionevent","event_sseventUrlEmbed":"true","event_sseventsField":"output.url","event_sseventsUrl":"null","event_subscriptionTemplate":"./etc/ont_registartion_subscription_template.json","event_unSubscriptionTemplate":"./etc/ont_registartion_unsubscription_template.json","event_ruleId":"12345678","modifyData":"true","modifyMethod": "modifyOntEvent","userData": "remote_id=AC9.0234.0337;svlan=100;cvlan=10;"}]}]' #applicationEnv: # CONTROLLER_IP: "172.30.0.55" diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml index bee29cd923..8dbed7c646 100644 --- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml @@ -18,27 +18,27 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE SliceAnalysis MS charts name: dcae-slice-analysis-ms -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml index 9261b8ebe0..b5959ae765 100644 --- a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml @@ -2,6 +2,7 @@ # ============================================================================ # Copyright (C) 2021-2022 Wipro Limited. # Copyright (c) 2022 J. F. Lucas. All rights reserved. +# Copyright (C) 2022 Huawei Canada Limited. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -57,7 +58,7 @@ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.0.7 +image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.1.3 # Log directory where logging sidecar should look for log files # if path is set to null sidecar won't be deployed in spite of @@ -144,32 +145,48 @@ applicationConfig: sliceanalysisms.rannfnssiDetailsTemplateId: get-rannfnssiid-details sliceanalysisms.desUrl: http://dl-des:1681/datalake/v1/exposure/pm_data sliceanalysisms.pmDataDurationInWeeks: 4 + sliceanalysisms.vesNotifPollingInterval: 15 + sliceanalysisms.vesNotifChangeIdentifier: PM_BW_UPDATE + sliceanalysisms.vesNotifChangeType: BandwidthChanged + sliceanalysisms.aaiNotif.targetAction: UPDATE + sliceanalysisms.aaiNotif.targetSource: UUI + sliceanalysisms.aaiNotif.targetEntity: service-instance + sliceanalysisms.ccvpnEvalInterval: 15 + sliceanalysisms.ccvpnEvalThreshold: 0.8 + sliceanalysisms.ccvpnEvalPrecision: 100.0 + sliceanalysisms.ccvpnEvalPeriodicCheckOn: true + sliceanalysisms.ccvpnEvalOnDemandCheckOn: true streams_publishes: CL_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT streams_subscribes: performance_management_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.PERFORMANCE_MEASUREMENTS intelligent_slicing_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.ML_RESPONSE_TOPIC dcae_cl_response_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/DCAE_CL_RSP + ves_ccvpn_notification_topic: + type: message-router + dmaap_info: + topic_url: http://message-router:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT + aai_subscriber: + type: message-router + servers : ["message-router:3904"] + consumer_group: dcae_ccvpn_cl + consumer_instance: dcae_ccvpn_cl_aaievent + fetch_timeout: 15000 + fetch_limit: 100 + dmaap_info: + topic_url: http://message-router:3904/events/AAI-EVENT applicationEnv: STANDALONE: 'false' diff --git a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/Chart.yaml index 3cd71a357e..b05f35f660 100644 --- a/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-snmptrap-collector/Chart.yaml @@ -18,24 +18,24 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE SNMPTrap Collector name: dcae-snmptrap-collector -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml index 895f642283..edc2efc0fe 100644 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/Chart.yaml @@ -18,27 +18,27 @@ # ============= LICENSE_END ================================================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE Son-handler helm chart name: dcae-son-handler -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml index 88ceac0e8d..e8a9403a1c 100644 --- a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml @@ -62,7 +62,7 @@ tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.son-handler:2.1.6 +image: onap/org.onap.dcaegen2.services.son-handler:2.1.7 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -81,12 +81,12 @@ certDirectory: /opt/app/sonhms/etc/certs # and key from AAF and mount them in certDirectory. tlsServer: false -# Policy configuraiton properties +# Optional Policy configuration properties # if present, policy-sync side car will be deployed -dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 -policies: - policyID: | - '["com.Config_PCIMS_CONFIG_POLICY"]' +#dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 +#policies: +# policyID: | +# '["com.Config_PCIMS_CONFIG_POLICY"]' # Dependencies readinessCheck: @@ -186,33 +186,23 @@ applicationConfig: streams_publishes: CL_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT streams_subscribes: performance_management_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT fault_management_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/unauthenticated.SEC_FAULT_OUTPUT nbr_list_change_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/PCI-NOTIF-TOPIC-NGHBR-LIST-CHANGE-INFO dcae_cl_response_topic: type: message-router - aaf_username: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} dmaap_info: topic_url: http://message-router:3904/events/DCAE_CL_RSP service_calls: diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/Chart.yaml index c5f4efea11..6eb8528e76 100644 --- a/kubernetes/dcaegen2-services/components/dcae-tcagen2/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/Chart.yaml @@ -18,30 +18,30 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE TCA (Gen 2) name: dcae-tcagen2 -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mongo - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/Chart.yaml index 8022b79365..ac1b8128df 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/Chart.yaml @@ -18,27 +18,27 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE VES Collector name: dcae-ves-collector -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certManagerCertificate - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/Chart.yaml index 2097a9723d..82f4881220 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-mapper/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-mapper/Chart.yaml @@ -18,24 +18,24 @@ # ================================= LICENSE_END ============================== apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: DCAE VES-Mapper Microservice name: dcae-ves-mapper -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/Chart.yaml index 3065b57a85..74fd5578c7 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/Chart.yaml @@ -20,18 +20,18 @@ apiVersion: v2 description: ONAP DCAE VES OpenApi Manager name: dcae-ves-openapi-manager -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/values.yaml b/kubernetes/dcaegen2-services/values.yaml index 5334caced0..1652f04f0f 100644 --- a/kubernetes/dcaegen2-services/values.yaml +++ b/kubernetes/dcaegen2-services/values.yaml @@ -16,6 +16,7 @@ global: centralizedLoggingEnabled: true + hvVesKafkaUser: dcae-hv-ves-kafka-user ################################################################# # Filebeat Configuration Defaults. @@ -28,9 +29,6 @@ filebeatConfig: # Control deployment of DCAE microservices at ONAP installation time dcae-ves-openapi-manager: enabled: true -dcae-bbs-eventprocessor-ms: - enabled: false - logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services' dcae-datafile-collector: enabled: false logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services' @@ -49,6 +47,8 @@ dcae-heartbeat: dcae-hv-ves-collector: enabled: true logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services' + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.hvVesKafkaUser }}' dcae-kpi-ms: enabled: false logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services' diff --git a/kubernetes/dcaegen2/Chart.yaml b/kubernetes/dcaegen2/Chart.yaml index eb69410121..ba1e47a353 100644 --- a/kubernetes/dcaegen2/Chart.yaml +++ b/kubernetes/dcaegen2/Chart.yaml @@ -17,46 +17,46 @@ apiVersion: v2 description: ONAP DCAE Gen2 name: dcaegen2 -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcae-bootstrap - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-bootstrap' condition: dcae-bootstrap.enabled - name: dcae-cloudify-manager - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-cloudify-manager' condition: dcae-cloudify-manager.enabled - name: dcae-config-binding-service - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-config-binding-service' condition: dcae-config-binding-service.enabled - name: dcae-healthcheck - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-healthcheck' condition: dcae-healthcheck.enabled - name: dcae-servicechange-handler - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-servicechange-handler' condition: dcae-servicechange-handler.enabled - name: dcae-inventory-api - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-inventory-api' condition: dcae-inventory-api.enabled - name: dcae-deployment-handler - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-deployment-handler' condition: dcae-deployment-handler.enabled - name: dcae-policy-handler - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-policy-handler' condition: dcae-policy-handler.enabled - name: dcae-dashboard - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcae-dashboard' condition: dcae-dashboard.enabled diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/Chart.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/Chart.yaml index d4f797bcbc..21e685008c 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/Chart.yaml @@ -21,19 +21,19 @@ apiVersion: v2 description: ONAP DCAE Bootstrap name: dcae-bootstrap -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' alias: postgres - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/Chart.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/Chart.yaml index 09b3684619..b268ca8bc9 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/Chart.yaml @@ -21,18 +21,18 @@ apiVersion: v2 description: ONAP DCAE Cloudify Manager name: dcae-cloudify-manager -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: cmpv2Config - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-config-binding-service/Chart.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/Chart.yaml index d5fb997a23..9ffacf422d 100644 --- a/kubernetes/dcaegen2/components/dcae-config-binding-service/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/Chart.yaml @@ -20,15 +20,15 @@ apiVersion: v2 description: ONAP DCAE Config Binding Service name: dcae-config-binding-service -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/Chart.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/Chart.yaml index e0b2976e23..3b1bcdd271 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/Chart.yaml @@ -20,18 +20,18 @@ apiVersion: v2 appVersion: "1.0" description: DCAE Dashboard name: dcae-dashboard -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-deployment-handler/Chart.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/Chart.yaml index a11cdf95de..e8193ab3c0 100644 --- a/kubernetes/dcaegen2/components/dcae-deployment-handler/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/Chart.yaml @@ -20,15 +20,15 @@ apiVersion: v2 description: ONAP DCAE Deployment Handler name: dcae-deployment-handler -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-healthcheck/Chart.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/Chart.yaml index 8954e72f1d..29693c4d28 100644 --- a/kubernetes/dcaegen2/components/dcae-healthcheck/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-healthcheck/Chart.yaml @@ -21,15 +21,15 @@ apiVersion: v2 description: ONAP DCAE Health Check name: dcae-healthcheck -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/Chart.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/Chart.yaml index 32ba74e640..7d69c019ed 100644 --- a/kubernetes/dcaegen2/components/dcae-inventory-api/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/Chart.yaml @@ -20,18 +20,18 @@ apiVersion: v2 description: ONAP DCAE Inventory API Service name: dcae-inventory-api -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/Chart.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/Chart.yaml index 4c3ababdea..b15740b906 100644 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/Chart.yaml @@ -20,15 +20,15 @@ apiVersion: v2 description: ONAP DCAE Policy Handler name: dcae-policy-handler -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-servicechange-handler/Chart.yaml b/kubernetes/dcaegen2/components/dcae-servicechange-handler/Chart.yaml index af78d79445..7f3a04ab78 100644 --- a/kubernetes/dcaegen2/components/dcae-servicechange-handler/Chart.yaml +++ b/kubernetes/dcaegen2/components/dcae-servicechange-handler/Chart.yaml @@ -20,15 +20,15 @@ apiVersion: v2 description: ONAP DCAE Service Change Handler name: dcae-servicechange-handler -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaemod/Chart.yaml b/kubernetes/dcaemod/Chart.yaml index 8bf2ddfbc0..60a57653ce 100644 --- a/kubernetes/dcaemod/Chart.yaml +++ b/kubernetes/dcaemod/Chart.yaml @@ -20,37 +20,37 @@ apiVersion: v2 description: ONAP DCAE MOD name: dcaemod -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaemod-genprocessor - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcaemod-genprocessor' condition: dcaemod-genprocessor.enabled - name: dcaemod-distributor-api - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcaemod-distributor-api' condition: dcaemod-distributor-api.enabled - name: dcaemod-designtool - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcaemod-designtool' condition: dcaemod-designtool.enabled - name: dcaemod-onboarding-api - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcaemod-onboarding-api' condition: dcaemod-onboarding-api.enabled - name: dcaemod-runtime-api - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcaemod-runtime-api' condition: dcaemod-runtime-api.enabled - name: dcaemod-nifi-registry - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcaemod-nifi-registry' condition: dcaemod-nifi-registry.enabled - name: dcaemod-healthcheck - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dcaemod-healthcheck' condition: dcaemod-healthcheck.enabled diff --git a/kubernetes/dcaemod/components/dcaemod-designtool/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-designtool/Chart.yaml index cf27ca45ca..d5f61a3e0b 100644 --- a/kubernetes/dcaemod/components/dcaemod-designtool/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-designtool/Chart.yaml @@ -19,15 +19,15 @@ apiVersion: v2 description: ONAP DCAE MOD Design Tool name: dcaemod-designtool -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaemod/components/dcaemod-distributor-api/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-distributor-api/Chart.yaml index 2cdab6b52e..0643257eb8 100644 --- a/kubernetes/dcaemod/components/dcaemod-distributor-api/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-distributor-api/Chart.yaml @@ -20,15 +20,15 @@ apiVersion: v2 description: ONAP DCAE MOD Distributor API name: dcaemod-distributor-api -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaemod/components/dcaemod-genprocessor/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-genprocessor/Chart.yaml index 7bb4a644bf..864ac0d8a3 100644 --- a/kubernetes/dcaemod/components/dcaemod-genprocessor/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-genprocessor/Chart.yaml @@ -20,15 +20,15 @@ apiVersion: v2 description: ONAP DCAE MOD Genprocessor name: dcaemod-genprocessor -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaemod/components/dcaemod-healthcheck/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-healthcheck/Chart.yaml index 5363412f59..55dbc3306c 100644 --- a/kubernetes/dcaemod/components/dcaemod-healthcheck/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-healthcheck/Chart.yaml @@ -21,15 +21,15 @@ apiVersion: v2 description: ONAP DCAE MOD Health Check name: dcaemod-healthcheck -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaemod/components/dcaemod-nifi-registry/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-nifi-registry/Chart.yaml index bb717a54f9..ce3d0430be 100644 --- a/kubernetes/dcaemod/components/dcaemod-nifi-registry/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-nifi-registry/Chart.yaml @@ -20,15 +20,15 @@ apiVersion: v2 description: ONAP DCAE MOD Nifi Registry name: dcaemod-nifi-registry -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaemod/components/dcaemod-onboarding-api/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-onboarding-api/Chart.yaml index ae68dbe825..73bade4ac0 100644 --- a/kubernetes/dcaemod/components/dcaemod-onboarding-api/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-onboarding-api/Chart.yaml @@ -20,18 +20,18 @@ apiVersion: v2 description: ONAP DCAE MOD Onboarding API name: dcaemod-onboarding-api -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/Chart.yaml index 1714d77bff..4e1c94020d 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/Chart.yaml @@ -20,18 +20,18 @@ apiVersion: v2 description: ONAP DCAE MOD Runtime API name: dcaemod-runtime-api -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml index 555e63767e..db16451688 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/Chart.yaml @@ -16,32 +16,32 @@ # ============LICENSE_END========================================================= apiVersion: v2 -appVersion: "Jakarta" +appVersion: "Kohn" description: TBD name: TBD version: TBD dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: dcaegen2-services-common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: postgres.enabled - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mongo - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: mongo.enabled diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml index 7609ba6568..99160210d0 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/resources/config/base/values.yaml @@ -21,13 +21,6 @@ global: nodePortPrefix: 302 nodePortPrefixExt: 304 -################################################################# -# Filebeat configuration defaults. -################################################################# -filebeatConfig: - logstashServiceName: log-ls - logstashPort: 5044 - ################################################################# # initContainer images. ################################################################# @@ -66,12 +59,8 @@ mongo: # log directory where logging sidecar should look for log files # if absent, no sidecar will be deployed -#logDirectory: TBD #/opt/app/VESCollector/logs #DONE - -# Following requires manual override until fix for DCAEGEN2-3087 -# is available to switch logDirectory setting to log.path -log: - path: /opt/app/ +#log: +# path: TBD #/opt/app/VESCollector/logs #DONE logConfigMapNamePrefix: '{{ include "common.fullname" . }}' # directory where TLS certs should be stored diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml index 5c50381309..64d196d908 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml @@ -93,7 +93,7 @@ readiness: # application image -image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.2 +image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.3.3 # Resource Limit flavor -By Default using small flavor: small diff --git a/kubernetes/dmaap/Chart.yaml b/kubernetes/dmaap/Chart.yaml index 7ae20adaf9..d8cb1d5b60 100644 --- a/kubernetes/dmaap/Chart.yaml +++ b/kubernetes/dmaap/Chart.yaml @@ -1,7 +1,7 @@ # Copyright © 2018 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs,Bell Canada # Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,28 +18,32 @@ apiVersion: v2 description: ONAP DMaaP components name: dmaap -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' + - name: dmaap-strimzi + version: ~11.x-0 + repository: 'file://components/dmaap-strimzi' + condition: dmaap-strimzi.enabled - name: message-router - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/message-router' condition: message-router.enabled - name: dmaap-bc - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dmaap-bc' condition: dmaap-bc.enabled - name: dmaap-dr-node - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dmaap-dr-node' condition: dmaap-dr-node.enabled - name: dmaap-dr-prov - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dmaap-dr-prov' condition: dmaap-dr-prov.enabled - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-bc/Chart.yaml b/kubernetes/dmaap/components/dmaap-bc/Chart.yaml index 3903c5dbea..5ed50ca7e9 100644 --- a/kubernetes/dmaap/components/dmaap-bc/Chart.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/Chart.yaml @@ -18,22 +18,22 @@ apiVersion: v2 description: a Helm chart to deploy ONAP DMaaP Bus Controller (aka dmaap-bc) in Kubernetes name: dmaap-bc -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: PG.enabled - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-dr-node/Chart.yaml b/kubernetes/dmaap/components/dmaap-dr-node/Chart.yaml index 4c65198ecc..59ea16b804 100644 --- a/kubernetes/dmaap/components/dmaap-dr-node/Chart.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-node/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: ONAP DMaaP Data Router Node Server name: dmaap-dr-node -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/Chart.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/Chart.yaml index 74c984b7cf..72e75c47d6 100644 --- a/kubernetes/dmaap/components/dmaap-dr-prov/Chart.yaml +++ b/kubernetes/dmaap/components/dmaap-dr-prov/Chart.yaml @@ -16,25 +16,25 @@ apiVersion: v2 description: ONAP DMaaP Data Router Provisioning Server name: dmaap-dr-prov -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.mariadbGalera.localCluster - name: mariadb-init - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/.helmignore b/kubernetes/dmaap/components/dmaap-strimzi/.helmignore similarity index 96% rename from kubernetes/dmaap/components/message-router/components/message-router-zookeeper/.helmignore rename to kubernetes/dmaap/components/dmaap-strimzi/.helmignore index f0c1319444..0f976e9ff3 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/.helmignore +++ b/kubernetes/dmaap/components/dmaap-strimzi/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +Chart.lock diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/Chart.yaml b/kubernetes/dmaap/components/dmaap-strimzi/Chart.yaml similarity index 72% rename from kubernetes/dmaap/components/message-router/components/message-router-zookeeper/Chart.yaml rename to kubernetes/dmaap/components/dmaap-strimzi/Chart.yaml index 699722c6e0..d62aebeb4b 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/Chart.yaml +++ b/kubernetes/dmaap/components/dmaap-strimzi/Chart.yaml @@ -1,7 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation +# Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,20 +13,20 @@ # limitations under the License. apiVersion: v2 -description: ONAP Dmaap Message Router Zookeeper Service -name: message-router-zookeeper -version: 10.0.0 +description: ONAP Dmaap Strimzi Kafka Bridge +name: dmaap-strimzi +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/Makefile b/kubernetes/dmaap/components/dmaap-strimzi/Makefile similarity index 94% rename from kubernetes/dmaap/components/message-router/components/Makefile rename to kubernetes/dmaap/components/dmaap-strimzi/Makefile index f4c9784bc4..51d7de122c 100644 --- a/kubernetes/dmaap/components/message-router/components/Makefile +++ b/kubernetes/dmaap/components/dmaap-strimzi/Makefile @@ -13,11 +13,11 @@ # limitations under the License. ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) -OUTPUT_DIR := $(ROOT_DIR)/../../dist +OUTPUT_DIR := $(ROOT_DIR)/../dist PACKAGE_DIR := $(OUTPUT_DIR)/packages SECRET_DIR := $(OUTPUT_DIR)/secrets -EXCLUDES := +EXCLUDES := dist resources templates charts docker HELM_BIN := helm HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service-hs.yaml b/kubernetes/dmaap/components/dmaap-strimzi/templates/dmaap-strimzi-kb.yaml similarity index 57% rename from kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service-hs.yaml rename to kubernetes/dmaap/components/dmaap-strimzi/templates/dmaap-strimzi-kb.yaml index 60e4df90f5..8dd7eb97cb 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service-hs.yaml +++ b/kubernetes/dmaap/components/dmaap-strimzi/templates/dmaap-strimzi-kb.yaml @@ -1,6 +1,5 @@ {{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,11 +13,10 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -apiVersion: v1 -kind: Service +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaBridge metadata: - name: {{ .Values.service.name }} + name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -26,11 +24,14 @@ metadata: release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - clusterIP: None - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - + replicas: {{ .Values.kafkaBridgeReplicaCount }} + enableMetrics: false + bootstrapServers: {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}:{{ .Values.global.kafkaInternalPort }} + authentication: + type: {{ .Values.global.saslMechanism }} + username: {{ .Values.global.kafkaStrimziAdminUser }} + passwordSecret: + secretName: {{ .Values.global.kafkaStrimziAdminUser }} + password: password + http: + port: {{ .Values.kafkaBridgePort }} diff --git a/kubernetes/dmaap/components/dmaap-strimzi/values.yaml b/kubernetes/dmaap/components/dmaap-strimzi/values.yaml new file mode 100644 index 0000000000..8e8802d8c5 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-strimzi/values.yaml @@ -0,0 +1,37 @@ +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + kafkaBootstrap: strimzi-kafka-bootstrap + kafkaStrimziAdminUser: strimzi-kafka-admin + kafkaInternalPort: 9092 + saslMechanism: scram-sha-512 + +################################################################# +# Application configuration defaults. +################################################################# +kafkaBridgeReplicaCount: 1 +kafkaBridgePort: 8080 + +ingress: + enabled: false + +#Pods Service Account +serviceAccount: + nameOverride: dmaap-strimzi + roles: + - read diff --git a/kubernetes/dmaap/components/message-router/Chart.yaml b/kubernetes/dmaap/components/message-router/Chart.yaml index 7ecad8b222..74700ff1d5 100644 --- a/kubernetes/dmaap/components/message-router/Chart.yaml +++ b/kubernetes/dmaap/components/message-router/Chart.yaml @@ -1,7 +1,7 @@ # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T # Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation +# Modifications Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,27 +18,21 @@ apiVersion: v2 description: ONAP Message Router name: message-router -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - - name: message-router-kafka - version: ~10.x-0 - repository: 'file://components/message-router-kafka' - - name: message-router-zookeeper - version: ~10.x-0 - repository: 'file://components/message-router-zookeeper' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/.helmignore b/kubernetes/dmaap/components/message-router/components/message-router-kafka/.helmignore deleted file mode 100644 index f0c1319444..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/Chart.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/Chart.yaml deleted file mode 100644 index 2a24b7dbd9..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/Chart.yaml +++ /dev/null @@ -1,38 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v2 -description: ONAP Message Router Kafka Service -name: message-router-kafka -version: 10.0.0 - -dependencies: - - name: common - version: ~10.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' - - name: certInitializer - version: ~10.x-0 - repository: '@local' - - name: repositoryGenerator - version: ~10.x-0 - repository: '@local' - - name: serviceAccount - version: ~10.x-0 - repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/config/jmx-kafka-prometheus.yml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/config/jmx-kafka-prometheus.yml deleted file mode 100644 index 2ab713e789..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/config/jmx-kafka-prometheus.yml +++ /dev/null @@ -1,23 +0,0 @@ -jmxUrl: service:jmx:rmi:///jndi/rmi://localhost:{{ .Values.jmx.port }}/jmxrmi -lowercaseOutputName: true -lowercaseOutputLabelNames: true -ssl: false -rules: -- pattern : kafka.server<>(Value|OneMinuteRate) - name: "cp_kafka_server_replicamanager_$1" -- pattern : kafka.controller<>Value - name: "cp_kafka_controller_kafkacontroller_$1" -- pattern : kafka.server<>OneMinuteRate - name: "cp_kafka_server_brokertopicmetrics_$1" -- pattern : kafka.network<>OneMinuteRate - name: "cp_kafka_network_requestmetrics_requestspersec_$1" -- pattern : kafka.network<>Value - name: "cp_kafka_network_socketserver_networkprocessoravgidlepercent" -- pattern : kafka.server<>Value - name: "cp_kafka_server_replicafetchermanager_maxlag_$1" -- pattern : kafka.server<>OneMinuteRate - name: "cp_kafka_kafkarequesthandlerpool_requesthandleravgidlepercent" -- pattern : kafka.controller<>OneMinuteRate - name: "cp_kafka_controller_controllerstats_$1" -- pattern : kafka.server<>OneMinuteRate - name: "cp_kafka_server_sessionexpirelistener_$1" diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/kafka_server_jaas.conf b/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/kafka_server_jaas.conf deleted file mode 100644 index ff43fbb141..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/kafka_server_jaas.conf +++ /dev/null @@ -1,11 +0,0 @@ -KafkaServer { - org.onap.dmaap.kafkaAuthorize.PlainLoginModule1 required - username="${KAFKA_ADMIN}" - password="${KAFKA_PSWD}" - user_${KAFKA_ADMIN}="${KAFKA_PSWD}"; -}; -Client { - org.apache.zookeeper.server.auth.DigestLoginModule required - username="${ZK_ADMIN}" - password="${ZK_PSWD}"; - }; diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/zk_client_jaas.conf b/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/zk_client_jaas.conf deleted file mode 100644 index 0755c1e2b7..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/resources/jaas/zk_client_jaas.conf +++ /dev/null @@ -1,5 +0,0 @@ -Client { - org.apache.zookeeper.server.auth.DigestLoginModule required - username="${ZK_ADMIN}" - password="${ZK_PSWD}"; - }; \ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/NOTES.txt b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/NOTES.txt deleted file mode 100644 index a44d0f76ee..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/NOTES.txt +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/configmap.yaml deleted file mode 100644 index d881fef128..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/configmap.yaml +++ /dev/null @@ -1,61 +0,0 @@ -{{/* -# Copyright © 2019 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if .Values.global.aafEnabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-jaas-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/jaas/kafka_server_jaas.conf").AsConfig . | indent 2 }} ---- -{{- else }} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-jaas-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/jaas/zk_client_jaas.conf").AsConfig . | indent 2 }} ---- -{{- end }} -{{- if .Values.prometheus.jmx.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-prometheus-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/jmx-kafka-prometheus.yml").AsConfig . | indent 2 }} ---- -{{- end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/pv.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/pv.yaml deleted file mode 100644 index c386163735..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/pv.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- $global := . -}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) -}} -{{ range $i, $e := until (int $global.Values.replicaCount) }} ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: {{ include "common.release" $global }}-{{ $global.Values.service.name }}-{{ $i }} - namespace: {{ include "common.namespace" $global }} - labels: - app: {{ $global.Values.service.name }} - chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} - release: {{ include "common.release" $global }} - heritage: {{ $global.Release.Service }} -spec: - capacity: - storage: {{ $global.Values.persistence.size }} - accessModes: - - {{ $global.Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" $global }}-data" - hostPath: - path: {{ $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} - persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} -{{ end }} -{{ end }} -{{ end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/secrets.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/secrets.yaml deleted file mode 100644 index 033d8d5441..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/secrets.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* -# Copyright © 2020 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.secretFast" . }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service.yaml deleted file mode 100644 index 9a20f9c517..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/service.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{/* -# Copyright © 2019 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- $root := . -}} -{{ range $i, $e := until (int $root.Values.replicaCount) }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ $root.Values.service.name }}-{{ $i }} - namespace: {{ include "common.namespace" $root }} - labels: - app: {{ $root.Values.service.name }} - chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }} - release: {{ include "common.release" $root }} - heritage: {{ $root.Release.Service }} - -spec: - type: {{ $root.Values.service.type }} - externalTrafficPolicy: Local - selector: - statefulset.kubernetes.io/pod-name: {{ include "common.release" $root }}-{{ $root.Values.service.name }}-{{ $i }} - ports: - - port: {{ $root.Values.service.externalPort }} - targetPort: {{ $root.Values.service.externalPort }} - nodePort: {{ $root.Values.service.baseNodePort | add $i }} - name: {{ $root.Values.service.name }}-{{ $i }} -{{ end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml deleted file mode 100644 index ebb5f7e392..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/statefulset.yaml +++ /dev/null @@ -1,267 +0,0 @@ -{{/* -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - serviceName: {{ .Values.service.name }} - replicas: {{ .Values.replicaCount }} - podManagementPolicy: Parallel - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - {{- if .Values.prometheus.jmx.enabled }} - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: {{ .Values.prometheus.jmx.port | quote }} - {{- end }} - spec: - {{- if .Values.nodeAffinity }} - nodeAffinity: - {{ toYaml .Values.nodeAffinity | indent 10 }} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" - initContainers: - - command: - - /app/ready.py - args: - - --container-name - - {{ .Values.zookeeper.name }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - - command: - - sh - - -exec - - | - rm -rf '/var/lib/kafka/data/lost+found'; - chown -R 1000:0 /var/lib/kafka/data; - image: {{ include "repositoryGenerator.image.busybox" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /var/lib/kafka/data - name: kafka-data - name: {{ include "common.name" . }}-permission-fixer - - command: - - sh - args: - - -c - - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/etc/kafka/secrets/jaas/${PFILE}; done" - env: - - name: ZK_ADMIN - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-client" "key" "login") | indent 10 }} - - name: ZK_PSWD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-client" "key" "password") | indent 10 }} - - name: KAFKA_ADMIN - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "kafka-admin" "key" "login") | indent 10 }} - - name: KAFKA_PSWD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "kafka-admin" "key" "password") | indent 10 }} - volumeMounts: - - mountPath: /etc/kafka/secrets/jaas - name: jaas-config - - mountPath: /config-input - name: jaas - image: {{ include "repositoryGenerator.image.envsubst" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-update-config - {{ include "common.certInitializer.initContainer" . | indent 6 | trim }} - containers: - {{- if .Values.prometheus.jmx.enabled }} - - name: prometheus-jmx-exporter - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.prometheus.jmx.image }}:{{ .Values.prometheus.jmx.imageTag }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - java - - -XX:+UnlockExperimentalVMOptions - - -XX:+UseCGroupMemoryLimitForHeap - - -XX:MaxRAMFraction=1 - - -XshowSettings:vm - - -jar - - jmx_prometheus_httpserver.jar - - {{ .Values.prometheus.jmx.port | quote }} - - /etc/jmx-kafka/jmx-kafka-prometheus.yml - ports: - - containerPort: {{ .Values.prometheus.jmx.port }} - resources: -{{ toYaml .Values.prometheus.jmx.resources | indent 10 }} - volumeMounts: - - name: jmx-config - mountPath: /etc/jmx-kafka - {{- end }} - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - sh - - -exc - - | - export KAFKA_BROKER_ID=${HOSTNAME##*-} && \ - {{- if .Values.global.aafEnabled }} - cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.final_cadi_files }} /etc/kafka/data/{{ .Values.certInitializer.final_cadi_files }} && \ - export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_SASL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_SASL_PLAINTEXT://:{{ .Values.service.internalPort }} && \ - {{ else }} - export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_PLAINTEXT://:{{ .Values.service.internalPort }} && \ - {{- end }} - exec /etc/confluent/docker/run - resources: -{{ include "common.resources" . | indent 12 }} - ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.externalPort }} - {{- if .Values.prometheus.jmx.enabled }} - - containerPort: {{ .Values.jmx.port }} - name: jmx - {{- end }} - {{ if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - {{ end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} - env: - - name: HOST_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.hostIP - - name: KAFKA_ZOOKEEPER_CONNECT - value: "{{ include "common.kafkaNodes" (dict "dot" . "replicaCount" .Values.zookeeper.replicaCount "componentName" .Values.zookeeper.name "port" .Values.zookeeper.port ) }}" - - name: KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE - value: "{{ .Values.kafka.enableSupport }}" - - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR - value: "{{ .Values.config.offsets_topic_replication_factor | default .Values.replicaCount }}" - - name: KAFKA_NUM_PARTITIONS - value: "{{ .Values.config.num_partition | default .Values.replicaCount }}" - - name: KAFKA_DEFAULT_REPLICATION_FACTOR - value: "{{ .Values.config.default_replication_factor | default .Values.replicaCount }}" - {{- if .Values.global.aafEnabled }} - - name: KAFKA_OPTS - value: "{{ .Values.kafka.jaasOptionsAaf }}" - - name: aaf_locate_url - value: https://aaf-locate.{{ include "common.namespace" . }}:8095 - - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP - value: "{{ .Values.kafka.protocolMapAaf }}" - - name: KAFKA_LISTENERS - value: "{{ .Values.kafka.listenersAaf }}" - - name: KAFKA_SASL_ENABLED_MECHANISMS - value: "{{ .Values.kafka.saslMech }}" - - name: KAFKA_INTER_BROKER_LISTENER_NAME - value: "{{ .Values.kafka.interBrokerListernerAaf }}" - - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL - value: "{{ .Values.kafka.saslInterBrokerProtocol }}" - - name: KAFKA_AUTHORIZER_CLASS_NAME - value: "{{ .Values.kafka.authorizer }}" - {{ else }} - - name: KAFKA_OPTS - value: "{{ .Values.kafka.jaasOptions }}" - - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP - value: "{{ .Values.kafka.protocolMap }}" - - name: KAFKA_LISTENERS - value: "{{ .Values.kafka.listeners }}" - - name: KAFKA_INTER_BROKER_LISTENER_NAME - value: "{{ .Values.kafka.interBrokerListerner }}" - {{- end }} - {{- range $key, $value := .Values.configurationOverrides }} - - name: {{ printf "KAFKA_%s" $key | replace "." "_" | upper | quote }} - value: {{ $value | quote }} - {{- end }} - {{- if .Values.jmx.port }} - - name: KAFKA_JMX_PORT - value: "{{ .Values.jmx.port }}" - {{- end }} - - name: enableCadi - value: "{{ .Values.global.aafEnabled }}" - volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /var/run/docker.sock - name: docker-socket - - name: jaas-config - mountPath: /etc/kafka/secrets/jaas - - mountPath: /var/lib/kafka/data - name: kafka-data - {{- if .Values.tolerations }} - tolerations: - {{ toYaml .Values.tolerations | indent 10 }} - {{- end }} - serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} - - name: localtime - hostPath: - path: /etc/localtime - - name: jaas-config - emptyDir: - medium: Memory - - name: docker-socket - hostPath: - path: /var/run/docker.sock - - name: jaas - configMap: - name: {{ include "common.fullname" . }}-jaas-configmap - {{- if .Values.prometheus.jmx.enabled }} - - name: jmx-config - configMap: - name: {{ include "common.fullname" . }}-prometheus-configmap - {{- end }} -{{ if not .Values.persistence.enabled }} - - name: kafka-data - emptyDir: {} -{{ else }} - volumeClaimTemplates: - - metadata: - name: kafka-data - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - storageClassName: {{ include "common.storageClass" . }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} -{{ end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml deleted file mode 100644 index c998e9ec67..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/values.yaml +++ /dev/null @@ -1,226 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} - - -################################################################# -# AAF part -################################################################# -certInitializer: - nameOverride: dmaap-mr-kafka-cert-initializer - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - # aafDeployCredsExternalSecret: some secret - fqdn: dmaap-mr - fqi: dmaapmr@mr.dmaap.onap.org - public_fqdn: mr.dmaap.onap.org - cadi_longitude: "-122.26147" - cadi_latitude: "37.78187" - app_ns: org.osaaf.aaf - credsPath: /opt/app/osaaf/local - fqi_namespace: org.onap.dmaap.mr - final_cadi_files: cadi.properties - aaf_add_config: | - echo "*** concat the three prop files" - cd {{ .Values.credsPath }} - cat {{ .Values.fqi_namespace }}.props > {{ .Values.final_cadi_files }} - cat {{ .Values.fqi_namespace }}.cred.props >> {{ .Values.final_cadi_files }} - cat {{ .Values.fqi_namespace }}.location.props >> {{ .Values.final_cadi_files }} - echo "*** configuration result:" - cat {{ .Values.final_cadi_files }} - chown -R 1000 . - - -################################################################# -# Application configuration defaults. -################################################################# -# application image -image: onap/dmaap/kafka111:1.1.1 -pullPolicy: Always - - -zookeeper: - name: message-router-zookeeper - port: 2181 - replicaCount: 1 - -kafka: - heapOptions: -Xmx5G -Xms1G - jaasOptions: -Djava.security.auth.login.config=/etc/kafka/secrets/jaas/zk_client_jaas.conf - jaasOptionsAaf: -Djava.security.auth.login.config=/etc/kafka/secrets/jaas/kafka_server_jaas.conf - enableSupport: false - protocolMapAaf: INTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT,EXTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT - protocolMap: INTERNAL_PLAINTEXT:PLAINTEXT,EXTERNAL_PLAINTEXT:PLAINTEXT - listenersAaf: EXTERNAL_SASL_PLAINTEXT://0.0.0.0:9091,INTERNAL_SASL_PLAINTEXT://0.0.0.0:9092 - listeners: EXTERNAL_PLAINTEXT://0.0.0.0:9091,INTERNAL_PLAINTEXT://0.0.0.0:9092 - authorizer: org.onap.dmaap.kafkaAuthorize.KafkaCustomAuthorizer - saslInterBrokerProtocol: PLAIN - saslMech: PLAIN - interBrokerListernerAaf: INTERNAL_SASL_PLAINTEXT - interBrokerListerner: INTERNAL_PLAINTEXT - -config: {} - # offsets_topic_replication_factor: - # num_partition: - # default_replication_factor: - -configurationOverrides: - "log.dirs": "/var/lib/kafka/data" - "log.retention.hours": "168" - "transaction.state.log.replication.factor": "1" - "transaction.state.log.min.isr": "1" - "num.recovery.threads.per.data.dir": "5" - "zookeeper.connection.timeout.ms": "6000" - "zookeeper.set.acl": "true" - -jmx: - port: 5555 - -prometheus: - jmx: - enabled: false - image: solsson/kafka-prometheus-jmx-exporter@sha256 - imageTag: 6f82e2b0464f50da8104acd7363fb9b995001ddff77d248379f8788e78946143 - port: 5556 - -jaas: - config: - zkClient: kafka - zkClientPassword: kafka_secret - kafkaAdminUser: admin - kafkaAdminPassword: admin_secret - #kafkaAdminUserExternal: some secret - #zkClientPasswordExternal: some secret - - -secrets: - - uid: zk-client - type: basicAuth - externalSecret: '{{ .Values.jaas.config.zkClientPasswordExternal}}' - login: '{{ .Values.jaas.config.zkClient }}' - password: '{{ .Values.jaas.config.zkClientPassword }}' - passwordPolicy: required - - uid: kafka-admin - type: basicAuth - externalSecret: '{{ .Values.jaas.config.kafkaAdminUserExternal}}' - login: '{{ .Values.jaas.config.kafkaAdminUser }}' - password: '{{ .Values.jaas.config.kafkaAdminPassword }}' - passwordPolicy: required - -# flag to enable debugging - application support required -debugEnabled: false - -# default number of instances -replicaCount: 1 - - -# To access Kafka outside cluster, this value must be set to hard and the number of nodes in K8S cluster must be equal or greater then replica count -podAntiAffinityType: soft - -# defult partitions -defaultpartitions: 3 - -nodeSelector: {} - -nodeAffinity: {} - -affinity: {} - -tolerations: {} - - - -# probe configuration parameters -liveness: - initialDelaySeconds: 90 - periodSeconds: 20 - timeoutSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 90 - periodSeconds: 20 - timeoutSeconds: 100 - -## Persist data to a persitent volume -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteOnce - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: message-router/data-kafka - -service: - type: NodePort - name: message-router-kafka - portName: tcp-message-router-kafka - internalPort: 9092 - internalSSLPort: 9093 - externalPort: 9091 - baseNodePort: 30490 - - - -ingress: - enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2000m - memory: 4Gi - requests: - cpu: 500m - memory: 1Gi - large: - limits: - cpu: 4000m - memory: 8Gi - requests: - cpu: 1000m - memory: 2Gi - unlimited: {} - -#Pods Service Account -serviceAccount: - nameOverride: message-router-kafka - roles: - - read diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/jmx-zookeeper-prometheus.yml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/jmx-zookeeper-prometheus.yml deleted file mode 100644 index a75b644c5f..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/jmx-zookeeper-prometheus.yml +++ /dev/null @@ -1,21 +0,0 @@ -jmxUrl: service:jmx:rmi:///jndi/rmi://localhost:{{ .Values.jmx.port }}/jmxrmi -lowercaseOutputName: true -lowercaseOutputLabelNames: true -ssl: false -rules: -- pattern: "org.apache.ZooKeeperService<>(\\w+)" - name: "message-router-zookeeper_$2" -- pattern: "org.apache.ZooKeeperService<>(\\w+)" - name: "message-router-zookeeper_$3" - labels: - replicaId: "$2" -- pattern: "org.apache.ZooKeeperService<>(\\w+)" - name: "message-router-zookeeper_$4" - labels: - replicaId: "$2" - memberType: "$3" -- pattern: "org.apache.ZooKeeperService<>(\\w+)" - name: "message-router-zookeeper_$4_$5" - labels: - replicaId: "$2" - memberType: "$3" diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/zk_server_jaas.conf b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/zk_server_jaas.conf deleted file mode 100644 index 8266f6b2c6..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/resources/config/zk_server_jaas.conf +++ /dev/null @@ -1,4 +0,0 @@ -Server { - org.apache.zookeeper.server.auth.DigestLoginModule required - user_${ZK_ADMIN}="${ZK_PSWD}"; -}; \ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/NOTES.txt b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/NOTES.txt deleted file mode 100644 index a44d0f76ee..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/NOTES.txt +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkquorum.tpl b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkquorum.tpl deleted file mode 100644 index 9af910eb89..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkquorum.tpl +++ /dev/null @@ -1,34 +0,0 @@ -{{/* -# Copyright © 2019 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- /* - Calculate the maximum number of zk server down in order to guarantee ZK quorum. - For guaranteeing ZK quorum we need half of the server + 1 up. - - div in go template cast return an int64 - so we need to know if it is an even number or an odd. - For this we are doing (n/2)*2=n? - if true it is even else it is even -*/ -}} -{{- define "zk.maxUnavailable" -}} -{{- $halfReplica := div .Values.replicaCount 2 -}} - {{/* divide by 2 and multiply by 2 in order to know if it is an even number*/}} - {{if eq (mul $halfReplica 2) (int .Values.replicaCount) }} - {{- toYaml (sub $halfReplica 1) -}} - {{else}} - {{- toYaml $halfReplica -}} - {{end}} -{{- end -}} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkservers.tpl b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkservers.tpl deleted file mode 100644 index 8b88d7bb36..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/_zkservers.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{/* -Create a server list string based on fullname, namespace, # of zookeeperServers -in a format like "zkhost1:port:port;zkhost2:port:port" -*/}} -{{- define "zookeeper.serverlist" -}} -{{- $namespace := include "common.namespace" . }} -{{- $fullname := include "common.fullname" . -}} -{{- $name := include "common.name" . -}} -{{- $serverPort := .Values.service.serverPort -}} -{{- $leaderElectionPort := .Values.service.leaderElectionPort -}} -{{- $zk := dict "zookeeperServers" (list) -}} -{{- range $idx, $v := until (int .Values.zookeeperServers) }} -{{- $noop := printf "%s-%d.%s.%s.svc.cluster.local:%d:%d" $fullname $idx $name $namespace (int $serverPort) (int $leaderElectionPort) | append $zk.zookeeperServers | set $zk "zookeeperServers" -}} -{{- end }} -{{- printf "%s" (join ";" $zk.zookeeperServers) | quote -}} -{{- end -}} \ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/configmap.yaml deleted file mode 100644 index 7a26053d11..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/configmap.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{/* -# Copyright © 2020 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if .Values.prometheus.jmx.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-prometheus-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/jmx-zookeeper-prometheus.yml").AsConfig . | indent 2 }} ---- -{{ end }} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-jaas-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ (.Files.Glob "resources/config/zk_server_jaas.conf").AsConfig | indent 2 }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/pv.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/pv.yaml deleted file mode 100644 index c386163735..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/pv.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- $global := . -}} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -{{- if eq "True" (include "common.needPV" .) -}} -{{ range $i, $e := until (int $global.Values.replicaCount) }} ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: {{ include "common.release" $global }}-{{ $global.Values.service.name }}-{{ $i }} - namespace: {{ include "common.namespace" $global }} - labels: - app: {{ $global.Values.service.name }} - chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }} - release: {{ include "common.release" $global }} - heritage: {{ $global.Release.Service }} -spec: - capacity: - storage: {{ $global.Values.persistence.size }} - accessModes: - - {{ $global.Values.persistence.accessMode }} - storageClassName: "{{ include "common.fullname" $global }}-data" - hostPath: - path: {{ $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{ $i }} - persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} -{{ end }} -{{ end }} -{{ end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/service.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/service.yaml deleted file mode 100644 index 6bd13f0594..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/service.yaml +++ /dev/null @@ -1,40 +0,0 @@ -{{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.clientPort }} - name: {{ .Values.service.clientPortName }} - - port: {{ .Values.service.serverPort }} - name: {{ .Values.service.serverPortName }} - - port: {{ .Values.service.leaderElectionPort }} - name: {{ .Values.service.leaderElectionPortName }} - clusterIP: None - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml deleted file mode 100644 index cac75b1565..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/statefulset.yaml +++ /dev/null @@ -1,230 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - serviceName: {{ .Values.service.name }} - replicas: {{ .Values.replicaCount }} - updateStrategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: {{ .Values.maxUnavailable }} - podManagementPolicy: Parallel - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - {{- if .Values.prometheus.jmx.enabled }} - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: {{ .Values.prometheus.jmx.port | quote }} - {{- end }} - spec: - {{- if .Values.nodeAffinity }} - nodeAffinity: - {{ toYaml .Values.nodeAffinity | indent 10 }} - {{- end }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" - initContainers: - - name: {{ include "common.name" . }}-permission-fixer - command: - - sh - - -exec - - > - chown -R 1000:0 /tmp/zookeeper/apikeys; - image: {{ include "repositoryGenerator.image.busybox" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /tmp/zookeeper/apikeys - name: zookeeper-data - - command: - - sh - args: - - -c - - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/etc/zookeeper/secrets/jaas/${PFILE}; done" - env: - - name: ZK_ADMIN - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-admin" "key" "login") | indent 10 }} - - name: ZK_PSWD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "zk-admin" "key" "password") | indent 10 }} - volumeMounts: - - mountPath: /etc/zookeeper/secrets/jaas - name: jaas-config - - mountPath: /config-input - name: jaas - image: {{ include "repositoryGenerator.image.envsubst" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-update-config - containers: - {{- if .Values.prometheus.jmx.enabled }} - - name: prometheus-jmx-exporter - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.prometheus.jmx.image }}:{{ .Values.prometheus.jmx.imageTag }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - java - - -XX:+UnlockExperimentalVMOptions - - -XX:+UseCGroupMemoryLimitForHeap - - -XX:MaxRAMFraction=1 - - -XshowSettings:vm - - -jar - - jmx_prometheus_httpserver.jar - - {{ .Values.prometheus.jmx.port | quote }} - - /etc/jmx-zookeeper/jmx-zookeeper-prometheus.yml - ports: - - containerPort: {{ .Values.prometheus.jmx.port }} - resources: -{{ toYaml .Values.prometheus.jmx.resources | indent 10 }} - volumeMounts: - - name: jmx-config - mountPath: /etc/jmx-zookeeper - {{- end }} - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - resources: -{{ include "common.resources" . | indent 12 }} - ports: - - containerPort: {{ .Values.service.clientPort }} - name: {{ .Values.service.clientPortName }} - - containerPort: {{ .Values.service.serverPort }} - name: {{ .Values.service.serverPortName }} - - containerPort: {{ .Values.service.leaderElectionPort }} - name: {{ .Values.service.leaderElectionPortName }} - {{- if .Values.prometheus.jmx.enabled }} - - containerPort: {{ .Values.jmx.port }} - name: jmx - {{- end }} - {{ if eq .Values.liveness.enabled true }} - livenessProbe: - exec: - command: ['/bin/bash', '-c', 'echo "ruok" | nc -w 2 localhost 2181 | grep imok'] - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} - {{ end }} - readinessProbe: - exec: - command: ['/bin/bash', '-c', 'echo "ruok" | nc -w 2 localhost 2181 | grep imok'] - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} - resources: -{{ include "common.resources" . | indent 10 }} - env: - - name : KAFKA_HEAP_OPTS - value: "{{ .Values.zkConfig.heapOptions }}" - {{- if .Values.jmx.port }} - - name : KAFKA_JMX_PORT - value: "{{ .Values.jmx.port }}" - {{- end }} - - name : ZOOKEEPER_REPLICAS - value: "{{ .Values.replicaCount }}" - - name : ZOOKEEPER_TICK_TIME - value: "{{ .Values.zkConfig.tickTime }}" - - name : ZOOKEEPER_SYNC_LIMIT - value: "{{ .Values.zkConfig.syncLimit }}" - - name : ZOOKEEPER_INIT_LIMIT - value: "{{ .Values.zkConfig.initLimit }}" - - name : ZOOKEEPER_MAX_CLIENT_CNXNS - value: "{{ .Values.zkConfig.maxClientCnxns }}" - - name : ZOOKEEPER_AUTOPURGE_SNAP_RETAIN_COUNT - value: "{{ .Values.zkConfig.autoPurgeSnapRetainCount}}" - - name : ZOOKEEPER_AUTOPURGE_PURGE_INTERVAL - value: "{{ .Values.zkConfig.autoPurgePurgeInterval}}" - - name: ZOOKEEPER_CLIENT_PORT - value: "{{ .Values.zkConfig.clientPort }}" - - name: KAFKA_OPTS - value: "{{ .Values.zkConfig.kafkaOpts }}" - - name: ZOOKEEPER_QUORUM_LISTEN_ON_ALL_IPS - value: "true" - - name: ZOOKEEPER_SERVERS - value: {{ template "zookeeper.serverlist" . }} - - name: ZOOKEEPER_SERVER_ID - valueFrom: - fieldRef: - fieldPath: metadata.name - command: - - "bash" - - "-c" - - | - ZOOKEEPER_SERVER_ID=$((${HOSTNAME##*-}+1)) \ - /etc/confluent/docker/run - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /var/lib/zookeeper/data - name: zookeeper-data - - name: jaas-config - mountPath: /etc/zookeeper/secrets/jaas - {{- if .Values.tolerations }} - tolerations: - {{ toYaml .Values.tolerations | indent 10 }} - {{- end }} - serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: jaas-config - emptyDir: - medium: Memory - - name: docker-socket - hostPath: - path: /var/run/docker.sock - - name: jaas - configMap: - name: {{ include "common.fullname" . }}-jaas-configmap - {{- if .Values.prometheus.jmx.enabled }} - - name: jmx-config - configMap: - name: {{ include "common.fullname" . }}-prometheus-configmap - {{- end }} -{{ if not .Values.persistence.enabled }} - - name: zookeeper-data - emptyDir: {} -{{ else }} - volumeClaimTemplates: - - metadata: - name: zookeeper-data - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - storageClassName: {{ include "common.storageClass" . }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} -{{ end }} diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml b/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml deleted file mode 100644 index 79ced4dde2..0000000000 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/values.yaml +++ /dev/null @@ -1,161 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: {} - -################################################################# -# Application configuration defaults. -################################################################# -# application image -image: onap/dmaap/zookeeper:6.1.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - - -# default number of instances -replicaCount: 1 - -zookeeperServers: 1 - -nodeSelector: {} - -nodeAffinity: {} - -affinity: {} - -tolerations: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 60 - periodSeconds: 20 - timeoutSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 60 - periodSeconds: 20 - timeoutSeconds: 10 - -#Zookeeper properties -zkConfig: - tickTime: 2000 - syncLimit: 5 - initLimit: 20 - maxClientCnxns: 200 - autoPurgeSnapRetainCount: 3 - autoPurgePurgeInterval: 24 - heapOptions: -Xmx2G -Xms2G - kafkaOpts: -Djava.security.auth.login.config=/etc/zookeeper/secrets/jaas/zk_server_jaas.conf -Dzookeeper.kerberos.removeHostFromPrincipal=true -Dzookeeper.kerberos.removeRealmFromPrincipal=true -Dzookeeper.authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider -Dzookeeper.requireClientAuthScheme=sasl -Dzookeeper.4lw.commands.whitelist=* - clientPort: 2181 - -jmx: - port: 5555 - -prometheus: - jmx: - enabled: false - image: solsson/kafka-prometheus-jmx-exporter@sha256 - imageTag: 6f82e2b0464f50da8104acd7363fb9b995001ddff77d248379f8788e78946143 - port: 5556 - -jaas: - config: - zkAdminUser: kafka - zkAdminPassword: kafka_secret - #zkAdminPasswordExternal= some password - -secrets: - - uid: zk-admin - type: basicAuth - externalSecret: '{{ .Values.jaas.config.zkAdminPasswordExternal}}' - login: '{{ .Values.jaas.config.zkAdminUser }}' - password: '{{ .Values.jaas.config.zkAdminPassword }}' - passwordPolicy: required - -## Persist data to a persitent volume -persistence: - enabled: true - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - volumeReclaimPolicy: Retain - - ## database data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteOnce - size: 2Gi - mountPath: /dockerdata-nfs - mountSubPath: message-router/data-zookeeper - - -rollingUpdate: - maxUnavailable: 1 -service: - type: ClusterIP - name: message-router-zookeeper - portName: message-router-zookeeper - clientPortName: tcp-client - clientPort: 2181 - serverPortName: tcp-server - serverPort: 2888 - leaderElectionPortName: tcp-leader - leaderElectionPort: 3888 - -ingress: - enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2000m - memory: 4Gi - requests: - cpu: 500m - memory: 1Gi - large: - limits: - cpu: 4000m - memory: 8Gi - requests: - cpu: 1000m - memory: 2Gi - unlimited: {} - -#Pods Service Account -serviceAccount: - nameOverride: message-router-zookeeper - roles: - - read diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties index 4256b3b723..d2ee8356d7 100755 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/MsgRtrApi.properties @@ -3,6 +3,7 @@ # org.onap.dmaap # ================================================================================ # Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2021-2022 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,41 +21,16 @@ # ############################################################################### ############################################################################### -## -## Cambria API Server config -## -## Default values are shown as commented settings. -## -############################################################################### -## -## HTTP service -## -## 3904 is standard as of 7/29/14. -# -## Zookeeper Connection -## -## Both Cambria and Kafka make use of Zookeeper. -## -#config.zk.servers=172.18.1.1 -#config.zk.servers={{.Values.zookeeper.name}}:{{.Values.zookeeper.port}} */}} -config.zk.servers={{ include "common.kafkaNodes" (dict "dot" . "replicaCount" (index .Values "message-router-zookeeper" "replicaCount") "componentName" .Values.zookeeper.name "port" .Values.zookeeper.port ) }} -#config.zk.root=/fe3c/cambria/config - - -############################################################################### ## ## Kafka Connection ## ## Items below are passed through to Kafka's producer and consumer ## configurations (after removing "kafka.") ## if you want to change request.required.acks it can take this one value -#kafka.metadata.broker.list=localhost:9092,localhost:9093 -#kafka.metadata.broker.list={{.Values.kafka.name}}:{{.Values.kafka.port}} -kafka.metadata.broker.list={{ include "common.kafkaNodes" (dict "dot" . "replicaCount" (index .Values "message-router-kafka" "replicaCount") "componentName" .Values.kafka.name "port" .Values.kafka.port ) }} - -##kafka.request.required.acks=-1 -#kafka.client.zookeeper=${config.zk.servers} +kafka.metadata.broker.list={{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}:{{ .Values.global.kafkaInternalPort }} +config.zk.servers=127.0.0.1:{{ .Values.global.zkTunnelService.internalPort }} +#kafka.request.required.acks=-1 consumer.timeout.ms=100 zookeeper.connection.timeout.ms=6000 zookeeper.session.timeout.ms=20000 @@ -143,7 +119,7 @@ cambria.consumer.cache.touchFreqMs=120000 cambria.consumer.cache.zkBasePath=/fe3c/cambria/consumerCache consumer.timeout=17 default.partitions=3 -default.replicas={{ index .Values "message-router-kafka" "replicaCount" }} +default.replicas=3 ############################################################################## #100mb maxcontentlength=10000 diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml b/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml index ad2ce2b92a..949a893197 100644 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml +++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/logback.xml @@ -1,6 +1,7 @@ - + ${module.ajsc.namespace.name} @@ -41,7 +42,7 @@ - class="ch.qos.logback.core.ConsoleAppender"> + ERROR ACCEPT @@ -54,105 +55,105 @@ - - + + - - + + - - - + + + - + - + - + - + - + - - + + - - + + - - + + - - + + - - + + - + - - + + - - - - + + + + - - - - - - - - + + + + + + + + - - - - - - - - - + + + + + + + + + - - + + - - - - - + + + + + - - - - - - - - - - + + + + + + + + + + - - + + @@ -176,10 +177,10 @@ - + - + @@ -187,13 +188,13 @@ 0 - + - + diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/mykey b/kubernetes/dmaap/components/message-router/resources/config/dmaap/mykey deleted file mode 100755 index c2b8b8779b..0000000000 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/mykey +++ /dev/null @@ -1,27 +0,0 @@ -_sNOLphPzrU7L0L3oWv0pYwgV_ddGF1XoBsQEIAp34jfP-fGJFPfFYaMpDEZ3gwH59rNw6qyMZHk -k-4irklvVcWk36lC3twNvc0DueRCVrws1bkuhOLCXdxHJx-YG-1xM8EJfRmzh79WPlPkbAdyPmFF -Ah44V0GjAnInPOFZA6MHP9rNx9B9qECHRfmvzU13vJCcgTsrmOr-CEiWfRsnzPjsICxpq9OaVT_D -zn6rNaroGm1OiZNCrCgvRkCUHPOOCw3j9G1GeaImoZNYtozbz9u4sj13PU-MxIIAa64b1bMMMjpz -Upc8lVPI4FnJKg6axMmEGn5zJ6JUq9mtOVyPj__2GEuDgpx5H4AwodXXVjFsVgR8UJwI_BvS2JVp -JoQk0J1RqXmAXVamlsMAfzmmbARXgmrBfnuhveZnh9ymFVU-YZeujdANniXAwBGI7c6hG_BXkH7i -Eyf4Fn41_SV78PskP6qgqJahr9r3bqdjNbKBztIKCOEVrE_w3IM5r02l-iStk_NBRkj6cq_7VCpG -afxZ2CtZMwuZMiypO_wOgbdpCSKNzsL-NH2b4b08OlKiWb263gz634KJmV5WEfCl-6eH-JUFbWOS -JwQfActLNT2ZQPl2MyZQNBzJEWoJRgS6k7tPRO-zqeUtYYHGHVMCxMuMHGQcoilNNHEFeBCG_fBh -yAKb9g9F86Cbx9voMLiyTX2T3rwVHiSJFOzfNxGmfN5JWOthIun_c5hEY1tLQ15BomzkDwk7BAj7 -VbRCrVD45B6xrmSTMBSWYmLyr6mnQxQqeh9cMbD-0ZAncE3roxRnRvPKjFFa208ykYUp2V83r_PJ -fV5I9ZPKSjk9DwFyrjkcQQEYDhdK6IFqcd6nEthjYVkmunu2fsX0bIOm9GGdIbKGqBnpdgBO5hyT -rBr9HSlZrHcGdti1R823ckDF0Ekcl6kioDr5NLIpLtg9zUEDRm3QrbX2mv5Zs8W0pYnOqglxy3lz -bJZTN7oR7VasHUtjmp0RT9nLZkUs5TZ6MHhlIq3ZsQ6w_Q9Rv1-ofxfwfCC4EBrWKbWAGCf6By4K -Ew8321-2YnodhmsK5BrT4zQ1DZlmUvK8BmYjZe7wTljKjgYcsLTBfX4eMhJ7MIW1kpnl8AbiBfXh -QzN56Mki51Q8PSQWHm0W9tnQ0z6wKdck6zBJ8JyNzewZahFKueDTn-9DOqIDfr3YHvQLLzeXyJ8e -h4AgjW-hvlLzRGtkCknjLIgXVa3rMTycseAwbW-mgdCqqkw3SdEG8feAcyntmvE8j2jbtSDStQMB -9JdvyNLuQdNG4pxpusgvVso0-8NQF0YVa9VFwg9U6IPSx5p8FcW68OAHt_fEgT4ZtiH7o9aur4o9 -oYqUh2lALCY-__9QLq1KkNjMKs33Jz9E8LbRerG9PLclkTrxCjYAeUWBjCwSI7OB7xkuaYDSjkjj -a46NLpdBN1GNcsFFcZ79GFAK0_DsyxGLX8Tq6q0Bvhs8whD8wlSxpTGxYkyqNX-vcb7SDN_0WkCE -XSdZWkqTHXcYbOvoCOb_e6SFAztuMenuHWY0utX0gBfx_X5lPDFyoYXErxFQHiA7t27keshXNa6R -ukQRRS8kMjre1U74sc-fRNXkXpl57rG4rgxaEX0eBeowa53KAsVvUAoSac2aC_nfzXrDvoyf9Xi3 -JpEZNhUDLpFCEycV4I7jGQ9wo9qNaosvlsr6kbLDNdb_1xrGVgjT3xEvRNJNPqslSAu-yD-UFhC3 -AmCdYUnugw_eEFqXCHTARcRkdPPvl2XsmEKY2IqEeO5tz4DyXQFaL-5hEVh6lYEU1EOWHk3UGIXe -Vc5_Ttp82qNLmlJPbZvgmNTJzYTHDQ_27KBcp7IVVZgPDjVKdWqQvZ18KhxvfF3Idgy82LBZniFV -IbtxllXiPRxoPQriSXMnXjh3XkvSDI2pFxXfEvLRn1tvcFOwPNCz3QfPIzYg8uYXN5bRt3ZOrR_g -ZhIlrc7HO0VbNbeqEVPKMZ-cjkqGj4VAuDKoQc0eQ6X_wCoAGO78nPpLeIvZPx1X3z5YoqNA \ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/templates/configmap.yaml index 75a5e22d40..c999b79183 100644 --- a/kubernetes/dmaap/components/message-router/templates/configmap.yaml +++ b/kubernetes/dmaap/components/message-router/templates/configmap.yaml @@ -1,6 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -55,32 +56,6 @@ data: --- apiVersion: v1 kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-dbc-mrclusters - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/mr_clusters/*.json").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-dbc-topics - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/topics/*.json").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-sys-props namespace: {{ include "common.namespace" . }} diff --git a/kubernetes/dmaap/components/message-router/templates/secrets.yaml b/kubernetes/dmaap/components/message-router/templates/secrets.yaml index 9456c15994..50dda8a8f9 100644 --- a/kubernetes/dmaap/components/message-router/templates/secrets.yaml +++ b/kubernetes/dmaap/components/message-router/templates/secrets.yaml @@ -1,6 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -28,3 +29,5 @@ metadata: data: {{ (.Files.Glob "resources/config/dmaap/mykey").AsSecrets | indent 2 }} type: Opaque +--- +{{ include "common.secretFast" . }} diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml index f0832add80..174eb2c3a9 100644 --- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml +++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml @@ -1,6 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -26,22 +27,6 @@ spec: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - - command: - - /app/ready.py - args: - - --container-name - - {{ .Values.kafka.name }} - - --container-name - - {{ .Values.zookeeper.name }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness {{ include "common.certInitializer.initContainer" . | indent 6 | trim }} {{- if .Values.global.aafEnabled }} - name: {{ include "common.name" . }}-update-config @@ -82,6 +67,45 @@ spec: - name: jmx-config mountPath: /etc/jmx-kafka {{- end }} + - name: srimzi-zk-entrance + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.zookeeper.entrance.image }} + command: + - /opt/stunnel/stunnel_run.sh + ports: + - containerPort: {{ .Values.global.zkTunnelService.internalPort }} + name: zoo + protocol: TCP + env: + - name: LOG_LEVEL + value: debug + - name: STRIMZI_ZOOKEEPER_CONNECT + value: '{{ include "common.release" . }}-strimzi-zookeeper-client:{{ .Values.global.zkTunnelService.internalPort }}' + imagePullPolicy: Always + livenessProbe: + exec: + command: + - /opt/stunnel/stunnel_healthcheck.sh + - '{{ .Values.global.zkTunnelService.internalPort }}' + failureThreshold: 3 + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + readinessProbe: + exec: + command: + - /opt/stunnel/stunnel_healthcheck.sh + - '{{ .Values.global.zkTunnelService.internalPort }}' + failureThreshold: 3 + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + volumeMounts: + - mountPath: /etc/cluster-operator-certs/ + name: cluster-operator-certs + - mountPath: /etc/cluster-ca-certs/ + name: cluster-ca-certs - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -123,6 +147,10 @@ spec: successThreshold: {{ .Values.startup.successThreshold }} failureThreshold: {{ .Values.startup.failureThreshold }} env: + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "mr-kafka-admin-secret" "key" "sasl.jaas.config") | indent 12 }} + - name: SASLMECH + value: {{ .Values.global.saslMechanism }} - name: enableCadi value: "{{ .Values.global.aafEnabled }}" volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} @@ -135,9 +163,6 @@ spec: - mountPath: /appl/dmaapMR1/bundleconfig/etc/logback.xml subPath: logback.xml name: logback - - mountPath: /appl/dmaapMR1/etc/keyfile - subPath: mykey - name: mykey {{- if .Values.global.aafEnabled }} - mountPath: /appl/dmaapMR1/etc/runner-web.xml subPath: runner-web.xml @@ -168,13 +193,38 @@ spec: configMap: name: {{ include "common.fullname" . }}-prometheus-configmap {{- end }} - - name: mykey - secret: - secretName: {{ include "common.fullname" . }}-secret - name: sys-props configMap: name: {{ include "common.fullname" . }}-sys-props - name: jetty emptyDir: {} + - name: cluster-operator-certs + secret: + defaultMode: 288 + secretName: {{ include "common.release" . }}-strimzi-cluster-operator-certs + - name: cluster-ca-certs + secret: + defaultMode: 288 + secretName: {{ include "common.release" . }}-strimzi-cluster-ca-cert imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "common.fullname" . }}-zk-network-policy + namespace: {{ include "common.namespace" . }} +spec: + podSelector: + matchLabels: + strimzi.io/name: {{ include "common.release" . }}-strimzi-zookeeper + ingress: + - from: + - podSelector: + matchLabels: + app.kubernetes.io/name: {{ include "common.name" . }} + ports: + - port: {{ .Values.global.zkTunnelService.internalPort }} + protocol: TCP + policyTypes: + - Ingress diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml index 34b7a8822a..11daae0de8 100644 --- a/kubernetes/dmaap/components/message-router/values.yaml +++ b/kubernetes/dmaap/components/message-router/values.yaml @@ -1,5 +1,6 @@ # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,7 +19,14 @@ ################################################################# global: nodePortPrefix: 302 - + kafkaBootstrap: strimzi-kafka-bootstrap + saslMechanism: scram-sha-512 + kafkaInternalPort: 9092 + zkTunnelService: + type: ClusterIP + name: zk-tunnel-svc + portName: tcp-zk-tunnel + internalPort: 2181 ################################################################# # AAF part @@ -63,18 +71,25 @@ certInitializer: image: onap/dmaap/dmaap-mr:1.3.2 pullPolicy: Always -kafka: - name: message-router-kafka - port: 9092 zookeeper: - name: message-router-zookeeper - port: 2181 + entrance: + image: scholzj/zoo-entrance:latest + +secrets: + - uid: mr-kafka-admin-secret + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate # flag to enable debugging - application support required debugEnabled: false # application configuration -config: {} +config: + someConfig: blah # default number of instances replicaCount: 1 diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml index b7f0735c8d..d34efae312 100644 --- a/kubernetes/dmaap/values.yaml +++ b/kubernetes/dmaap/values.yaml @@ -1,5 +1,6 @@ # Copyright © 2018 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs,Bell Canada +# Modifications Copyright © 2021-2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -45,15 +46,25 @@ global: aafAppNs: org.osaaf.aaf aafLocatorContainer: oom + #Strimzi config + kafkaBootstrap: strimzi-kafka-bootstrap + kafkaStrimziAdminUser: strimzi-kafka-admin + kafkaInternalPort: 9092 + saslMechanism: scram-sha-512 + #Component overrides message-router: enabled: true + config: + jaasConfExternalSecret: '{{ .Values.global.kafkaStrimziAdminUser }}' dmaap-bc: enabled: true dmaap-dr-node: enabled: true dmaap-dr-prov: enabled: true +dmaap-strimzi: + enabled: true #Pods Service Account serviceAccount: diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh index 36853baa1f..347c7689e4 100755 --- a/kubernetes/helm/plugins/deploy/deploy.sh +++ b/kubernetes/helm/plugins/deploy/deploy.sh @@ -70,21 +70,21 @@ generate_overrides() { resolve_deploy_flags() { - flags=($1) - n=${#flags[*]} - i=0 ; while [ "$i" -lt "$n" ]; do - PARAM=${flags[i]} - if [ "$PARAM" = "-f" ] || \ - [ "$PARAM" = "--values" ] || \ - [ "$PARAM" = "--set" ] || \ - [ "$PARAM" = "--set-string" ] || \ - [ "$PARAM" = "--version" ]; then - # skip param and its value - i=$((i + 1)) + skip="false" + for param in $1; do + if [ "$skip" = "false" ]; then + if [ "$param" = "-f" ] || \ + [ "$param" = "--values" ] || \ + [ "$param" = "--set" ] || \ + [ "$param" = "--set-string" ] || \ + [ "$param" = "--version" ]; then + skip="true" + else + DEPLOY_FLAGS="$DEPLOY_FLAGS $param" + fi else - DEPLOY_FLAGS="$DEPLOY_FLAGS $PARAM" + skip="false" fi - i=$((i+1)) done echo "$DEPLOY_FLAGS" } @@ -93,8 +93,9 @@ resolve_deploy_flags() { check_for_dep() { try=0 retries=60 - until (kubectl get deployment -n $HELM_NAMESPACE | grep -P "\b$1\b") &>/dev/null; do - (( ++try > retries )) && exit 1 + until (kubectl get deployment -n $HELM_NAMESPACE | grep -P "\b$1\b") >/dev/null 2>&1; do + try=$(($try + 1)) + [ $try -gt $retries ] && exit 1 echo "$1 not found. Retry $try/$retries" sleep 10 done @@ -284,14 +285,19 @@ deploy() { if [ $SUBCHART_ENABLED -eq 1 ]; then deploy_subchart else - array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}")) - n=${#array[*]} - for i in $(seq $(($n-1)) -1 0); do - helm del "${array[i]}" + reverse_list= + for item in $(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}") + do + reverse_list="$item $reverse_list" + done + for item in $reverse_list + do + helm del $item done fi done + for subchart in * ; do SUBCHART_OVERRIDES=$CACHE_SUBCHART_DIR/$subchart/subchart-overrides.yaml @@ -306,10 +312,14 @@ deploy() { if [ $SUBCHART_ENABLED -eq 1 ]; then deploy_subchart else - array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}")) - n=${#array[*]} - for i in $(seq $(($n-1)) -1 0); do - helm del "${array[i]}" + reverse_list= + for item in $(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}") + do + reverse_list="$item $reverse_list" + done + for item in $reverse_list + do + helm del $item done fi done diff --git a/kubernetes/helm/starters/onap-app/Chart.yaml b/kubernetes/helm/starters/onap-app/Chart.yaml index 6782264007..2f8c678e40 100644 --- a/kubernetes/helm/starters/onap-app/Chart.yaml +++ b/kubernetes/helm/starters/onap-app/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: name: -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/holmes/Chart.yaml b/kubernetes/holmes/Chart.yaml index 5b80bf880a..10268d4c81 100644 --- a/kubernetes/holmes/Chart.yaml +++ b/kubernetes/holmes/Chart.yaml @@ -18,26 +18,26 @@ apiVersion: v2 description: ONAP DCAE HOLMES name: holmes -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.postgres.localCluster - name: postgres-init - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: not global.postgres.localCluster - name: holmes-rule-mgmt - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/holmes-rule-mgmt' - name: holmes-engine-mgmt - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/holmes-engine-mgmt' diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml index 455996b063..5169d6510a 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 appVersion: "2.0" description: Holmes Engine Management name: holmes-engine-mgmt -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/engine-d.yml b/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/engine-d.yml index 7475a4d2bf..9e62ccf2f7 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/engine-d.yml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/engine-d.yml @@ -31,7 +31,7 @@ server: logging: # The default level of all loggers. Can be OFF, ERROR, WARN, INFO, DEBUG, TRACE, or ALL. - level: ALL + level: INFO # Logger-specific levels. loggers: @@ -41,7 +41,7 @@ logging: appenders: - type: console - threshold: ALL + threshold: INFO timeZone: UTC logFormat: "%d{yyyy-MM-dd HH:mm:ss SSS} %-5p [%c][%t] invocationID:{InvocationID} - %m%n" - type: file @@ -51,7 +51,7 @@ logging: archivedLogFilenamePattern: /var/log/ONAP/holmes/zip/engine-d-error-%d{yyyy-MM-dd}.log.gz archivedFileCount: 7 - type: file - threshold: DEBUG + threshold: INFO logFormat: "%d{yyyy-MM-dd HH:mm:ss SSS} %-5p [%c][%t] invocationID:{InvocationID} - %m%n" currentLogFilename: /var/log/ONAP/holmes/engine-d-debug.log archivedLogFilenamePattern: /var/log/ONAP/holmes/zip/engine-d-debug-%d{yyyy-MM-dd}.log.gz diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml index c8ec225545..50df26f946 100644 --- a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml +++ b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml @@ -28,7 +28,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/holmes/engine-management:10.0.2 +image: onap/holmes/engine-management:10.0.5 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 ################################################################# diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml index 97d7fe3eea..08eb19df74 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 appVersion: "2.0" description: Holmes Rule Management name: holmes-rule-mgmt -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/rulemgt.yml b/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/rulemgt.yml index 43a83d09b0..89269dede8 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/rulemgt.yml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/resources/config/rulemgt.yml @@ -24,7 +24,7 @@ server: logging: # The default level of all loggers. Can be OFF, ERROR, WARN, INFO, DEBUG, TRACE, or ALL. - level: ALL + level: INFO # Logger-specific levels. loggers: @@ -34,7 +34,7 @@ logging: appenders: - type: console - threshold: ALL + threshold: INFO timeZone: UTC logFormat: "%d{yyyy-MM-dd HH:mm:ss SSS} %-5p [%c][%t] invocationID:{InvocationID} - %m%n" - type: file @@ -45,7 +45,7 @@ logging: archivedLogFilenamePattern: /var/log/ONAP/holmes/zip/rulemgt-relation-error-%d{yyyy-MM-dd}.log.gz archivedFileCount: 7 - type: file - threshold: DEBUG + threshold: INFO logFormat: "%d{yyyy-MM-dd HH:mm:ss SSS} %-5p [%c][%t] invocationID:{InvocationID} - %m%n" currentLogFilename: /var/log/ONAP/holmes/rulemgt-relation-debug.log archivedLogFilenamePattern: /var/log/ONAP/holmes/zip/rulemgt-relation-debug-%d{yyyy-MM-dd}.log.gz diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml index 94076194e0..84c2108521 100644 --- a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml +++ b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml @@ -28,7 +28,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/holmes/rule-management:10.0.2 +image: onap/holmes/rule-management:10.0.5 consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 ################################################################# diff --git a/kubernetes/log/Chart.yaml b/kubernetes/log/Chart.yaml index 7046188fbd..891566c781 100644 --- a/kubernetes/log/Chart.yaml +++ b/kubernetes/log/Chart.yaml @@ -18,21 +18,21 @@ apiVersion: v2 description: ONAP Logging ElasticStack name: log -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: log-elasticsearch - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/log-elasticsearch' - name: log-kibana - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/log-kibana' - name: log-logstash - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/log-logstash' diff --git a/kubernetes/log/components/log-elasticsearch/Chart.yaml b/kubernetes/log/components/log-elasticsearch/Chart.yaml index 39cd8ebfa5..7783eb1e9a 100644 --- a/kubernetes/log/components/log-elasticsearch/Chart.yaml +++ b/kubernetes/log/components/log-elasticsearch/Chart.yaml @@ -18,12 +18,12 @@ apiVersion: v2 description: ONAP Logging Elasticsearch name: log-elasticsearch -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/log/components/log-kibana/Chart.yaml b/kubernetes/log/components/log-kibana/Chart.yaml index 53233a0691..0df19a6d39 100644 --- a/kubernetes/log/components/log-kibana/Chart.yaml +++ b/kubernetes/log/components/log-kibana/Chart.yaml @@ -18,12 +18,12 @@ apiVersion: v2 description: ONAP Logging Kibana name: log-kibana -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/log/components/log-logstash/Chart.yaml b/kubernetes/log/components/log-logstash/Chart.yaml index 143ee1adba..b8a0d8e2c5 100644 --- a/kubernetes/log/components/log-logstash/Chart.yaml +++ b/kubernetes/log/components/log-logstash/Chart.yaml @@ -18,12 +18,12 @@ apiVersion: v2 description: ONAP Logging Logstash name: log-logstash -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/modeling/Chart.yaml b/kubernetes/modeling/Chart.yaml index 13b398b97f..fdb4031609 100644 --- a/kubernetes/modeling/Chart.yaml +++ b/kubernetes/modeling/Chart.yaml @@ -17,9 +17,9 @@ apiVersion: v2 description: ONAP Modeling (Modeling) name: modeling -version: 10.0.0 +version: 11.0.0 dependencies: - name: modeling-etsicatalog - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/modeling-etsicatalog' diff --git a/kubernetes/modeling/components/modeling-etsicatalog/Chart.yaml b/kubernetes/modeling/components/modeling-etsicatalog/Chart.yaml index 8825c6fe67..0c6dc78100 100644 --- a/kubernetes/modeling/components/modeling-etsicatalog/Chart.yaml +++ b/kubernetes/modeling/components/modeling-etsicatalog/Chart.yaml @@ -17,26 +17,26 @@ apiVersion: v2 description: ONAP Modeling - Etsicatalog name: modeling-etsicatalog -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.mariadbGalera.localCluster - name: mariadb-init - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: not global.mariadbGalera.localCluster - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/modeling/components/modeling-etsicatalog/values.yaml b/kubernetes/modeling/components/modeling-etsicatalog/values.yaml index 1b1bb387b9..61df057fdb 100644 --- a/kubernetes/modeling/components/modeling-etsicatalog/values.yaml +++ b/kubernetes/modeling/components/modeling-etsicatalog/values.yaml @@ -102,7 +102,7 @@ config: # application image flavor: small -image: onap/modeling/etsicatalog:1.0.13 +image: onap/modeling/etsicatalog:1.0.14 pullPolicy: Always #Istio sidecar injection policy diff --git a/kubernetes/msb/Chart.yaml b/kubernetes/msb/Chart.yaml index d21fdf868c..0ca765779c 100644 --- a/kubernetes/msb/Chart.yaml +++ b/kubernetes/msb/Chart.yaml @@ -18,28 +18,28 @@ apiVersion: v2 description: ONAP MicroServices Bus name: msb -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: kube2msb - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/kube2msb' - name: msb-consul - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/msb-consul' - name: msb-discovery - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/msb-discovery' - name: msb-eag - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/msb-eag' - name: msb-iag - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/msb-iag' diff --git a/kubernetes/msb/components/kube2msb/Chart.yaml b/kubernetes/msb/components/kube2msb/Chart.yaml index c196848dab..ec63e0565f 100644 --- a/kubernetes/msb/components/kube2msb/Chart.yaml +++ b/kubernetes/msb/components/kube2msb/Chart.yaml @@ -16,12 +16,12 @@ apiVersion: v2 description: ONAP MicroServices Bus Kube2MSB Registrator name: kube2msb -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/msb/components/msb-consul/Chart.yaml b/kubernetes/msb/components/msb-consul/Chart.yaml index 487b5d989c..830023b046 100644 --- a/kubernetes/msb/components/msb-consul/Chart.yaml +++ b/kubernetes/msb/components/msb-consul/Chart.yaml @@ -16,15 +16,15 @@ apiVersion: v2 description: ONAP MicroServices Bus Consul name: msb-consul -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/msb/components/msb-discovery/Chart.yaml b/kubernetes/msb/components/msb-discovery/Chart.yaml index cece1823d4..8d0c9a1ea4 100644 --- a/kubernetes/msb/components/msb-discovery/Chart.yaml +++ b/kubernetes/msb/components/msb-discovery/Chart.yaml @@ -16,15 +16,15 @@ apiVersion: v2 description: ONAP MicroServices Bus Discovery name: msb-discovery -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/msb/components/msb-eag/Chart.yaml b/kubernetes/msb/components/msb-eag/Chart.yaml index 7a8d65e651..1348eaa3d9 100644 --- a/kubernetes/msb/components/msb-eag/Chart.yaml +++ b/kubernetes/msb/components/msb-eag/Chart.yaml @@ -16,18 +16,18 @@ apiVersion: v2 description: ONAP MicroServices Bus Internal API Gateway name: msb-eag -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/msb/components/msb-iag/Chart.yaml b/kubernetes/msb/components/msb-iag/Chart.yaml index 80f5794411..38084154c6 100644 --- a/kubernetes/msb/components/msb-iag/Chart.yaml +++ b/kubernetes/msb/components/msb-iag/Chart.yaml @@ -16,18 +16,18 @@ apiVersion: v2 description: ONAP MicroServices Bus Internal API Gateway name: msb-iag -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/multicloud/Chart.yaml b/kubernetes/multicloud/Chart.yaml index 07fac6038e..7bc5f17613 100644 --- a/kubernetes/multicloud/Chart.yaml +++ b/kubernetes/multicloud/Chart.yaml @@ -18,43 +18,43 @@ apiVersion: v2 description: ONAP multicloud broker name: multicloud -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: multicloud-fcaps - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/multicloud-fcaps' condition: multicloud-fcaps.enabled - name: multicloud-k8s - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/multicloud-k8s' condition: multicloud-k8s.enabled - name: multicloud-pike - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/multicloud-pike' condition: multicloud-pike.enabled - name: multicloud-prometheus - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/multicloud-prometheus' condition: multicloud-prometheus.enabled - name: multicloud-starlingx - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/multicloud-starlingx' condition: multicloud-starlingx.enabled - name: multicloud-vio - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/multicloud-vio' condition: multicloud-vio.enabled - name: multicloud-windriver - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/multicloud-windriver' condition: multicloud-windriver.enabled - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/multicloud/components/multicloud-fcaps/Chart.yaml b/kubernetes/multicloud/components/multicloud-fcaps/Chart.yaml index 7a49ed33a7..c8fdd60d11 100644 --- a/kubernetes/multicloud/components/multicloud-fcaps/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-fcaps/Chart.yaml @@ -16,15 +16,15 @@ apiVersion: v2 description: ONAP multicloud OpenStack fcaps Plugin name: multicloud-fcaps -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/multicloud/components/multicloud-k8s/Chart.yaml b/kubernetes/multicloud/components/multicloud-k8s/Chart.yaml index 278f9d05d3..c6645db05c 100644 --- a/kubernetes/multicloud/components/multicloud-k8s/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-k8s/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 description: ONAP Multicloud Kubernetes Plugin name: multicloud-k8s -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: mongo - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: etcd - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/multicloud/components/multicloud-k8s/values.yaml b/kubernetes/multicloud/components/multicloud-k8s/values.yaml index 844ac5e58d..b152af282e 100644 --- a/kubernetes/multicloud/components/multicloud-k8s/values.yaml +++ b/kubernetes/multicloud/components/multicloud-k8s/values.yaml @@ -24,7 +24,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/multicloud/k8s:0.10.0 +image: onap/multicloud/k8s:0.10.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/multicloud/components/multicloud-pike/Chart.yaml b/kubernetes/multicloud/components/multicloud-pike/Chart.yaml index 3bf3a95c94..45dd8e5668 100644 --- a/kubernetes/multicloud/components/multicloud-pike/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-pike/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP multicloud OpenStack Pike Plugin name: multicloud-pike -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/multicloud/components/multicloud-prometheus/Chart.yaml b/kubernetes/multicloud/components/multicloud-prometheus/Chart.yaml index 7af1a67d9a..1fbfcd4a36 100644 --- a/kubernetes/multicloud/components/multicloud-prometheus/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-prometheus/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: ONAP Multicloud Prometheus name: multicloud-prometheus -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: prometheus-alertmanager - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/prometheus-alertmanager' - name: prometheus-grafana - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/prometheus-grafana' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/multicloud/components/multicloud-prometheus/components/prometheus-alertmanager/Chart.yaml b/kubernetes/multicloud/components/multicloud-prometheus/components/prometheus-alertmanager/Chart.yaml index e2b3a265c7..7734428db2 100644 --- a/kubernetes/multicloud/components/multicloud-prometheus/components/prometheus-alertmanager/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-prometheus/components/prometheus-alertmanager/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v2 description: ONAP Multicloud Prometheus Alert Manager name: prometheus-alertmanager -version: 10.0.0 +version: 11.0.0 diff --git a/kubernetes/multicloud/components/multicloud-prometheus/components/prometheus-grafana/Chart.yaml b/kubernetes/multicloud/components/multicloud-prometheus/components/prometheus-grafana/Chart.yaml index cf8cfc5633..b72890c141 100644 --- a/kubernetes/multicloud/components/multicloud-prometheus/components/prometheus-grafana/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-prometheus/components/prometheus-grafana/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v2 description: ONAP Multicloud Grafana for Prometheus name: prometheus-grafana -version: 10.0.0 +version: 11.0.0 diff --git a/kubernetes/multicloud/components/multicloud-starlingx/Chart.yaml b/kubernetes/multicloud/components/multicloud-starlingx/Chart.yaml index 9b49b71c63..79e0831141 100644 --- a/kubernetes/multicloud/components/multicloud-starlingx/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-starlingx/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP multicloud OpenStack Starlingx Plugin name: multicloud-starlingx -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/multicloud/components/multicloud-vio/Chart.yaml b/kubernetes/multicloud/components/multicloud-vio/Chart.yaml index 90a5c94757..0c444fb15b 100644 --- a/kubernetes/multicloud/components/multicloud-vio/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-vio/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: ONAP multicloud VIO plugin name: multicloud-vio -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/multicloud/components/multicloud-windriver/Chart.yaml b/kubernetes/multicloud/components/multicloud-windriver/Chart.yaml index 79df2005c8..d161db51ef 100644 --- a/kubernetes/multicloud/components/multicloud-windriver/Chart.yaml +++ b/kubernetes/multicloud/components/multicloud-windriver/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: ONAP multicloud OpenStack WindRiver Plugin name: multicloud-windriver -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/nbi/Chart.yaml b/kubernetes/nbi/Chart.yaml index fee022a491..93a05d34b0 100644 --- a/kubernetes/nbi/Chart.yaml +++ b/kubernetes/nbi/Chart.yaml @@ -17,32 +17,32 @@ apiVersion: v2 description: ONAP Northbound Interface name: nbi -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mongo - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.mariadbGalera.localCluster - name: mariadb-init - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: not global.mariadbGalera.localCluster - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index 92788e430f..9b69a4356f 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -65,7 +65,7 @@ subChartsOnly: # application image repository: nexus3.onap.org:10001 -image: onap/externalapi/nbi:8.0.1 +image: onap/externalapi/nbi:10.0.0 pullPolicy: IfNotPresent sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU= aai_authorization: Basic QUFJOkFBSQ== diff --git a/kubernetes/onap/Chart.yaml b/kubernetes/onap/Chart.yaml index 371bc7167e..3113fda8d1 100644 --- a/kubernetes/onap/Chart.yaml +++ b/kubernetes/onap/Chart.yaml @@ -15,8 +15,8 @@ apiVersion: v2 name: onap -version: 10.0.0 -appVersion: Jakarta +version: 11.0.0 +appVersion: Kohn description: Open Network Automation Platform (ONAP) home: https://www.onap.org/ sources: @@ -26,160 +26,160 @@ kubeVersion: ">=1.19.11-0" dependencies: - name: aaf - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: aaf.enabled - name: aai - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: aai.enabled - name: appc - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: appc.enabled - name: cassandra - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: cassandra.enabled - name: cds - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: cds.enabled - name: cli - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: cli.enabled - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: consul - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: consul.enabled - name: contrib - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.addTestingComponents - name: cps - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: cps.enabled - name: dcaegen2 - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcaegen2.enabled - name: dcaegen2-services - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcaegen2-services.enabled - name: dcaemod - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dcaemod.enabled - name: holmes - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: holmes.enabled - name: dmaap - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dmaap.enabled - name: log - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: log.enabled - name: sniro-emulator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: sniro-emulator.enabled - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: mariadb-galera.enabled - name: msb - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: msb.enabled - name: multicloud - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: multicloud.enabled - name: nbi - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: nbi.enabled - name: policy - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: policy.enabled - name: portal - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: portal.enabled - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: postgres.enabled - name: oof - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: oof.enabled - name: repository-wrapper - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: robot - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: robot.enabled - name: sdc - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: sdc.enabled - name: sdnc - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: sdnc.enabled - name: so - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: so.enabled - name: strimzi - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: strimzi.enabled - name: uui - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: uui.enabled - name: vfc - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: vfc.enabled - name: vid - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: vid.enabled - name: vnfsdk - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: vnfsdk.enabled - name: modeling - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: modeling.enabled - name: platform - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: platform.enabled - name: a1policymanagement - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: a1policymanagement.enabled - name: cert-wrapper - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: cert-wrapper.enabled - name: roles-wrapper - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: roles-wrapper.enabled diff --git a/kubernetes/onap/resources/overrides/environment.yaml b/kubernetes/onap/resources/overrides/environment.yaml index 50703fbf4a..c9ae94a136 100644 --- a/kubernetes/onap/resources/overrides/environment.yaml +++ b/kubernetes/onap/resources/overrides/environment.yaml @@ -136,7 +136,7 @@ dmaap: initialDelaySeconds: 120 mariadb-galera: liveness: - initialDelaySeconds: 180 + initialDelaySeconds: 30 periodSeconds: 60 mariadb-galera-server: liveness: diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml index f16813fc97..f8f1b4cd81 100644 --- a/kubernetes/onap/resources/overrides/onap-all.yaml +++ b/kubernetes/onap/resources/overrides/onap-all.yaml @@ -2,6 +2,7 @@ # Copyright (c) 2020 Nordix Foundation, Modifications # Modifications Copyright © 2020 Nokia # Modifications Copyright © 2021 Orange +# Modifications Copyright © 2022 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -56,6 +57,44 @@ dcaegen2: enabled: true dcaegen2-services: enabled: true + dcae-datafile-collector: + enabled: true + dcae-datalake-admin-ui: + enabled: true + dcae-datalake-des: + enabled: true + dcae-datalake-feeder: + enabled: true + dcae-heartbeat: + enabled: true + dcae-hv-ves-collector: + enabled: true + dcae-kpi-ms: + enabled: true + dcae-ms-healthcheck: + enabled: true + dcae-pm-mapper: + enabled: true + dcae-pmsh: + enabled: true + dcae-prh: + enabled: true + dcae-restconf-collector: + enabled: true + dcae-slice-analysis-ms: + enabled: true + dcae-snmptrap-collector: + enabled: true + dcae-son-handler: + enabled: true + dcae-tcagen2: + enabled: true + dcae-ves-collector: + enabled: true + dcae-ves-mapper: + enabled: true + dcae-ves-openapi-manager: + enabled: true dcaemod: enabled: true holmes: diff --git a/kubernetes/onap/resources/overrides/sm-onap.yaml b/kubernetes/onap/resources/overrides/sm-onap.yaml index 37080b8290..2af6e2147b 100644 --- a/kubernetes/onap/resources/overrides/sm-onap.yaml +++ b/kubernetes/onap/resources/overrides/sm-onap.yaml @@ -135,7 +135,7 @@ so: openStackServiceTenantName: "$OPENSTACK_TENANT_NAME" openStackEncryptedPasswordHere: "$OPENSTACK_ENCRYPTED_PASSWORD" strimzi: - enabled: false + enabled: true uui: enabled: false vid: diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 0e8dd21994..6939a87f21 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -97,7 +97,7 @@ global: loggingImage: beats/filebeat:5.5.0 # mariadb client image - mariadbImage: bitnami/mariadb:10.6.5-debian-10-r28 + mariadbImage: bitnami/mariadb:10.5.8 # nginx server image nginxImage: bitnami/nginx:1.21.4 diff --git a/kubernetes/oof/Chart.yaml b/kubernetes/oof/Chart.yaml index 0bc7dd9d59..7602afdb96 100755 --- a/kubernetes/oof/Chart.yaml +++ b/kubernetes/oof/Chart.yaml @@ -18,25 +18,25 @@ apiVersion: v2 description: ONAP Optimization Framework name: oof -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: oof-has - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/oof-has' condition: oof-has.enabled - name: oof-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/oof-templates' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/oof/components/oof-has/Chart.yaml b/kubernetes/oof/components/oof-has/Chart.yaml index ad129e0cc2..85613895f1 100755 --- a/kubernetes/oof/components/oof-has/Chart.yaml +++ b/kubernetes/oof/components/oof-has/Chart.yaml @@ -18,45 +18,45 @@ apiVersion: v2 description: ONAP Homing and Allocation Service name: oof-has -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: music - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: music.enabled - name: etcd - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: etcd.enabled - name: etcd-init - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: etcd-init.enabled - name: oof-has-api - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/oof-has-api' condition: oof-has-api.enabled - name: oof-has-controller - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/oof-has-controller' condition: oof-has-controller.enabled - name: oof-has-data - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/oof-has-data' condition: oof-has-data.enabled - name: oof-has-reservation - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/oof-has-reservation' condition: oof-has-reservation.enabled - name: oof-has-solver - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/oof-has-solver' condition: oof-has-solver.enabled - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml index 3026110fef..a1558114d8 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/Chart.yaml @@ -18,21 +18,21 @@ apiVersion: v2 description: ONAP Homing and Allocation Servicei - API name: oof-has-api -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: oof-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../oof-templates' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml index 72c5ddc9c2..228302fed4 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml @@ -16,7 +16,7 @@ global: # global defaults nodePortPrefix: 302 image: - optf_has: onap/optf-has:2.2.1 + optf_has: onap/optf-has:2.3.0 ################################################################# # secrets metaconfig diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/Chart.yaml index b59f49a054..e8f510bf5f 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-controller/Chart.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 description: ONAP Homing and Allocation Sservice - Controller name: oof-has-controller -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: oof-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../oof-templates' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml index 0157c569a0..a8c5dd216a 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.2.1 + optf_has: onap/optf-has:2.3.0 ################################################################# # Secrets metaconfig diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/Chart.yaml index f1757ecb6d..3bcfd08b41 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-data/Chart.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-data/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 description: ONAP Homing and Allocation Service - Data Component name: oof-has-data -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: oof-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../oof-templates' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml index 5623cde904..0aaf4286cd 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.2.1 + optf_has: onap/optf-has:2.3.0 ################################################################# # secrets metaconfig diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/Chart.yaml index 87a2417810..ba2733ef9f 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/Chart.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 description: ONAP Homing and Allocation Sevice - Reservation Component name: oof-has-reservation -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: oof-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../oof-templates' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml index fa8bdd97ed..fd88273dce 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.2.1 + optf_has: onap/optf-has:2.3.0 ################################################################# # secrets metaconfig diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/Chart.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/Chart.yaml index 663d863bfc..3ec7d88fe7 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-solver/Chart.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 description: ONAP Homing and Allocation Service - Solver Component name: oof-has-solver -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: oof-templates - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../../../oof-templates' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml index e7ceddd9a4..36c1945835 100755 --- a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml +++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml @@ -14,7 +14,7 @@ global: image: - optf_has: onap/optf-has:2.2.1 + optf_has: onap/optf-has:2.3.0 ################################################################# # secrets metaconfig diff --git a/kubernetes/oof/components/oof-has/resources/config/conductor.conf b/kubernetes/oof/components/oof-has/resources/config/conductor.conf index 7d724a593d..22a20fe64e 100755 --- a/kubernetes/oof/components/oof-has/resources/config/conductor.conf +++ b/kubernetes/oof/components/oof-has/resources/config/conductor.conf @@ -753,3 +753,47 @@ certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer #password = get_ta_list_url = "/api/v1/execute/ran-coverage-area/get_ta_list" + +[dcae] + +# +# From conductor +# +# +# Data Store table prefix. (string value) +#table_prefix = dcae + +# Base URL for DCAE, up to and not including the version, and without a +# trailing slash. (string value) +server_url = https://{{.Values.config.dcae.service}}.{{ include "common.namespace" . }}:{{.Values.config.dcae.port}} + +# Timeout for DCAE Rest Call (string value) +#dcae_rest_timeout = 30 + +# Number of retry for DCAE Rest Call (string value) +#dcae_retries = 3 + +# The version of A&AI in v# format. (string value) +server_url_version = v1 + +# SSL/TLS certificate file in pem format. This certificate must be registered +# with the SDC endpoint. (string value) +#certificate_file = certificate.pem +certificate_file = + +# Private Certificate Key file in pem format. (string value) +#certificate_key_file = certificate_key.pem +certificate_key_file = + +# Certificate Authority Bundle file in pem format. Must contain the appropriate +# trust chain for the Certificate file. (string value) +#certificate_authority_bundle_file = certificate_authority_bundle.pem +certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer + +# Username for DCAE. (string value) +#username = + +# Password for DCAE. (string value) +#password = + +get_slice_config_url = "/api/v1/slices-config" \ No newline at end of file diff --git a/kubernetes/oof/components/oof-has/values.yaml b/kubernetes/oof/components/oof-has/values.yaml index bc129beb3e..8a146a90b8 100755 --- a/kubernetes/oof/components/oof-has/values.yaml +++ b/kubernetes/oof/components/oof-has/values.yaml @@ -19,7 +19,7 @@ global: commonConfigPrefix: onap-oof-has image: - optf_has: onap/optf-has:2.2.1 + optf_has: onap/optf-has:2.3.0 persistence: enabled: true @@ -71,6 +71,9 @@ config: cps: service: cps-tbdmt port: 8080 + dcae: + service: dcae-slice-analysis-ms + port: 8080 etcd: serviceName: &etcd-service oof-has-etcd port: 2379 diff --git a/kubernetes/oof/components/oof-templates/Chart.yaml b/kubernetes/oof/components/oof-templates/Chart.yaml index 18f233b75d..a59f751611 100755 --- a/kubernetes/oof/components/oof-templates/Chart.yaml +++ b/kubernetes/oof/components/oof-templates/Chart.yaml @@ -18,10 +18,10 @@ apiVersion: v2 description: ONAP OOF helm templates name: oof-templates -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/oof/resources/config/conf/common_config.yaml b/kubernetes/oof/resources/config/conf/common_config.yaml index 8f00ac72da..57e8e27a19 100644 --- a/kubernetes/oof/resources/config/conf/common_config.yaml +++ b/kubernetes/oof/resources/config/conf/common_config.yaml @@ -162,4 +162,5 @@ nxi_termination: - "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'AN') > service-instance*('service-role','nsi')" - "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'AN_NF') > service-instance*('workload-context','AN')" - "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'TN_MH') > service-instance*('workload-context','AN')" + - "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'TN_FH') > service-instance*('workload-context','AN')" - "service-instance*('service-instance-id','{{ printf "{{instance_id}}" }}')('workload-context', 'AN_NF') > service-instance*('workload-context','AN')" diff --git a/kubernetes/platform/Chart.yaml b/kubernetes/platform/Chart.yaml index 5869d7401c..559e5fe383 100644 --- a/kubernetes/platform/Chart.yaml +++ b/kubernetes/platform/Chart.yaml @@ -19,15 +19,15 @@ apiVersion: v2 description: ONAP platform components name: platform -version: 10.0.0 +version: 11.0.0 dependencies: - name: oom-cert-service - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/oom-cert-service' - name: cmpv2-cert-provider - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/cmpv2-cert-provider' - name: chartmuseum - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/chartmuseum' diff --git a/kubernetes/platform/components/chartmuseum/Chart.yaml b/kubernetes/platform/components/chartmuseum/Chart.yaml index 16b504b1c3..e8a5b839a5 100644 --- a/kubernetes/platform/components/chartmuseum/Chart.yaml +++ b/kubernetes/platform/components/chartmuseum/Chart.yaml @@ -20,18 +20,18 @@ apiVersion: v2 description: ONAP Chart Museum name: chartmuseum -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/platform/components/cmpv2-cert-provider/Chart.yaml b/kubernetes/platform/components/cmpv2-cert-provider/Chart.yaml index b468412e55..1c6cb71630 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/Chart.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP CMPv2 certificate external provider for cert-manager name: cmpv2-cert-provider -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml index c49762202b..ce5e410abe 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml @@ -32,6 +32,16 @@ spec: metadata: labels: control-plane: controller-manager + {{- if (include "common.onServiceMesh" . | nindent 6 ) }} + annotations: + {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }} + linkerd.io/inject: disabled + {{- end }} + {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }} + traffic.sidecar.istio.io/excludeInboundPorts: "8080,8443" + traffic.sidecar.istio.io/includeInboundPorts: '*' + {{- end }} + {{- end }} spec: imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/platform/components/oom-cert-service/Chart.yaml b/kubernetes/platform/components/oom-cert-service/Chart.yaml index de3b9eb7a9..30da403445 100644 --- a/kubernetes/platform/components/oom-cert-service/Chart.yaml +++ b/kubernetes/platform/components/oom-cert-service/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: ONAP Cert Service name: oom-cert-service -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certManagerCertificate - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: cmpv2Config - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml b/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml index 8215ed949e..5f80a7dc75 100644 --- a/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml +++ b/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml @@ -22,6 +22,16 @@ spec: selector: {{- include "common.selectors" . | nindent 4 }} template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} + {{- if (include "common.onServiceMesh" . ) }} + annotations: + {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }} + linkerd.io/inject: disabled + {{- end }} + {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }} + traffic.sidecar.istio.io/excludeInboundPorts: "8080,8443" + traffic.sidecar.istio.io/includeInboundPorts: '*' + {{- end }} + {{- end }} spec: imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/Chart.yaml b/kubernetes/policy/Chart.yaml index 677271c241..803298aadc 100755 --- a/kubernetes/policy/Chart.yaml +++ b/kubernetes/policy/Chart.yaml @@ -18,70 +18,77 @@ apiVersion: v2 description: ONAP Policy name: policy -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: policy-nexus - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-nexus' condition: policy-nexus.enabled - name: policy-api - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-api' condition: policy-api.enabled - name: policy-pap - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-pap' condition: policy-pap.enabled - name: policy-xacml-pdp - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-xacml-pdp' condition: policy-xacml-pdp.enabled - name: policy-apex-pdp - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-apex-pdp' condition: policy-apex-pdp.enabled - name: policy-drools-pdp - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-drools-pdp' condition: policy-drools-pdp.enabled - name: policy-distribution - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-distribution' condition: policy-distribution.enabled - name: policy-clamp-be - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-clamp-be' condition: policy-clamp-be.enabled - name: policy-clamp-ac-k8s-ppnt - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-clamp-ac-k8s-ppnt' condition: policy-clamp-ac-k8s-ppnt.enabled - name: policy-clamp-ac-http-ppnt - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-clamp-ac-http-ppnt' condition: policy-clamp-ac-http-ppnt.enabled - name: policy-clamp-ac-pf-ppnt - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-clamp-ac-pf-ppnt' condition: policy-clamp-ac-pf-ppnt.enabled - name: policy-clamp-runtime-acm - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-clamp-runtime-acm' condition: policy-clamp-runtime-acm.enabled - name: policy-gui - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/policy-gui' condition: policy-gui.enabled - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' + - name: readinessCheck + version: ~11.x-0 + repository: '@local' + - name: postgres + version: ~11.x-0 + repository: '@local' + condition: global.postgres.localCluster diff --git a/kubernetes/policy/components/policy-apex-pdp/Chart.yaml b/kubernetes/policy/components/policy-apex-pdp/Chart.yaml index 7f22e9fd0e..92af552fac 100755 --- a/kubernetes/policy/components/policy-apex-pdp/Chart.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/Chart.yaml @@ -21,18 +21,18 @@ apiVersion: v2 description: ONAP Policy APEX PDP name: policy-apex-pdp -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml index dbf6a7cd6a..8284c73ed1 100644 --- a/kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/templates/serviceMonitor.yaml @@ -18,6 +18,6 @@ # ============LICENSE_END========================================================= */}} -{{- if .Values.prometheus.enabled }} +{{- if .Values.global.prometheusEnabled }} {{ include "common.serviceMonitor" . }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml index 6adf0e6609..db5251913e 100755 --- a/kubernetes/policy/components/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-apex-pdp:2.7.1 +image: onap/policy-apex-pdp:2.7.3 pullPolicy: Always # flag to enable debugging - application support required @@ -140,9 +140,6 @@ serviceAccount: roles: - read -prometheus: - enabled: true - metrics: serviceMonitor: # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. diff --git a/kubernetes/policy/components/policy-api/Chart.yaml b/kubernetes/policy/components/policy-api/Chart.yaml index 82a0f48240..d317b9e513 100755 --- a/kubernetes/policy/components/policy-api/Chart.yaml +++ b/kubernetes/policy/components/policy-api/Chart.yaml @@ -21,18 +21,18 @@ apiVersion: v2 description: ONAP Policy Design API name: policy-api -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml b/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml index c08b035d53..e6cf2b3571 100644 --- a/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml +++ b/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml @@ -29,6 +29,8 @@ spring: driverClassName: org.mariadb.jdbc.Driver username: "${SQL_USER}" password: "${SQL_PASSWORD}" + hikari: + maximumPoolSize: 20 jpa: properties: hibernate: diff --git a/kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml index dbf6a7cd6a..8284c73ed1 100644 --- a/kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml +++ b/kubernetes/policy/components/policy-api/templates/serviceMonitor.yaml @@ -18,6 +18,6 @@ # ============LICENSE_END========================================================= */}} -{{- if .Values.prometheus.enabled }} +{{- if .Values.global.prometheusEnabled }} {{ include "common.serviceMonitor" . }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml index 89608cfb6f..0e3ada8956 100755 --- a/kubernetes/policy/components/policy-api/values.yaml +++ b/kubernetes/policy/components/policy-api/values.yaml @@ -79,7 +79,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-api:2.6.1 +image: onap/policy-api:2.6.3 pullPolicy: Always # flag to enable debugging - application support required @@ -156,9 +156,6 @@ serviceAccount: roles: - read -prometheus: - enabled: true - metrics: serviceMonitor: # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/Chart.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/Chart.yaml index 00cbd28181..2fa60d513d 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/Chart.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/Chart.yaml @@ -19,18 +19,18 @@ apiVersion: v2 description: ONAP Policy Clamp Controlloop Http Participant name: policy-clamp-ac-http-ppnt -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml index 249aaaebda..406b59c545 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/resources/config/HttpParticipantParameters.yaml @@ -21,6 +21,20 @@ spring: user: name: ${RESTSERVER_USER} password: ${RESTSERVER_PASSWORD} +{{- if .Values.config.useStrimziKafka }} + kafka: + bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 + security.protocol: SASL_PLAINTEXT + properties.sasl: + mechanism: SCRAM-SHA-512 + jaas.config: ${JAASLOGIN} +{{ else }} +{{ toYaml .Values.config.eventPublisher | nindent 2 }} +{{- end }} + +{{- if .Values.config.additional }} +{{ toYaml .Values.config.additional | nindent 2 }} +{{- end }} security: enable-csrf: false diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/deployment.yaml index 3a5b8b199f..044be0ff70 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/templates/deployment.yaml @@ -38,6 +38,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }} - name: RESTSERVER_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }} +{{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }} +{{- end }} volumeMounts: - mountPath: /config-input name: ac-http-ppnt-config diff --git a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml index 8eafa463c5..5f8aa3b5a1 100644 --- a/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-http-ppnt/values.yaml @@ -43,6 +43,13 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}' password: '{{ .Values.certStores.trustStorePassword }}' passwordPolicy: required + - uid: policy-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate certStores: keyStorePassword: Pol1cy_0nap @@ -71,7 +78,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-http-ppnt:6.2.1 +image: onap/policy-clamp-ac-http-ppnt:6.2.3 pullPolicy: Always # application configuration @@ -137,3 +144,29 @@ serviceAccount: nameOverride: policy-clamp-ac-http-ppnt roles: - read + +config: +# Event consumption (kafka) properties + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap + kafka: + consumer: + groupId: policy-group + app: + listener: + acRuntimeTopic: policy-acruntime-participant +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. +# +# eventConsumption: +# spring.kafka.bootstrap-servers: :9092 +# spring.kafka.security.protocol: PLAINTEXT +# spring.kafka.consumer.group-id: policy-group +# +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format instead of yaml. +# additional: +# spring.config.max-size: 200 +# spring.config.min-size: 10 + diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/Chart.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/Chart.yaml index b55cb35649..2ca3762603 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/Chart.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/Chart.yaml @@ -21,18 +21,18 @@ apiVersion: v2 description: ONAP Policy Clamp Controlloop K8s Participant name: policy-clamp-ac-k8s-ppnt -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml index 0b7e2ab22d..6c14fd2207 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml @@ -21,6 +21,20 @@ spring: user: name: ${RESTSERVER_USER} password: ${RESTSERVER_PASSWORD} +{{- if .Values.config.useStrimziKafka }} + kafka: + bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 + security.protocol: SASL_PLAINTEXT + properties.sasl: + mechanism: SCRAM-SHA-512 + jaas.config: ${JAASLOGIN} +{{ else }} +{{ toYaml .Values.config.eventPublisher | nindent 2 }} +{{- end }} + +{{- if .Values.config.additional }} +{{ toYaml .Values.config.additional | nindent 2 }} +{{- end }} security: enable-csrf: false @@ -82,10 +96,4 @@ chart: api: enabled: false -# Sample Permitted list of helm repositories. Before deployment update the repositories where the helm charts are located. -# The Kubernetes participant accept only HTTPS Address -helm: - repos: - - - repoName: bitnami - address: https://charts.bitnami.com/bitnami +# Permitted list of helm repositories. Values are updated from values.yaml diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/configmap.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/configmap.yaml index 09cc8cd48f..54c595cc8f 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/configmap.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/configmap.yaml @@ -30,3 +30,8 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/*.{xml,yaml}").AsConfig . | indent 2 }} +{{- if .Values.repoList }} +{{ tpl (.Files.Glob "resources/config/KubernetesParticipantParameters.yaml").AsConfig . | indent 2 }} +{{ toYaml .Values.repoList | indent 4 }} +{{ tpl (.Files.Glob "resources/config/*.{json,xml,sh}").AsConfig . | indent 2 }} +{{- end }} \ No newline at end of file diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml index 14cb6d3f4e..e8650fe350 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/deployment.yaml @@ -38,6 +38,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }} - name: RESTSERVER_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }} +{{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }} +{{- end }} volumeMounts: - mountPath: /config-input name: ac-k8s-ppnt-config diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/service.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/service.yaml index 73381c9e3b..2439223192 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/service.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/templates/service.yaml @@ -18,16 +18,10 @@ # ============LICENSE_END========================================================= */}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: policy-clamp-cl-k8s-ppnt - namespace: {{ include "common.namespace" . }} ---- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ include "common.namespace" . }}-policy-clamp-cl-k8s-ppnt-binding + name: {{ include "common.namespace" . }}-policy-clamp-ac-k8s-ppnt-binding namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -40,6 +34,6 @@ roleRef: name: cluster-admin subjects: - kind: ServiceAccount - name: policy-clamp-cl-k8s-ppnt + name: {{ include "common.fullname" (dict "suffix" "create" "dot" . )}} namespace: {{ include "common.namespace" . }} diff --git a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml index a3fb19f1bc..2cf8d2d723 100644 --- a/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml @@ -44,6 +44,13 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}' password: '{{ .Values.certStores.trustStorePassword }}' passwordPolicy: required + - uid: policy-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate certStores: keyStorePassword: Pol1cy_0nap @@ -72,7 +79,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-k8s-ppnt:6.2.1 +image: onap/policy-clamp-ac-k8s-ppnt:6.2.3 pullPolicy: Always # flag to enable debugging - application support required @@ -138,3 +145,42 @@ serviceAccount: nameOverride: policy-clamp-ac-k8s-ppnt roles: - create +# Update the config here for permitting repositories and protocols +repoList: + helm: + repos: + - + repoName: kong + address: https://charts.konghq.com + - + repoName: bitnami + address: https://charts.bitnami.com/bitnami + + protocols: + - http + - https + +config: +# Event consumption (kafka) properties + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap + kafka: + consumer: + groupId: policy-group + app: + listener: + acRuntimeTopic: policy-acruntime-participant +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. +# +# eventConsumption: +# spring.kafka.bootstrap-servers: :9092 +# spring.kafka.security.protocol: PLAINTEXT +# spring.kafka.consumer.group-id: policy-group +# +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format instead of yaml. +# additional: +# spring.config.max-size: 200 +# spring.config.min-size: 10 diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/Chart.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/Chart.yaml index ae8d03bc13..fc9d432047 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/Chart.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/Chart.yaml @@ -19,18 +19,18 @@ apiVersion: v2 description: ONAP Policy Clamp Controlloop Policy Participant name: policy-clamp-ac-pf-ppnt -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml index 0160ff45df..856b16d91d 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml @@ -21,6 +21,20 @@ spring: user: name: ${RESTSERVER_USER} password: ${RESTSERVER_PASSWORD} +{{- if .Values.config.useStrimziKafka }} + kafka: + bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 + security.protocol: SASL_PLAINTEXT + properties.sasl: + mechanism: SCRAM-SHA-512 + jaas.config: ${JAASLOGIN} +{{ else }} +{{ toYaml .Values.config.eventPublisher | nindent 2 }} +{{- end }} + +{{- if .Values.config.additional }} +{{ toYaml .Values.config.additional | nindent 2 }} +{{- end }} security: enable-csrf: false diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml index b13e013f47..a127885cce 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml @@ -46,6 +46,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }} - name: RESTSERVER_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }} +{{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }} +{{- end }} volumeMounts: - mountPath: /config-input name: ac-pf-ppnt-config diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml index c825ab1a0c..6fefa02783 100644 --- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml +++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml @@ -55,6 +55,13 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}' password: '{{ .Values.certStores.trustStorePassword }}' passwordPolicy: required + - uid: policy-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate certStores: keyStorePassword: Pol1cy_0nap @@ -83,7 +90,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-ac-pf-ppnt:6.2.1 +image: onap/policy-clamp-ac-pf-ppnt:6.2.3 pullPolicy: Always # flag to enable debugging - application support required @@ -155,3 +162,28 @@ serviceAccount: nameOverride: policy-clamp-ac-pf-ppnt roles: - read + +config: +# Event consumption (kafka) properties + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap + kafka: + consumer: + groupId: policy-group + app: + listener: + acRuntimeTopic: policy-acruntime-participant +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. +# +# eventConsumption: +# spring.kafka.bootstrap-servers: :9092 +# spring.kafka.security.protocol: PLAINTEXT +# spring.kafka.consumer.group-id: policy-group +# +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format instead of yaml. +# additional: +# spring.config.max-size: 200 +# spring.config.min-size: 10 diff --git a/kubernetes/policy/components/policy-clamp-be/Chart.yaml b/kubernetes/policy/components/policy-clamp-be/Chart.yaml index e52eb76020..9b0cdf6a87 100644 --- a/kubernetes/policy/components/policy-clamp-be/Chart.yaml +++ b/kubernetes/policy/components/policy-clamp-be/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: ONAP Policy Clamp Backend name: policy-clamp-be -version: 10.0.0 +version: 11.0.0 dependencies: - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml index 2016b14043..c23657c421 100644 --- a/kubernetes/policy/components/policy-clamp-be/values.yaml +++ b/kubernetes/policy/components/policy-clamp-be/values.yaml @@ -71,7 +71,7 @@ secrets: flavor: small # application image -image: onap/policy-clamp-backend:6.2.1 +image: onap/policy-clamp-backend:6.2.3 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/Chart.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/Chart.yaml index 90e9293f56..42e02efb8d 100644 --- a/kubernetes/policy/components/policy-clamp-runtime-acm/Chart.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/Chart.yaml @@ -21,18 +21,18 @@ apiVersion: v2 description: ONAP Policy Clamp Controlloop Runtime name: policy-clamp-runtime-acm -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml index 2b52a2b892..219be24079 100644 --- a/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/resources/config/acRuntimeParameters.yaml @@ -44,6 +44,20 @@ spring: hibernate: dialect: org.hibernate.dialect.MariaDB103Dialect format_sql: true +{{- if .Values.config.useStrimziKafka }} + kafka: + bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 + security.protocol: SASL_PLAINTEXT + properties.sasl: + mechanism: SCRAM-SHA-512 + jaas.config: ${JAASLOGIN} +{{ else }} +{{ toYaml .Values.config.eventPublisher | nindent 2 }} +{{- end }} + +{{- if .Values.config.additional }} +{{ toYaml .Values.config.additional | nindent 2 }} +{{- end }} security: enable-csrf: false diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml index e302704201..361045af94 100644 --- a/kubernetes/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml @@ -56,6 +56,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "runtime-secret" "key" "login") | indent 10 }} - name: RUNTIME_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "runtime-secret" "key" "password") | indent 10 }} +{{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }} +{{- end }} volumeMounts: - mountPath: /config-input name: ac-runtime-config diff --git a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml index 1b571fc502..d224aa6bc4 100644 --- a/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml +++ b/kubernetes/policy/components/policy-clamp-runtime-acm/values.yaml @@ -50,6 +50,13 @@ secrets: login: '{{ .Values.config.policyAppUserName }}' password: '{{ .Values.config.policyAppUserPassword }}' passwordPolicy: required + - uid: policy-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate certStores: keyStorePassword: Pol1cy_0nap @@ -78,7 +85,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-clamp-runtime-acm:6.2.1 +image: onap/policy-clamp-runtime-acm:6.2.3 pullPolicy: Always # flag to enable debugging - application support required @@ -89,6 +96,30 @@ config: policyAppUserName: runtimeUser policyAppUserPassword: none +# Event consumption (kafka) properties + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap + kafka: + consumer: + groupId: policy-group + app: + listener: + acRuntimeTopic: policy.policy-acruntime-participant +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. +# +# eventConsumption: +# spring.kafka.bootstrap-servers: :9092 +# spring.kafka.security.protocol: PLAINTEXT +# spring.kafka.consumer.group-id: policy-group +# +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format instead of yaml. +# additional: +# spring.config.max-size: 200 +# spring.config.min-size: 10 + db: user: policy_user password: policy_user diff --git a/kubernetes/policy/components/policy-distribution/Chart.yaml b/kubernetes/policy/components/policy-distribution/Chart.yaml index b1758e53ba..6a5222f087 100755 --- a/kubernetes/policy/components/policy-distribution/Chart.yaml +++ b/kubernetes/policy/components/policy-distribution/Chart.yaml @@ -21,18 +21,18 @@ apiVersion: v2 description: ONAP Policy Distribution name: policy-distribution -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml index dbf6a7cd6a..8284c73ed1 100644 --- a/kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml +++ b/kubernetes/policy/components/policy-distribution/templates/serviceMonitor.yaml @@ -18,6 +18,6 @@ # ============LICENSE_END========================================================= */}} -{{- if .Values.prometheus.enabled }} +{{- if .Values.global.prometheusEnabled }} {{ include "common.serviceMonitor" . }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml index db271a9c3f..d36f1c2275 100755 --- a/kubernetes/policy/components/policy-distribution/values.yaml +++ b/kubernetes/policy/components/policy-distribution/values.yaml @@ -67,7 +67,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/policy-distribution:2.7.1 +image: onap/policy-distribution:2.7.3 pullPolicy: Always # flag to enable debugging - application support required @@ -162,9 +162,6 @@ serviceAccount: roles: - read -prometheus: - enabled: true - metrics: serviceMonitor: # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. diff --git a/kubernetes/policy/components/policy-drools-pdp/Chart.yaml b/kubernetes/policy/components/policy-drools-pdp/Chart.yaml index c8cc5523a4..1c9c73d340 100755 --- a/kubernetes/policy/components/policy-drools-pdp/Chart.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 description: ONAP Drools Policy Engine (PDP-D) name: policy-drools-pdp -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-drools-pdp/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-drools-pdp/templates/serviceMonitor.yaml index 1c04296e4f..f8c450cb7e 100644 --- a/kubernetes/policy/components/policy-drools-pdp/templates/serviceMonitor.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/templates/serviceMonitor.yaml @@ -18,6 +18,6 @@ # ============LICENSE_END========================================================= */}} -{{- if .Values.prometheus.enabled }} +{{- if .Values.global.prometheusEnabled }} {{ include "common.serviceMonitor" . }} {{- end }} diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml index 344a600afe..74c743cb2b 100755 --- a/kubernetes/policy/components/policy-drools-pdp/values.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml @@ -41,7 +41,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pdpd-cl:1.10.2 +image: onap/policy-pdpd-cl:1.10.3 pullPolicy: Always # flag to enable debugging - application support required @@ -203,9 +203,6 @@ serviceAccount: roles: - read -prometheus: - enabled: true - metrics: serviceMonitor: # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. diff --git a/kubernetes/policy/components/policy-gui/Chart.yaml b/kubernetes/policy/components/policy-gui/Chart.yaml index af1adbe3c7..fed1af9895 100644 --- a/kubernetes/policy/components/policy-gui/Chart.yaml +++ b/kubernetes/policy/components/policy-gui/Chart.yaml @@ -21,15 +21,15 @@ apiVersion: v2 description: ONAP Policy GUI name: policy-gui -version: 10.0.0 +version: 11.0.0 dependencies: - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-gui/resources/config/default.conf b/kubernetes/policy/components/policy-gui/resources/config/default.conf deleted file mode 100644 index 98417cd822..0000000000 --- a/kubernetes/policy/components/policy-gui/resources/config/default.conf +++ /dev/null @@ -1,32 +0,0 @@ -server { - - listen 2443 default ssl; - ssl_protocols TLSv1.2; - {{ if .Values.global.aafEnabled }} - ssl_certificate {{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.clamp_pem}}; - ssl_certificate_key {{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.clamp_key}}; - {{ else }} - ssl_certificate /etc/ssl/clamp.pem; - ssl_certificate_key /etc/ssl/clamp.key; - {{ end }} - - ssl_verify_client optional_no_ca; - absolute_redirect off; - - location / { - root /usr/share/nginx/html; - index index.html index.htm; - try_files $uri $uri/ =404; - } - - location /clamp/restservices/clds/ { - proxy_pass https://policy-clamp-be:8443/restservices/clds/; - proxy_set_header X-SSL-Cert $ssl_client_escaped_cert; - } - - location = /50x.html { - root /var/lib/nginx/html; - } - error_page 500 502 503 504 /50x.html; - error_log /var/log/nginx/error.log warn; -} diff --git a/kubernetes/policy/components/policy-gui/templates/deployment.yaml b/kubernetes/policy/components/policy-gui/templates/deployment.yaml index b67fa273de..a155715580 100644 --- a/kubernetes/policy/components/policy-gui/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-gui/templates/deployment.yaml @@ -1,6 +1,6 @@ {{/* # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -62,6 +62,20 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} +{{- if .Values.global.aafEnabled }} + command: ["sh","-c"] + args: ["source {{ .Values.certInitializer.credsPath }}/.ci;/opt/app/policy/gui/bin/policy-gui.sh"] + env: +{{- else }} + command: ["/opt/app/policy/gui/bin/policy-gui.sh"] + env: + - name: KEYSTORE_PASSWD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }} + - name: TRUSTSTORE_PASSWD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }} +{{- end }} + - name: CLAMP_URL + value: https://policy-clamp-be:8443 ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -81,9 +95,6 @@ spec: volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - name: logs mountPath: {{ .Values.log.path }} - - mountPath: /etc/nginx/conf.d/default.conf - name: {{ include "common.fullname" . }}-config - subPath: default.conf resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -99,9 +110,6 @@ spec: - name: {{ include "common.fullname" . }}-config configMap: name: {{ include "common.fullname" . }} - items: - - key: default.conf - path: default.conf - name: logs emptyDir: {} {{ if .Values.global.centralizedLoggingEnabled }}{{ include "common.log.volumes" . | nindent 8 }}{{ end }} diff --git a/kubernetes/policy/components/policy-gui/values.yaml b/kubernetes/policy/components/policy-gui/values.yaml index 6ee7715678..60a6ce38c4 100644 --- a/kubernetes/policy/components/policy-gui/values.yaml +++ b/kubernetes/policy/components/policy-gui/values.yaml @@ -1,5 +1,5 @@ # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,37 +25,47 @@ global: # global defaults #AAF service aafEnabled: true +################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: keystore-password + type: password + externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}' + password: '{{ .Values.certStores.keyStorePassword }}' + passwordPolicy: required + - uid: truststore-password + type: password + externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}' + password: '{{ .Values.certStores.trustStorePassword }}' + passwordPolicy: required + +certStores: + keyStorePassword: Pol1cy_0nap + trustStorePassword: Pol1cy_0nap + ################################################################# # AAF part ################################################################# certInitializer: - permission_user: 1000 - permission_group: 999 - addconfig: true - keystoreFile: "org.onap.clamp.p12" - truststoreFile: "org.onap.clamp.trust.jks" - keyFile: "org.onap.clamp.keyfile" - truststoreFileONAP: "truststoreONAPall.jks" - clamp_key: "clamp.key" - clamp_pem: "clamp.pem" - clamp_ca_certs_pem: "clamp-ca-certs.pem" nameOverride: policy-gui-cert-initializer aafDeployFqi: deployer@people.osaaf.org aafDeployPass: demo123456! - # aafDeployCredsExternalSecret: some secret - fqdn: clamp - fqi: clamp@clamp.onap.org - public_fqdn: clamp.onap.org - cadi_longitude: "0.0" + fqdn: policy + fqi: policy@policy.onap.org + public_fqdn: policy.onap.org cadi_latitude: "0.0" - app_ns: org.osaaf.aaf + cadi_longitude: "0.0" credsPath: /opt/app/osaaf/local + app_ns: org.osaaf.aaf + uid: 100 + gid: 101 aaf_add_config: > - cd {{ .Values.credsPath }}; - openssl pkcs12 -in {{ .Values.keystoreFile }} -nocerts -nodes -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_key }}; - openssl pkcs12 -in {{ .Values.keystoreFile }} -clcerts -nokeys -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_pem }}; - openssl pkcs12 -in {{ .Values.keystoreFile }} -cacerts -nokeys -chain -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_ca_certs_pem }}; - chmod a+rx *; + echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci; + echo "export TRUSTSTORE='{{ .Values.credsPath }}/org.onap.policy.trust.jks'" >> {{ .Values.credsPath }}/.ci; + echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci; + echo "export TRUSTSTORE_PASSWD='${cadi_truststore_password}'" >> {{ .Values.credsPath }}/.ci; + chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }}); subChartsOnly: enabled: true @@ -63,7 +73,7 @@ subChartsOnly: flavor: small # application image -image: onap/policy-gui:2.2.0 +image: onap/policy-gui:2.2.3 pullPolicy: Always # flag to enable debugging - application support required @@ -71,7 +81,7 @@ debugEnabled: false # log configuration log: - path: /var/log/nginx/ + path: /var/log/onap/policy/gui ################################################################# # Application configuration defaults. diff --git a/kubernetes/policy/components/policy-nexus/Chart.yaml b/kubernetes/policy/components/policy-nexus/Chart.yaml index 48497f2c8d..e8ba92a81c 100755 --- a/kubernetes/policy/components/policy-nexus/Chart.yaml +++ b/kubernetes/policy/components/policy-nexus/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 description: ONAP Policy Nexus name: policy-nexus -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-pap/Chart.yaml b/kubernetes/policy/components/policy-pap/Chart.yaml index c10d636a5d..27358908e2 100755 --- a/kubernetes/policy/components/policy-pap/Chart.yaml +++ b/kubernetes/policy/components/policy-pap/Chart.yaml @@ -22,18 +22,18 @@ apiVersion: v2 description: ONAP Policy Administration (PAP) name: policy-pap -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml index 6f501b8c21..195b087ff1 100644 --- a/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml +++ b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml @@ -29,6 +29,8 @@ spring: driverClassName: org.mariadb.jdbc.Driver username: "${SQL_USER}" password: "${SQL_PASSWORD}" + hikari: + maximumPoolSize: 20 jpa: properties: hibernate: @@ -38,6 +40,20 @@ spring: naming: physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl implicit-strategy: org.onap.policy.common.spring.utils.CustomImplicitNamingStrategy +{{- if .Values.config.useStrimziKafka }} + kafka: + bootstrap-servers: {{ include "common.release" . }}-{{ .Values.config.kafkaBootstrap }}:9092 + security.protocol: SASL_PLAINTEXT + properties.sasl: + mechanism: SCRAM-SHA-512 + jaas.config: ${JAASLOGIN} +{{ else }} +{{ toYaml .Values.config.eventPublisher | nindent 2 }} +{{- end }} + +{{- if .Values.config.additional }} +{{ toYaml .Values.config.additional | nindent 2 }} +{{- end }} server: port: 6969 diff --git a/kubernetes/policy/components/policy-pap/templates/deployment.yaml b/kubernetes/policy/components/policy-pap/templates/deployment.yaml index c33b80f4af..6f02f8e4c0 100755 --- a/kubernetes/policy/components/policy-pap/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-pap/templates/deployment.yaml @@ -65,6 +65,10 @@ spec: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "distribution-secret" "key" "login") | indent 10 }} - name: DISTRIBUTION_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "distribution-secret" "key" "password") | indent 10 }} +{{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }} +{{- end }} volumeMounts: - mountPath: /config-input name: papconfig diff --git a/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml index dbf6a7cd6a..8284c73ed1 100644 --- a/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml +++ b/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml @@ -18,6 +18,6 @@ # ============LICENSE_END========================================================= */}} -{{- if .Values.prometheus.enabled }} +{{- if .Values.global.prometheusEnabled }} {{ include "common.serviceMonitor" . }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml index 311653b860..2c240d2347 100755 --- a/kubernetes/policy/components/policy-pap/values.yaml +++ b/kubernetes/policy/components/policy-pap/values.yaml @@ -64,6 +64,13 @@ secrets: externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}' password: '{{ .Values.certStores.trustStorePassword }}' passwordPolicy: required + - uid: policy-kafka-user + externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' + type: genericKV + envs: + - name: sasl.jaas.config + value: '{{ .Values.config.someConfig }}' + policy: generate certStores: keyStorePassword: Pol1cy_0nap @@ -92,7 +99,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pap:2.6.1 +image: onap/policy-pap:2.6.3 pullPolicy: Always # flag to enable debugging - application support required @@ -181,9 +188,6 @@ serviceAccount: roles: - read -prometheus: - enabled: true - metrics: serviceMonitor: # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. @@ -199,3 +203,26 @@ metrics: externalSecretNameSuffix: policy-pap-user-creds externalSecretUserKey: login externalSecretPasswordKey: password + +# application configuration +config: +# Event consumption (kafka) properties + useStrimziKafka: true + kafkaBootstrap: strimzi-kafka-bootstrap + kafka: + consumer: + groupId: poicy-group + app: + listener: + policyPdpPapTopic: policy-pdp-pap +# If targeting a custom kafka cluster, ie useStrimziKakfa: false +# uncomment below config and target your kafka bootstrap servers, +# along with any other security config. +# +# eventConsumption: +# spring.kafka.bootstrap-servers: :9092 +# spring.kafka.security.protocol: PLAINTEXT +# spring.kafka.consumer.group-id: policy-group +# +# Any new property can be added in the env by setting in overrides in the format mentioned below +# All the added properties must be in "key: value" format instead of yaml. diff --git a/kubernetes/policy/components/policy-xacml-pdp/Chart.yaml b/kubernetes/policy/components/policy-xacml-pdp/Chart.yaml index 01bb146cd9..faa9d79f42 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/Chart.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/Chart.yaml @@ -21,18 +21,18 @@ apiVersion: v2 description: ONAP Policy XACML PDP (PDP-X) name: policy-xacml-pdp -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml index dbf6a7cd6a..8284c73ed1 100644 --- a/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/templates/serviceMonitor.yaml @@ -18,6 +18,6 @@ # ============LICENSE_END========================================================= */}} -{{- if .Values.prometheus.enabled }} +{{- if .Values.global.prometheusEnabled }} {{ include "common.serviceMonitor" . }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml index 308b5a78af..e7e7eebefe 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml @@ -83,7 +83,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-xacml-pdp:2.6.2 +image: onap/policy-xacml-pdp:2.6.3 pullPolicy: Always # flag to enable debugging - application support required @@ -159,9 +159,6 @@ serviceAccount: roles: - read -prometheus: - enabled: true - metrics: serviceMonitor: # Override the labels based on the Prometheus config parameter: serviceMonitorSelector. diff --git a/kubernetes/policy/resources/config/db-pg.sh b/kubernetes/policy/resources/config/db-pg.sh new file mode 100644 index 0000000000..f26a80fad7 --- /dev/null +++ b/kubernetes/policy/resources/config/db-pg.sh @@ -0,0 +1,29 @@ +#!/bin/sh +# +# ============LICENSE_START======================================================= +# Copyright (C) 2021-2022 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# + +#psql() { /usr/bin/psql -h ${PG_HOST} -p ${PG_PORT} "$@"; }; + +export PGPASSWORD=${PG_ADMIN_PASSWORD}; + +psql -h ${PG_HOST} -p ${PG_PORT} -U postgres --command "CREATE USER ${PG_USER} WITH PASSWORD '${PG_USER_PASSWORD}'" + +for db in migration pooling policyadmin policyclamp operationshistory clampacm +do + psql -h ${PG_HOST} -p ${PG_PORT} -U postgres --command "CREATE DATABASE ${db};" + psql -h ${PG_HOST} -p ${PG_PORT} -U postgres --command "GRANT ALL PRIVILEGES ON DATABASE ${db} TO ${PG_USER};" +done diff --git a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/secrets.yaml b/kubernetes/policy/resources/config/db_migrator_pg_policy_init.sh similarity index 70% rename from kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/secrets.yaml rename to kubernetes/policy/resources/config/db_migrator_pg_policy_init.sh index 033d8d5441..53921ab751 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-zookeeper/templates/secrets.yaml +++ b/kubernetes/policy/resources/config/db_migrator_pg_policy_init.sh @@ -1,5 +1,6 @@ +#!/bin/sh {{/* -# Copyright © 2020 AT&T +# Copyright (C) 2022 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,5 +14,8 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -{{ include "common.secretFast" . }} +/opt/app/policy/bin/prepare_upgrade.sh ${SQL_DB} +/opt/app/policy/bin/db-migrator-pg -s ${SQL_DB} -o upgrade +rc=$? +/opt/app/policy/bin/db-migrator-pg -s ${SQL_DB} -o report +exit $rc diff --git a/kubernetes/policy/templates/configmap.yaml b/kubernetes/policy/templates/configmap.yaml index 17558f86ea..c8b01ccb81 100755 --- a/kubernetes/policy/templates/configmap.yaml +++ b/kubernetes/policy/templates/configmap.yaml @@ -1,7 +1,7 @@ {{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018, 2020 AT&T Intellectual Property -# Modifications Copyright (C) 2021 Nordix Foundation. +# Modifications Copyright (C) 2021-2022 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/policy/templates/job.yaml b/kubernetes/policy/templates/job.yaml index d59b5fe770..9fea669c37 100755 --- a/kubernetes/policy/templates/job.yaml +++ b/kubernetes/policy/templates/job.yaml @@ -1,7 +1,7 @@ {{/* # Copyright © 2018 Amdocs, Bell Canada # Modifications Copyright © 2020 AT&T Intellectual Property -# Modifications Copyright (C) 2021 Nordix Foundation. +# Modifications Copyright (C) 2022 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -33,9 +33,9 @@ spec: spec: imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" - initContainers: + initContainers: {{ if .Values.global.postgres.localCluster }}{{ include "common.readinessCheck.waitFor" . | nindent 6 }}{{ end }} #This container checks that all galera instances are up before initializing it. - - name: {{ include "common.name" . }}-readiness + - name: {{ include "common.name" . }}-mariadb-readiness image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: @@ -71,6 +71,33 @@ spec: value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}" resources: {{ include "common.resources" . }} + {{ if .Values.global.postgres.localCluster }} + - name: {{ include "common.release" . }}-policy-pg-config + image: {{ .Values.repository }}/{{ .Values.postgresImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /docker-entrypoint-initdb.d/db-pg.sh + name: {{ include "common.fullname" . }}-config + subPath: db-pg.sh + command: + - /bin/sh + args: + - -x + - /docker-entrypoint-initdb.d/db-pg.sh + env: + - name: PG_ADMIN_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-root-pass" "key" "password") | indent 12 }} + - name: PG_HOST + value: "{{ .Values.postgres.service.name2 }}" + - name: PG_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "login") | indent 12 }} + - name: PG_USER_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 12 }} + - name: PG_PORT + value: "{{ .Values.postgres.service.internalPort }}" + resources: +{{ include "common.resources" . }} + {{ end }} containers: - name: {{ include "common.release" . }}-policy-galera-db-migrator image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.dbmigrator.image }} @@ -95,8 +122,41 @@ spec: value: {{ .Values.dbmigrator.schema }} - name: POLICY_HOME value: {{ .Values.dbmigrator.policy_home }} + - name: SCRIPT_DIRECTORY + value: "sql" resources: {{ include "common.resources" . }} + {{ if .Values.global.postgres.localCluster }} + - name: {{ include "common.release" . }}-policy-pg-db-migrator + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.dbmigrator.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /dbcmd-config/db_migrator_pg_policy_init.sh + name: {{ include "common.fullname" . }}-config + subPath: db_migrator_pg_policy_init.sh + command: + - /bin/sh + args: + - -x + - /dbcmd-config/db_migrator_pg_policy_init.sh + env: + - name: SQL_HOST + value: "{{ .Values.postgres.service.name2 }}" + - name: SQL_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "login") | indent 10 }} + - name: SQL_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 10 }} + - name: SQL_DB + value: {{ .Values.dbmigrator.schema }} + - name: POLICY_HOME + value: {{ .Values.dbmigrator.policy_home }} + - name: SCRIPT_DIRECTORY + value: "postgres" + - name: PGPASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 10 }} + resources: +{{ include "common.resources" . }} + {{ end }} restartPolicy: Never serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: @@ -108,3 +168,8 @@ spec: path: db.sh - key: db_migrator_policy_init.sh path: db_migrator_policy_init.sh + - key: db-pg.sh + path: db-pg.sh + - key: db_migrator_pg_policy_init.sh + path: db_migrator_pg_policy_init.sh + diff --git a/kubernetes/policy/templates/policy-kafka-topics.yaml b/kubernetes/policy/templates/policy-kafka-topics.yaml new file mode 100644 index 0000000000..1894d62a42 --- /dev/null +++ b/kubernetes/policy/templates/policy-kafka-topics.yaml @@ -0,0 +1,64 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- if .Values.config.useStrimziKafka }} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.config.acRuntimeTopic.name }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: {{ .Values.config.acRuntimeTopic.partitions }} + config: + retention.ms: {{ .Values.config.acRuntimeTopic.retentionMs }} + segment.bytes: {{ .Values.config.acRuntimeTopic.segmentBytes }} +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.config.policyPdpPapTopic.name }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: {{ .Values.config.policyPdpPapTopic.partitions }} + config: + retention.ms: {{ .Values.config.policyPdpPapTopic.retentionMs }} + segment.bytes: {{ .Values.config.policyPdpPapTopic.segmentBytes }} +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.config.policyHeartbeatTopic.name }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: {{ .Values.config.policyHeartbeatTopic.partitions }} + config: + retention.ms: {{ .Values.config.policyHeartbeatTopic.retentionMs }} + segment.bytes: {{ .Values.config.policyHeartbeatTopic.segmentBytes }} +--- +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaTopic +metadata: + name: {{ .Values.config.policyNotificationTopic.name }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + partitions: {{ .Values.config.policyNotificationTopic.partitions }} + config: + retention.ms: {{ .Values.config.policyNotificationTopic.retentionMs }} + segment.bytes: {{ .Values.config.policyNotificationTopic.segmentBytes }} +{{- end }} diff --git a/kubernetes/policy/templates/policy-kafka-user.yaml b/kubernetes/policy/templates/policy-kafka-user.yaml new file mode 100644 index 0000000000..1bc7ab1d3a --- /dev/null +++ b/kubernetes/policy/templates/policy-kafka-user.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright © 2022 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} +{{- if .Values.config.useStrimziKafka }} +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaUser +metadata: + name: {{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }} + labels: + strimzi.io/cluster: {{ include "common.release" . }}-strimzi +spec: + authentication: + type: scram-sha-512 + authorization: + type: simple + acls: + - resource: + type: group + name: {{ .Values.config.acRuntimeTopic.consumer.groupId }} + operation: Read + - resource: + type: topic + name: {{ .Values.config.acRuntimeTopic.name }} + operation: Read + - resource: + type: topic + name: {{ .Values.config.acRuntimeTopic.name }} + operation: Write +{{- end }} diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 759ba56b02..d7d556a39f 100755 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -27,6 +27,17 @@ global: service: &mariadbService name: &policy-mariadb policy-mariadb internalPort: 3306 + prometheusEnabled: false + postgres: + localCluster: false + service: + name: pgset + name2: tcp-pgset-primary + name3: tcp-pgset-replica + container: + name: postgres + kafkaBootstrap: strimzi-kafka-bootstrap + policyKafkaUser: policy-kafka-user ################################################################# # Secrets metaconfig @@ -66,6 +77,19 @@ secrets: login: '{{ .Values.restServer.policyApiUserName }}' password: '{{ .Values.restServer.policyApiUserPassword }}' passwordPolicy: required + - uid: pg-root-pass + name: &pgRootPassSecretName '{{ include "common.release" . }}-policy-pg-root-pass' + type: password + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "policy-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}' + password: '{{ .Values.postgres.config.pgRootpassword }}' + policy: generate + - uid: pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-policy-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "policy-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' + login: '{{ .Values.postgres.config.pgUserName }}' + password: '{{ .Values.postgres.config.pgUserPassword }}' + passwordPolicy: generate db: &dbSecretsHook credsExternalSecret: *dbSecretName @@ -75,47 +99,71 @@ policy-api: db: *dbSecretsHook restServer: apiUserExternalSecret: *policyApiCredsSecret + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-pap: enabled: true db: *dbSecretsHook restServer: papUserExternalSecret: *policyPapCredsSecret apiUserExternalSecret: *policyApiCredsSecret + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-xacml-pdp: enabled: true db: *dbSecretsHook + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-apex-pdp: enabled: true db: *dbSecretsHook + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-drools-pdp: enabled: true db: *dbSecretsHook + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-distribution: enabled: true db: *dbSecretsHook + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-clamp-be: enabled: true db: *dbSecretsHook config: appUserExternalSecret: *policyAppCredsSecret + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-clamp-ac-k8s-ppnt: enabled: true + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-clamp-ac-pf-ppnt: enabled: true restServer: apiUserExternalSecret: *policyApiCredsSecret papUserExternalSecret: *policyPapCredsSecret + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-clamp-ac-http-ppnt: enabled: true + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-nexus: enabled: false + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-clamp-runtime-acm: enabled: true db: *dbSecretsHook config: appUserExternalSecret: *policyAppCredsSecret + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-gui: enabled: true + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' ################################################################# # DB configuration defaults. @@ -128,7 +176,7 @@ mariadb: image: mariadb:10.5.8 dbmigrator: - image: onap/policy-db-migrator:2.4.1 + image: onap/policy-db-migrator:2.4.3 schema: policyadmin policy_home: "/opt/app/policy" @@ -160,6 +208,35 @@ readiness: config: policyAppUserName: runtimeUser + useStrimziKafka: true + acRuntimeTopic: + name: policy-acruntime-participant + partitions: 10 + retentionMs: 7200000 + segmentBytes: 1073741824 + consumer: + groupId: policy-group + policyPdpPapTopic: + name: policy-pdp-pap + partitions: 10 + retentionMs: 7200000 + segmentBytes: 1073741824 + consumer: + groupId: policy-group + policyHeartbeatTopic: + name: policy-heartbeat + partitions: 10 + retentionMs: 7200000 + segmentBytes: 1073741824 + consumer: + groupId: policy-group + policyNotificationTopic: + name: policy-notification + partitions: 10 + retentionMs: 7200000 + segmentBytes: 1073741824 + consumer: + groupId: policy-group mariadb-galera: # mariadb-galera.config and global.mariadb.config must be equals @@ -180,6 +257,31 @@ mariadb-galera: serviceAccount: nameOverride: *policy-mariadb +postgresImage: library/postgres:latest +# application configuration override for postgres +postgres: + nameOverride: &postgresName policy-postgres + service: + name: *postgresName + name2: policy-pg-primary + name3: policy-pg-replica + container: + name: + primary: policy-pg-primary + replica: policy-pg-replica + persistence: + mountSubPath: policy/postgres/data + mountInitPath: policy + config: + pgUserName: policy_user + pgDatabase: policyadmin + pgUserExternalSecret: *pgUserCredsSecretName + pgRootPasswordExternalSecret: *pgRootPassSecretName + +readinessCheck: + wait_for: + - '{{ ternary .Values.postgres.service.name "postgres" .Values.global.postgres.localCluster }}' + restServer: policyPapUserName: policyadmin policyPapUserPassword: zb!XztG34 diff --git a/kubernetes/portal/Chart.yaml b/kubernetes/portal/Chart.yaml index 698847338f..0f7b846607 100644 --- a/kubernetes/portal/Chart.yaml +++ b/kubernetes/portal/Chart.yaml @@ -18,24 +18,24 @@ apiVersion: v2 description: ONAP Web Portal name: portal -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: portal-app - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/portal-app' - name: portal-cassandra - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/portal-cassandra' - name: portal-mariadb - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/portal-mariadb' - name: portal-sdk - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/portal-sdk' - name: portal-widget - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/portal-widget' diff --git a/kubernetes/portal/components/portal-app/Chart.yaml b/kubernetes/portal/components/portal-app/Chart.yaml index c9c8b1b388..375b11bb7d 100644 --- a/kubernetes/portal/components/portal-app/Chart.yaml +++ b/kubernetes/portal/components/portal-app/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: ONAP Portal application name: portal-app -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/portal/components/portal-cassandra/Chart.yaml b/kubernetes/portal/components/portal-cassandra/Chart.yaml index b85fc84b94..6da2158294 100644 --- a/kubernetes/portal/components/portal-cassandra/Chart.yaml +++ b/kubernetes/portal/components/portal-cassandra/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: Portal cassandra name: portal-cassandra -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/portal/components/portal-mariadb/Chart.yaml b/kubernetes/portal/components/portal-mariadb/Chart.yaml index a152d71d89..ca58d58f18 100644 --- a/kubernetes/portal/components/portal-mariadb/Chart.yaml +++ b/kubernetes/portal/components/portal-mariadb/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: MariaDB Service name: portal-mariadb -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh index ddaf099bdf..63d266b75c 100644 --- a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh +++ b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh @@ -1,7 +1,6 @@ #!/bin/bash set -eo pipefail -shopt -s nullglob # logging functions mysql_log() { @@ -170,11 +169,20 @@ docker_init_database_dir() { mysql_note "Database files initialized" } +if [ -z "$DATADIR" ]; then + DATADIR='unknown' +fi +if [ -z "$SOCKET" ]; then + SOCKET='unknown' +fi +if [ -z "$DATABASE_ALREADY_EXISTS" ]; then + DATABASE_ALREADY_EXISTS='false' +fi + # Loads various settings that are used elsewhere in the script # This should be called after mysql_check_config, but before any other functions docker_setup_env() { # Get config - declare -g DATADIR SOCKET DATADIR="$(mysql_get_config 'datadir' "$@")" SOCKET="$(mysql_get_config 'socket' "$@")" @@ -186,7 +194,6 @@ docker_setup_env() { file_env 'MYSQL_ROOT_PASSWORD' file_env 'PORTAL_DB_TABLES' - declare -g DATABASE_ALREADY_EXISTS if [ -d "$DATADIR/mysql" ]; then DATABASE_ALREADY_EXISTS='true' fi diff --git a/kubernetes/portal/components/portal-sdk/Chart.yaml b/kubernetes/portal/components/portal-sdk/Chart.yaml index 02c17333ab..bfc41f0b73 100644 --- a/kubernetes/portal/components/portal-sdk/Chart.yaml +++ b/kubernetes/portal/components/portal-sdk/Chart.yaml @@ -18,18 +18,18 @@ apiVersion: v2 description: Portal software development kit name: portal-sdk -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/portal/components/portal-widget/Chart.yaml b/kubernetes/portal/components/portal-widget/Chart.yaml index 03b9344622..205922616d 100644 --- a/kubernetes/portal/components/portal-widget/Chart.yaml +++ b/kubernetes/portal/components/portal-widget/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: Portal widgets micro service application name: portal-widget -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/robot/Chart.yaml b/kubernetes/robot/Chart.yaml index 23610ddd3c..fcc3de3e47 100644 --- a/kubernetes/robot/Chart.yaml +++ b/kubernetes/robot/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: A helm Chart for kubernetes-ONAP Robot name: robot -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/robot/demo-k8s.sh b/kubernetes/robot/demo-k8s.sh index 3beef061ce..3f8ac9deec 100755 --- a/kubernetes/robot/demo-k8s.sh +++ b/kubernetes/robot/demo-k8s.sh @@ -273,7 +273,7 @@ if [ $execscript ]; then done fi -export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") +export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "ls -1q /share/logs/ | wc -l") OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_demo_$key DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) @@ -304,4 +304,4 @@ fi if [ -n "$TAG" ]; then VARIABLEFILES="-V /share/config/robot_properties.py" kubectl --namespace $NAMESPACE exec ${POD} -- ${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} -i ${TAG} --display $DISPLAY_NUM 2> ${TAG}.out -fi \ No newline at end of file +fi diff --git a/kubernetes/robot/ete-k8s.sh b/kubernetes/robot/ete-k8s.sh index 4ef8f462f0..82bf836ade 100755 --- a/kubernetes/robot/ete-k8s.sh +++ b/kubernetes/robot/ete-k8s.sh @@ -82,7 +82,7 @@ if [ "${!#}" = "execscript" ]; then done fi -export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") +export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "ls -1q /share/logs/ | wc -l") OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_$2 DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) diff --git a/kubernetes/robot/eteHelm-k8s.sh b/kubernetes/robot/eteHelm-k8s.sh index 1b31c16e81..90bfa11c13 100755 --- a/kubernetes/robot/eteHelm-k8s.sh +++ b/kubernetes/robot/eteHelm-k8s.sh @@ -50,7 +50,7 @@ if [ "${!#}" = "execscript" ]; then done fi -export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") +export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "ls -1q /share/logs/ | wc -l") OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_helmlist DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) diff --git a/kubernetes/robot/instantiate-k8s.sh b/kubernetes/robot/instantiate-k8s.sh index aef812b143..94883567d6 100755 --- a/kubernetes/robot/instantiate-k8s.sh +++ b/kubernetes/robot/instantiate-k8s.sh @@ -97,7 +97,7 @@ OUTPUT_DIRECTORY=/tmp/vnfdata.${BUILDNUM} set -x POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot) -export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") +export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "ls -1q /share/logs/ | wc -l") TAGS="-i $TAG" ETEHOME=/var/opt/ONAP OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_instantiate_vnf @@ -112,19 +112,19 @@ kubectl --namespace $NAMESPACE cp $FOLDER ${POD}:/tmp/vnfdata.${BUILDNUM} echo "Executing instantiation..." if [ $POLL = 1 ]; then - kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM > /tmp/vnf_instantiation.$BUILDNUM.log 2>&1 &" + kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM > /tmp/vnf_instantiation.$BUILDNUM.log 2>&1 &" - pid=`kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "pgrep runTags.sh -n"` + pid=`kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "pgrep runTags.sh -n"` if [ -z "$pid" ]; then echo "robot testsuite unable to start" exit 1 fi - kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "while ps -p \"$pid\" --no-headers | grep -v defunct; do echo \$'\n\n'; echo \"Testsuite still running \"\`date\`; echo \"LOG FILE: \"; tail -10 /tmp/vnf_instantiation.$BUILDNUM.log; sleep 30; done" + kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "while ps -p \"$pid\" --no-headers | grep -v defunct; do echo \$'\n\n'; echo \"Testsuite still running \"\`date\`; echo \"LOG FILE: \"; tail -10 /tmp/vnf_instantiation.$BUILDNUM.log; sleep 30; done" else - kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM" + kubectl --namespace $NAMESPACE exec ${POD} -- sh -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM" fi set +x diff --git a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py index 700b17a970..3c5f9ce73a 100644 --- a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py @@ -188,6 +188,9 @@ GLOBAL_DMAAP_KAFKA_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" GLOBAL_DMAAP_KAFKA_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "message-router-kafka" "port" 9092) }}' GLOBAL_DMAAP_KAFKA_JAAS_USERNAME = '{{ .Values.kafkaJaasUsername }}' GLOBAL_DMAAP_KAFKA_JAAS_PASSWORD = '{{ .Values.kafkaJaasPassword }}' +# strimzi kafka +GLOBAL_KAFKA_BOOTSTRAP_SERVICE = '{{ include "common.release" . }}-strimzi-kafka-bootstrap:9092' +GLOBAL_KAFKA_USER = '{{ .Values.strimziKafkaJaasUsername }}' # DROOL server port and credentials GLOBAL_DROOLS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "policy-drools-pdp" "port" 9696) }}' GLOBAL_DROOLS_USERNAME = '{{ .Values.droolsUsername }}' diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml index d8beeedb2a..0b1aa0e71d 100644 --- a/kubernetes/robot/values.yaml +++ b/kubernetes/robot/values.yaml @@ -364,10 +364,14 @@ vidHealthPassword: "AppPassword!1" # DMAAP BC bcUsername: "dmaap-bc@dmaap-bc.onap.org" bcPassword: "demo123456!" + # DMAAP KAFKA JAAS kafkaJaasUsername: "admin" kafkaJaasPassword: "admin_secret" +# STRIMZI KAFKA JAAS +strimziKafkaJaasUsername: "strimzi-kafka-admin" + #OOF oofUsername: "oof@oof.onap.org" oofPassword: "demo123456!" diff --git a/kubernetes/sdc/Chart.yaml b/kubernetes/sdc/Chart.yaml index 7647906d75..d2acf1b392 100644 --- a/kubernetes/sdc/Chart.yaml +++ b/kubernetes/sdc/Chart.yaml @@ -18,30 +18,30 @@ apiVersion: v2 description: Service Design and Creation Umbrella Helm charts name: sdc -version: 10.0.0 +version: 11.0.0 dependencies: - name: sdc-be - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdc-be' - name: sdc-cs - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdc-cs' - name: sdc-fe - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdc-fe' - name: sdc-onboarding-be - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdc-onboarding-be' - name: sdc-wfd-be - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdc-wfd-be' condition: sdc-wfd.enabled - name: sdc-wfd-fe - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdc-wfd-fe' condition: sdc-wfd.enabled - name: sdc-helm-validator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdc-helm-validator' condition: sdcHelmValidator.enabled diff --git a/kubernetes/sdc/components/sdc-be/Chart.yaml b/kubernetes/sdc/components/sdc-be/Chart.yaml index 6c2254882d..4620c679bd 100644 --- a/kubernetes/sdc/components/sdc-be/Chart.yaml +++ b/kubernetes/sdc/components/sdc-be/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: ONAP Service Design and Creation Backend API name: sdc-be -version: 10.0.0 +version: 11.0.0 dependencies: - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml index b7fa714e73..fb6682bf28 100644 --- a/kubernetes/sdc/components/sdc-be/values.yaml +++ b/kubernetes/sdc/components/sdc-be/values.yaml @@ -35,8 +35,8 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-backend-all-plugins:1.10.1 -backendInitImage: onap/sdc-backend-init:1.10.1 +image: onap/sdc-backend-all-plugins:1.11.4 +backendInitImage: onap/sdc-backend-init:1.11.4 pullPolicy: Always diff --git a/kubernetes/sdc/components/sdc-cs/Chart.yaml b/kubernetes/sdc/components/sdc-cs/Chart.yaml index 0789ee32b2..1ef26a69f0 100644 --- a/kubernetes/sdc/components/sdc-cs/Chart.yaml +++ b/kubernetes/sdc/components/sdc-cs/Chart.yaml @@ -18,20 +18,20 @@ apiVersion: v2 description: ONAP Service Design and Creation Cassandra name: sdc-cs -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: cassandra - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml index 3391af7864..1e182ed3ee 100644 --- a/kubernetes/sdc/components/sdc-cs/values.yaml +++ b/kubernetes/sdc/components/sdc-cs/values.yaml @@ -51,8 +51,8 @@ cassandra: # application image repository: nexus3.onap.org:10001 -image: onap/sdc-cassandra:1.10.1 -cassandraInitImage: onap/sdc-cassandra-init:1.10.1 +image: onap/sdc-cassandra:1.11.4 +cassandraInitImage: onap/sdc-cassandra-init:1.11.4 pullPolicy: Always config: diff --git a/kubernetes/sdc/components/sdc-fe/Chart.yaml b/kubernetes/sdc/components/sdc-fe/Chart.yaml index 3db6fc794d..2250947e85 100644 --- a/kubernetes/sdc/components/sdc-fe/Chart.yaml +++ b/kubernetes/sdc/components/sdc-fe/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: ONAP Service Design and Creation Front End name: sdc-fe -version: 10.0.0 +version: 11.0.0 dependencies: - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdc/components/sdc-fe/templates/service.yaml b/kubernetes/sdc/components/sdc-fe/templates/service.yaml index f899d58971..30c3d1122f 100644 --- a/kubernetes/sdc/components/sdc-fe/templates/service.yaml +++ b/kubernetes/sdc/components/sdc-fe/templates/service.yaml @@ -39,20 +39,15 @@ metadata: spec: type: {{ .Values.service.type }} ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - targetPort: {{ .Values.service.internalPort }} - {{ if eq .Values.service.type "NodePort" -}} + {{if eq .Values.service.type "NodePort" -}} + - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - {{ end }} - {{ if (include "common.needTLS" .) }} - - port: {{ .Values.service.internalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName }}s - {{ if eq .Values.service.type "NodePort" -}} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} - {{ end }} - {{ end }} + name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} + {{- else -}} + - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.externalPort2 .Values.service.externalPort }} + targetPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} + name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} + {{- end}} selector: app: {{ include "common.name" . }} release: {{ include "common.release" . }} diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml index 1dbf9ebd7a..05ac50d432 100644 --- a/kubernetes/sdc/components/sdc-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-fe/values.yaml @@ -47,7 +47,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-frontend:1.10.1 +image: onap/sdc-frontend:1.11.4 pullPolicy: Always config: @@ -112,12 +112,12 @@ service: type: NodePort name: sdc-fe portName: http - nodePort: "06" internalPort: 8181 externalPort: 8181 - nodePort2: "07" internalPort2: 9443 externalPort2: 9443 + nodePort: "07" + ingress: enabled: false diff --git a/kubernetes/sdc/components/sdc-helm-validator/Chart.yaml b/kubernetes/sdc/components/sdc-helm-validator/Chart.yaml index 5609083704..771bfbf7db 100644 --- a/kubernetes/sdc/components/sdc-helm-validator/Chart.yaml +++ b/kubernetes/sdc/components/sdc-helm-validator/Chart.yaml @@ -19,12 +19,12 @@ apiVersion: v2 description: ONAP Service Design and Creation Helm Validator name: sdc-helm-validator -version: 10.0.0 +version: 11.0.0 dependencies: - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml b/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml index 5ed3131099..e2ff602dd6 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml @@ -18,15 +18,15 @@ apiVersion: v2 description: ONAP Service Design and Creation Onboarding API name: sdc-onboarding-be -version: 10.0.0 +version: 11.0.0 dependencies: - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml index ff5d031510..5a1c6643e6 100644 --- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml +++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml @@ -59,8 +59,8 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-onboard-backend:1.10.1 -onboardingInitImage: onap/sdc-onboard-cassandra-init:1.10.1 +image: onap/sdc-onboard-backend:1.11.4 +onboardingInitImage: onap/sdc-onboard-cassandra-init:1.11.4 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdc/components/sdc-wfd-be/Chart.yaml b/kubernetes/sdc/components/sdc-wfd-be/Chart.yaml index 132c5d21ce..6992f6b9ab 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/Chart.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP Service Design and Creation Workflow Designer backend name: sdc-wfd-be -version: 10.0.0 +version: 11.0.0 dependencies: - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdc/components/sdc-wfd-be/values.yaml b/kubernetes/sdc/components/sdc-wfd-be/values.yaml index 6b18f47d66..828283ec76 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/values.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/values.yaml @@ -59,8 +59,8 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-workflow-backend:1.7.0 -configInitImage: onap/sdc-workflow-init:1.7.0 +image: onap/sdc-workflow-backend:1.11.1 +configInitImage: onap/sdc-workflow-init:1.11.1 pullPolicy: Always initJob: diff --git a/kubernetes/sdc/components/sdc-wfd-fe/Chart.yaml b/kubernetes/sdc/components/sdc-wfd-fe/Chart.yaml index 1b7aa773c9..45f13a04b1 100644 --- a/kubernetes/sdc/components/sdc-wfd-fe/Chart.yaml +++ b/kubernetes/sdc/components/sdc-wfd-fe/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP Service Design and Creation Workflow Designer frontend name: sdc-wfd-fe -version: 10.0.0 +version: 11.0.0 dependencies: - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml index c7e680a745..fd6f713655 100644 --- a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml +++ b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml @@ -47,7 +47,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/sdc-workflow-frontend:1.7.0 +image: onap/sdc-workflow-frontend:1.11.1 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/Chart.yaml b/kubernetes/sdnc/Chart.yaml index b30efc10c1..cc2148453b 100644 --- a/kubernetes/sdnc/Chart.yaml +++ b/kubernetes/sdnc/Chart.yaml @@ -17,61 +17,61 @@ apiVersion: v2 description: SDN Controller name: sdnc -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certManagerCertificate - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: logConfiguration - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: network-name-gen - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: network-name-gen.enabled - name: dgbuilder - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: dgbuilder.enabled - name: sdnc-prom - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: config.geoEnabled - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.mariadbGalera.localCluster - name: elasticsearch - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: config.sdnr.enabled # conditions for sdnc-subcharts - name: dmaap-listener - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/dmaap-listener/' condition: sdnc.dmaap-listener.enabled,dmaap-listener.enabled - name: ueb-listener - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/ueb-listener/' condition: sdnc.ueb-listener.enabled,ueb-listener.enabled - name: sdnc-ansible-server - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdnc-ansible-server/' condition: sdnc.sdnc-ansible-server.enabled,sdnc-ansible-server.enabled - name: sdnc-web - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/sdnc-web/' condition: sdnc.sdnc-web.enabled,sdnc-web.enabled - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdnc/components/dmaap-listener/Chart.yaml b/kubernetes/sdnc/components/dmaap-listener/Chart.yaml index 1d027ee089..3737cb7d89 100644 --- a/kubernetes/sdnc/components/dmaap-listener/Chart.yaml +++ b/kubernetes/sdnc/components/dmaap-listener/Chart.yaml @@ -16,15 +16,15 @@ apiVersion: v2 description: SDNC DMaaP Listener name: dmaap-listener -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdnc/components/dmaap-listener/values.yaml b/kubernetes/sdnc/components/dmaap-listener/values.yaml index 7ef646f3e1..5094b6eb52 100644 --- a/kubernetes/sdnc/components/dmaap-listener/values.yaml +++ b/kubernetes/sdnc/components/dmaap-listener/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-dmaap-listener-image:2.3.0 +image: onap/sdnc-dmaap-listener-image:2.3.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/components/sdnc-ansible-server/Chart.yaml b/kubernetes/sdnc/components/sdnc-ansible-server/Chart.yaml index c61b4e012d..c2c119888b 100644 --- a/kubernetes/sdnc/components/sdnc-ansible-server/Chart.yaml +++ b/kubernetes/sdnc/components/sdnc-ansible-server/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: SDN-C Ansible Server name: sdnc-ansible-server -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml index 768a617b63..7689dcc5e9 100644 --- a/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml +++ b/kubernetes/sdnc/components/sdnc-ansible-server/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-ansible-server-image:2.3.0 +image: onap/sdnc-ansible-server-image:2.3.2 pullPolicy: Always # flag to enable debugging - application support required @@ -101,7 +101,7 @@ readiness: service: type: ClusterIP name: sdnc-ansible-server - portName: sdnc-ansible-server + portName: http internalPort: 8000 externalPort: 8000 diff --git a/kubernetes/sdnc/components/sdnc-prom/Chart.yaml b/kubernetes/sdnc/components/sdnc-prom/Chart.yaml index 956c6073dc..b7da488b7c 100644 --- a/kubernetes/sdnc/components/sdnc-prom/Chart.yaml +++ b/kubernetes/sdnc/components/sdnc-prom/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP SDNC Policy Driven Ownership Management name: sdnc-prom -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh index 099103ca79..d92a1049e3 100755 --- a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh +++ b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh {{/* # Copyright © 2018 Amdocs @@ -33,8 +33,8 @@ failover(){ debugLog "Currently running sdnc and dns failover" return fi - trap "rm -f ${lockFile}" INT TERM RETURN - echo $BASHPID > ${lockFile} + trap "rm -f ${lockFile}" INT TERM EXIT + echo $$ > ${lockFile} # perform takeover debugLog "Started executing sdnc.failover for $SITE_NAME" diff --git a/kubernetes/sdnc/components/sdnc-web/Chart.yaml b/kubernetes/sdnc/components/sdnc-web/Chart.yaml index fbb7ca0cb2..6dc772376d 100644 --- a/kubernetes/sdnc/components/sdnc-web/Chart.yaml +++ b/kubernetes/sdnc/components/sdnc-web/Chart.yaml @@ -16,18 +16,18 @@ apiVersion: v2 description: SDN-C Web Server name: sdnc-web -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml b/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml index 21416c9b5f..03432d3b63 100644 --- a/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml +++ b/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml @@ -49,32 +49,34 @@ spec: {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: WEBPROTOCOL - value: {{ .Values.config.webProtocol }} + value: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.webProtocol .Values.config.webPlainProtocol }} - name: WEBPORT - value: {{ .Values.config.webPort | quote }} + value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.webPort .Values.config.webPlainPort | quote }} - name: SDNRPROTOCOL - value: {{ .Values.config.sdnrProtocol }} + value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrProtocol .Values.config.sdnrPlainProtocol }} - name: SDNRHOST - value: {{ .Values.config.sdnrHost }}.{{ include "common.namespace" . }} + value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrHost .Values.config.sdnrPlainHost }}.{{ include "common.namespace" . }} - name: SDNRPORT - value: {{ .Values.config.sdnrPort | quote }} + value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrPort .Values.config.sdnrPlainPort | quote }} + {{ if (include "common.needTLS" .) }} - name: SSL_CERT_DIR value: {{ .Values.config.sslCertDir }} - name: SSL_CERTIFICATE value: {{ .Values.config.sslCertiticate }} - name: SSL_CERTIFICATE_KEY value: {{ .Values.config.sslCertKey }} + {{ end }} {{ if .Values.config.transportpce.enabled }} - name: TRPCEURL value: {{ .Values.config.transportpce.transportpceUrl }} diff --git a/kubernetes/sdnc/components/sdnc-web/values.yaml b/kubernetes/sdnc/components/sdnc-web/values.yaml index f75b56726c..ecc5573f28 100644 --- a/kubernetes/sdnc/components/sdnc-web/values.yaml +++ b/kubernetes/sdnc/components/sdnc-web/values.yaml @@ -23,16 +23,21 @@ global: # Application configuration defaults. ################################################################# # application image -image: "onap/sdnc-web-image:2.2.5" +image: "onap/sdnc-web-image:2.3.2" pullPolicy: Always config: sdncChartName: sdnc webProtocol: HTTPS + webPlainProtocol: HTTP webPort: 8443 + webPlainPort: 8080 sdnrProtocol: https + sdnrPlainProtocol: http sdnrHost: "sdnc" + sdnrPlainHost: "sdnc" sdnrPort: "8443" + sdnrPlainPort : "8080" sslCertDir: "/opt/app/osaaf/local/certs" sslCertiticate: "cert.pem" sslCertKey: "key.pem" @@ -100,9 +105,12 @@ service: # for liveness and readiness probe only # internalPort: internalPort: 8443 + internalPlainPort: 8080 ports: - - name: "sdnc-web" + - name: http-sdnc-web port: "8443" + plain_port: "8080" + port_protocol: http nodePort: "05" #ingress: diff --git a/kubernetes/sdnc/components/ueb-listener/Chart.yaml b/kubernetes/sdnc/components/ueb-listener/Chart.yaml index ffaa1b7cca..d9df7aff85 100644 --- a/kubernetes/sdnc/components/ueb-listener/Chart.yaml +++ b/kubernetes/sdnc/components/ueb-listener/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: SDNC UEB Listener name: ueb-listener -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sdnc/components/ueb-listener/resources/config/ueb-listener.properties b/kubernetes/sdnc/components/ueb-listener/resources/config/ueb-listener.properties index 946773b18b..45a80af8a6 100644 --- a/kubernetes/sdnc/components/ueb-listener/resources/config/ueb-listener.properties +++ b/kubernetes/sdnc/components/ueb-listener/resources/config/ueb-listener.properties @@ -1,4 +1,9 @@ +{{- if (include "common.needTLS" .) }} org.onap.ccsdk.sli.northbound.uebclient.asdc-address=sdc-be.{{.Release.Namespace}}:8443 +{{- else }} +org.onap.ccsdk.sli.northbound.uebclient.asdc-address=sdc-be.{{.Release.Namespace}}:8080 +org.onap.ccsdk.sli.northbound.uebclient.use-https=false +{{- end }} org.onap.ccsdk.sli.northbound.uebclient.consumer-group=sdc-OpenSource-Env1-sdnc-dockero org.onap.ccsdk.sli.northbound.uebclient.consumer-id=sdc-COpenSource-Env11-sdnc-dockero org.onap.ccsdk.sli.northbound.uebclient.environment-name=AUTO diff --git a/kubernetes/sdnc/components/ueb-listener/values.yaml b/kubernetes/sdnc/components/ueb-listener/values.yaml index 50fee59a32..4d3cce7076 100644 --- a/kubernetes/sdnc/components/ueb-listener/values.yaml +++ b/kubernetes/sdnc/components/ueb-listener/values.yaml @@ -55,7 +55,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/sdnc-ueb-listener-image:2.3.0 +image: onap/sdnc-ueb-listener-image:2.3.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/sdnc/resources/config/conf/aaiclient.properties b/kubernetes/sdnc/resources/config/conf/aaiclient.properties index 7021990da0..5108a9d005 100755 --- a/kubernetes/sdnc/resources/config/conf/aaiclient.properties +++ b/kubernetes/sdnc/resources/config/conf/aaiclient.properties @@ -38,7 +38,11 @@ org.onap.ccsdk.sli.adaptors.aai.application=openECOMP # # Configuration file for A&AI Client # +{{- if (include "common.needTLS" .) }} org.onap.ccsdk.sli.adaptors.aai.uri=https://aai.{{.Release.Namespace}}:8443 +{{- else }} +org.onap.ccsdk.sli.adaptors.aai.uri=http://aai.{{.Release.Namespace}}:80 +{{- end }} connection.timeout=60000 read.timeout=60000 diff --git a/kubernetes/sdnc/resources/config/conf/oauth-provider.config.json b/kubernetes/sdnc/resources/config/conf/oauth-provider.config.json index 8d3c106bb9..7f99ed9497 100644 --- a/kubernetes/sdnc/resources/config/conf/oauth-provider.config.json +++ b/kubernetes/sdnc/resources/config/conf/oauth-provider.config.json @@ -2,7 +2,7 @@ "tokenSecret": "${OAUTH_TOKEN_SECRET}", "tokenIssuer": {{ .Values.config.sdnr.oauth.tokenIssuer | quote }}, "publicUrl": {{ .Values.config.sdnr.oauth.publicUrl | quote }}, - "redirectUri": "{{ .Values.config.sdnr.oauth.redirectUri | quote | default "null" }}", + "redirectUri": "{{ .Values.config.sdnr.oauth.redirectUri | default "null" }}", "supportOdlUsers": "{{ .Values.config.sdnr.oauth.supportOdlUsers | default "true" }}", "providers": {{ .Values.config.sdnr.oauth.providers | toJson }} -} \ No newline at end of file +} diff --git a/kubernetes/sdnc/templates/job.yaml b/kubernetes/sdnc/templates/job.yaml index 11b1a87128..b6dc32b096 100755 --- a/kubernetes/sdnc/templates/job.yaml +++ b/kubernetes/sdnc/templates/job.yaml @@ -131,8 +131,28 @@ spec: command: - /bin/bash args: - - {{.Values.config.binDir }}/installSdncDb.sh + - -c + - | + sleep 60; {{.Values.config.binDir }}/installSdncDb.sh resources: {{ include "common.resources" . | nindent 10 }} + {{- if include "common.onServiceMesh" . }} + - name: sdnc-service-mesh-wait-for-job-container + image: {{ include "repositoryGenerator.image.quitQuit" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /bin/sh + - "-c" + args: + - | + echo "waiting 20s for istio side cars to be up"; sleep 20s; + /app/ready.py --service-mesh-check sdnc -t 45; + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + {{- end }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} {{- end }} diff --git a/kubernetes/sdnc/templates/sdnrdb-init-job.yaml b/kubernetes/sdnc/templates/sdnrdb-init-job.yaml index cb8d7574db..665e16c9f8 100755 --- a/kubernetes/sdnc/templates/sdnrdb-init-job.yaml +++ b/kubernetes/sdnc/templates/sdnrdb-init-job.yaml @@ -53,7 +53,10 @@ spec: image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/bin/bash"] - args: ["-c", "{{ .Values.config.binDir }}/startODL.sh"] + args: + - -c + - | + sleep 90; "{{ .Values.config.binDir }}/startODL.sh" env: - name: SDNC_AAF_ENABLED value: "{{ .Values.global.aafEnabled}}" @@ -76,6 +79,24 @@ spec: value: "-k" volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} resources: {{ include "common.resources" . | nindent 12 }} + {{- if include "common.onServiceMesh" . }} + - name: sdnrdb-service-mesh-wait-for-job-container + image: {{ include "repositoryGenerator.image.quitQuit" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /bin/sh + - "-c" + args: + - | + echo "waiting 30s for istio side cars to be up"; sleep 30s; + /app/ready.py --service-mesh-check sdnc-sdnrdb-init-job -t 45; + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + {{- end }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} {{- end -}} diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index d45e13eb01..83a30caadf 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -210,7 +210,7 @@ certificates: # application images pullPolicy: Always -image: onap/sdnc-image:2.3.0 +image: onap/sdnc-image:2.3.2 # flag to enable debugging - application support required debugEnabled: false @@ -543,7 +543,7 @@ readiness: service: type: NodePort name: sdnc - portName: sdnc + portName: http internalPort: 8181 internalPort2: 8101 internalPort3: 8080 diff --git a/kubernetes/sniro-emulator/Chart.yaml b/kubernetes/sniro-emulator/Chart.yaml index 5366ed9a35..d155d5e8cc 100644 --- a/kubernetes/sniro-emulator/Chart.yaml +++ b/kubernetes/sniro-emulator/Chart.yaml @@ -17,15 +17,15 @@ apiVersion: v2 description: ONAP Mock Sniro Emulator name: sniro-emulator -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/sniro-emulator/values.yaml b/kubernetes/sniro-emulator/values.yaml index 81ce818a8a..8f43a4f46b 100644 --- a/kubernetes/sniro-emulator/values.yaml +++ b/kubernetes/sniro-emulator/values.yaml @@ -50,7 +50,7 @@ service: internalPort: 9999 externalPort: 80 nodePort: 88 - portName: httpd + portName: http ingress: enabled: false diff --git a/kubernetes/so/Chart.yaml b/kubernetes/so/Chart.yaml index d7466476de..acb536852d 100755 --- a/kubernetes/so/Chart.yaml +++ b/kubernetes/so/Chart.yaml @@ -16,91 +16,92 @@ apiVersion: v2 description: ONAP Service Orchestrator name: so -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' + condition: global.aafEnabled - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.mariadbGalera.localCluster - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/soHelpers' - name: so-admin-cockpit - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-admin-cockpit' condition: so-admin-cockpit.enabled - name: so-appc-orchestrator - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-appc-orchestrator' condition: so-appc-orchestrator.enabled - name: so-bpmn-infra - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-bpmn-infra' - name: so-catalog-db-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-catalog-db-adapter' condition: so-catalog-db-adapter.enabled - name: so-cnf-adapter - version: ~10.x-0 + version: ~11.x-0 repository: "file://components/so-cnf-adapter" condition: so-cnf-adapter.enabled - name: so-etsi-nfvo-ns-lcm - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-etsi-nfvo-ns-lcm' condition: so-etsi-nfvo-ns-lcm.enabled - name: so-etsi-sol003-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-etsi-sol003-adapter' condition: so-etsi-sol003-adapter.enabled - name: so-mariadb - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-mariadb' - name: so-nssmf-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-nssmf-adapter' condition: so-nssmf-adapter.enabled - name: so-oof-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-oof-adapter' condition: so-oof-adapter.enabled - name: so-openstack-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-openstack-adapter' condition: so-openstack-adapter.enabled - name: so-request-db-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-request-db-adapter' - name: so-sdc-controller - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-sdc-controller' - name: so-sdnc-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-sdnc-adapter' condition: so-sdnc-adapter.enabled - name: so-ve-vnfm-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-ve-vnfm-adapter' condition: so-ve-vnfm-adapter.enabled - name: so-etsi-sol005-adapter - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/so-etsi-sol005-adapter' condition: so-etsi-sol005-adapter.enabled - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-admin-cockpit/Chart.yaml b/kubernetes/so/components/so-admin-cockpit/Chart.yaml index f916b5c7b7..4218126d41 100644 --- a/kubernetes/so/components/so-admin-cockpit/Chart.yaml +++ b/kubernetes/so/components/so-admin-cockpit/Chart.yaml @@ -21,21 +21,21 @@ apiVersion: v2 description: A Helm chart for ONAP Service Orchestration Monitoring name: so-admin-cockpit -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml b/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml index 4b46721c2a..808c439181 100644 --- a/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml +++ b/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml @@ -116,7 +116,7 @@ spec: ports: - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} diff --git a/kubernetes/so/components/so-admin-cockpit/templates/service.yaml b/kubernetes/so/components/so-admin-cockpit/templates/service.yaml index c4439784ca..b23e5ab99e 100644 --- a/kubernetes/so/components/so-admin-cockpit/templates/service.yaml +++ b/kubernetes/so/components/so-admin-cockpit/templates/service.yaml @@ -39,14 +39,12 @@ spec: {{if and (eq .Values.service.type "NodePort") (.Values.global.aafEnabled) -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} release: {{ include "common.release" . }} - - diff --git a/kubernetes/so/components/so-appc-orchestrator/Chart.yaml b/kubernetes/so/components/so-appc-orchestrator/Chart.yaml index eae024bc53..a82663f094 100644 --- a/kubernetes/so/components/so-appc-orchestrator/Chart.yaml +++ b/kubernetes/so/components/so-appc-orchestrator/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: A Helm chart for so appc orchestrator name: so-appc-orchestrator -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-bpmn-infra/Chart.yaml b/kubernetes/so/components/so-bpmn-infra/Chart.yaml index 867f42956d..3a573b4245 100755 --- a/kubernetes/so/components/so-bpmn-infra/Chart.yaml +++ b/kubernetes/so/components/so-bpmn-infra/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 appVersion: "1.0" description: A Helm chart for SO Bpmn Infra name: so-bpmn-infra -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml index 360936d2ba..9feab4ddce 100755 --- a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml @@ -17,7 +17,11 @@ aai: auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}} dme2: timeout: '30000' + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} workflowAaiDistributionDelay: PT30S pnfEntryNotificationTimeout: P14D cds: @@ -158,7 +162,11 @@ mso: oof: auth: {{ .Values.mso.oof.auth }} callbackEndpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage + {{ if (include "common.needTLS" .) }} endpoint: https://oof-osdf.{{ include "common.namespace" . }}:8698 + {{ else }} + endpoint: http://oof-osdf.{{ include "common.namespace" . }}:8698 + {{ end }} timeout: PT30M workflow: CreateGenericVNFV1: diff --git a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml index 57a2b2c689..2b8b827f91 100755 --- a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml +++ b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml @@ -87,7 +87,7 @@ spec: {{ include "so.helpers.livenessProbe" .| indent 8 }} ports: - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} diff --git a/kubernetes/so/components/so-bpmn-infra/templates/service.yaml b/kubernetes/so/components/so-bpmn-infra/templates/service.yaml index 6eb6f27e26..5b8dee0774 100755 --- a/kubernetes/so/components/so-bpmn-infra/templates/service.yaml +++ b/kubernetes/so/components/so-bpmn-infra/templates/service.yaml @@ -29,11 +29,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/so/components/so-bpmn-infra/values.yaml b/kubernetes/so/components/so-bpmn-infra/values.yaml index d5ff829cc7..af185aeb4e 100755 --- a/kubernetes/so/components/so-bpmn-infra/values.yaml +++ b/kubernetes/so/components/so-bpmn-infra/values.yaml @@ -123,7 +123,7 @@ service: type: ClusterIP internalPort: *containerPort externalPort: 8081 - portName: so-bpmn-port + portName: http updateStrategy: type: RollingUpdate maxUnavailable: 1 diff --git a/kubernetes/so/components/so-catalog-db-adapter/Chart.yaml b/kubernetes/so/components/so-catalog-db-adapter/Chart.yaml index 64b339331e..e279432923 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/Chart.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/Chart.yaml @@ -16,24 +16,24 @@ apiVersion: v2 description: A Helm chart for so-catalog-db-adapter name: so-catalog-db-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml index 30e55511cc..fa9d3a6a4b 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml @@ -85,7 +85,7 @@ spec: {{ include "so.helpers.livenessProbe" .| indent 8 }} ports: - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml index 6eb6f27e26..5b8dee0774 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml @@ -29,11 +29,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/so/components/so-catalog-db-adapter/values.yaml b/kubernetes/so/components/so-catalog-db-adapter/values.yaml index a5961ee7dd..b4360942d2 100755 --- a/kubernetes/so/components/so-catalog-db-adapter/values.yaml +++ b/kubernetes/so/components/so-catalog-db-adapter/values.yaml @@ -87,7 +87,7 @@ service: type: ClusterIP internalPort: *containerPort externalPort: *containerPort - portName: so-catdb-port + portName: http updateStrategy: type: RollingUpdate maxUnavailable: 1 diff --git a/kubernetes/so/components/so-cnf-adapter/Chart.yaml b/kubernetes/so/components/so-cnf-adapter/Chart.yaml index 6155a93b2a..abc14e8b3a 100755 --- a/kubernetes/so/components/so-cnf-adapter/Chart.yaml +++ b/kubernetes/so/components/so-cnf-adapter/Chart.yaml @@ -18,24 +18,24 @@ apiVersion: v2 appVersion: "1.7.1" description: A Helm chart for Kubernetes name: so-cnf-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml index c99465b690..0c2f679082 100755 --- a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml @@ -16,7 +16,11 @@ aai: auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.server.aai.auth ) }} + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} enabled: {{ .Values.global.aai.enabled }} logging: path: logs @@ -50,4 +54,3 @@ management: prometheus: enabled: true # Whether exporting of metrics to Prometheus is enabled. step: 1m # Step size (i.e. reporting frequency) to use. - diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/Chart.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/Chart.yaml index 0d1f03bfc8..4b2fd67310 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/Chart.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 description: ONAP SO ETSI NFVO NS LCM name: so-etsi-nfvo-ns-lcm -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml index 5fc28e2cc2..7c1cb1b3c4 100644 --- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml @@ -17,7 +17,11 @@ aai: auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}} version: v19 + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} spring: datasource: hikari: @@ -54,7 +58,11 @@ so: etsi-catalog-manager: base: {{- if .Values.global.msbEnabled }} + {{ if (include "common.needTLS" .) }} endpoint: https://msb-iag:443/api + {{ else }} + endpoint: http://msb-iag:443/api + {{ end }} http: client: ssl: diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/Chart.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/Chart.yaml index 8d67e41577..742251a965 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/Chart.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/Chart.yaml @@ -16,21 +16,21 @@ apiVersion: v2 description: ONAP SO ETSI SOL003 Adapter name: so-etsi-sol003-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml index e6a1d7c06e..33b38add57 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml @@ -16,7 +16,11 @@ aai: auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}} version: v15 + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} spring: security: usercredentials: @@ -42,7 +46,11 @@ sdc: username: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.username "value2" .Values.sdc.username )}} password: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.password "value2" .Values.sdc.password )}} key: {{ .Values.sdc.key }} + {{ if (include "common.needTLS" .) }} endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://sdc-be.{{ include "common.namespace" . }}:8080 + {{ end }} vnfmadapter: endpoint: http://so-etsi-sol003-adapter.{{ include "common.namespace" . }}:9092 etsi-catalog-manager: diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml index 3272bfd299..7751bf4631 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml @@ -76,7 +76,7 @@ spec: failureThreshold: {{ .Values.livenessProbe.failureThreshold}} ports: - containerPort: {{ .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml index 5772a89a97..96a2acd3a6 100755 --- a/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml @@ -40,11 +40,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/Chart.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/Chart.yaml index 2a511c002f..7c2645e183 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/Chart.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-etsi-sol005-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml index dd46da0989..e1e2fc23c6 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml @@ -45,7 +45,11 @@ mso: msb-port: 80 adapters: requestDb: + {{ if (include "common.needTLS" .) }} endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083 + {{ else }} + endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 + {{ end }} auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}} #Actuator management: diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml index 4f8f4d9f26..1abf21816b 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml @@ -94,7 +94,7 @@ spec: failureThreshold: {{ .Values.livenessProbe.failureThreshold}} ports: - containerPort: {{ .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml index 2ecc66f233..5b8dee0774 100755 --- a/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml @@ -29,12 +29,12 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} - release: {{ include "common.release" . }} \ No newline at end of file + release: {{ include "common.release" . }} diff --git a/kubernetes/so/components/so-mariadb/Chart.yaml b/kubernetes/so/components/so-mariadb/Chart.yaml index 1b8ce4acc0..8b6d10f476 100755 --- a/kubernetes/so/components/so-mariadb/Chart.yaml +++ b/kubernetes/so/components/so-mariadb/Chart.yaml @@ -16,21 +16,21 @@ apiVersion: v2 description: MariaDB Service name: so-mariadb -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-mariadb/templates/job.yaml b/kubernetes/so/components/so-mariadb/templates/job.yaml index 2a84fac247..d9c6009c8a 100644 --- a/kubernetes/so/components/so-mariadb/templates/job.yaml +++ b/kubernetes/so/components/so-mariadb/templates/job.yaml @@ -53,13 +53,17 @@ spec: command: - /bin/bash - -c - - mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb nfvo > /var/data/mariadb/backup-`date +%s`.sql + - | + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} + mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb nfvo > /var/data/mariadb/backup-`date +%s`.sql volumeMounts: - mountPath: /etc/localtime name: localtime readOnly: true - name: backup-storage mountPath: /var/data/mariadb + {{ include "common.waitForJobContainer" . | indent 6 | trim }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: - name: localtime @@ -105,6 +109,8 @@ spec: - /bin/bash - -c - > + {{- if include "common.onServiceMesh" . }} + echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }} mysql() { /usr/bin/mysql -h ${DB_HOST} -P ${DB_PORT} "$@"; }; export -f mysql; mysql --user=root --password=${MYSQL_ROOT_PASSWORD} requestdb -e exit > /dev/null 2>&1 {{ if not .Values.global.migration.enabled }} && echo "Database already initialized!!!" && exit 0 {{ end }}; @@ -157,6 +163,7 @@ spec: {{- end }} resources: {{ include "common.resources" . | indent 12 }} + {{ include "common.waitForJobContainer" . | indent 6 | trim }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 10 }} diff --git a/kubernetes/so/components/so-mariadb/values.yaml b/kubernetes/so/components/so-mariadb/values.yaml index 58e34b78d6..13dd0868e8 100755 --- a/kubernetes/so/components/so-mariadb/values.yaml +++ b/kubernetes/so/components/so-mariadb/values.yaml @@ -21,7 +21,7 @@ global: nodePortPrefix: 302 nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 - readinessImage: onap/oom/readiness:3.0.1 + readinessImage: onap/oom/readiness:4.1.0 ubuntuInitRepository: docker.io mariadbGalera: nameOverride: &mariadbName mariadb-galera @@ -187,3 +187,7 @@ serviceAccount: nameOverride: so-mariadb roles: - read + +wait_for_job_container: + containers: + - '{{ include "common.name" . }}-config' diff --git a/kubernetes/so/components/so-nssmf-adapter/Chart.yaml b/kubernetes/so/components/so-nssmf-adapter/Chart.yaml index 525f54dfe7..ab97237dad 100755 --- a/kubernetes/so/components/so-nssmf-adapter/Chart.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-nssmf-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml index 75db547f38..1d8a97c028 100755 --- a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml @@ -15,7 +15,11 @@ */}} aai: auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}} + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} logging: path: logs spring: @@ -51,7 +55,11 @@ mso: msb-port: 80 adapters: requestDb: + {{ if (include "common.needTLS" .) }} endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083 + {{ else }} + endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 + {{ end }} auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}} #Actuator management: diff --git a/kubernetes/so/components/so-nssmf-adapter/values.yaml b/kubernetes/so/components/so-nssmf-adapter/values.yaml index 2489ddd75e..29f9f4e24d 100755 --- a/kubernetes/so/components/so-nssmf-adapter/values.yaml +++ b/kubernetes/so/components/so-nssmf-adapter/values.yaml @@ -107,7 +107,7 @@ app: nssmf-adapter service: type: ClusterIP ports: - - name: api + - name: http port: *containerPort updateStrategy: type: RollingUpdate diff --git a/kubernetes/so/components/so-oof-adapter/Chart.yaml b/kubernetes/so/components/so-oof-adapter/Chart.yaml index c411ef9830..d5b8bbf700 100755 --- a/kubernetes/so/components/so-oof-adapter/Chart.yaml +++ b/kubernetes/so/components/so-oof-adapter/Chart.yaml @@ -18,21 +18,21 @@ apiVersion: v2 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-oof-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml index 5013c34f79..8db5d26788 100755 --- a/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml @@ -42,7 +42,11 @@ mso: endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage oof: auth: ${OOF_LOGIN}:${OOF_PASSWORD} + {{ if (include "common.needTLS" .) }} endpoint: https://oof-osdf.{{ include "common.namespace" . }}:8698 + {{ else }} + endpoint: http://oof-osdf.{{ include "common.namespace" . }}:8698 + {{ end }} #Actuator management: endpoints: diff --git a/kubernetes/so/components/so-oof-adapter/values.yaml b/kubernetes/so/components/so-oof-adapter/values.yaml index 863e0e9428..530c35afdd 100755 --- a/kubernetes/so/components/so-oof-adapter/values.yaml +++ b/kubernetes/so/components/so-oof-adapter/values.yaml @@ -89,7 +89,7 @@ app: so-oof-adapter service: type: ClusterIP ports: - - name: api + - name: http port: *containerPort updateStrategy: type: RollingUpdate diff --git a/kubernetes/so/components/so-openstack-adapter/Chart.yaml b/kubernetes/so/components/so-openstack-adapter/Chart.yaml index cd128fa921..22c473f5c1 100755 --- a/kubernetes/so/components/so-openstack-adapter/Chart.yaml +++ b/kubernetes/so/components/so-openstack-adapter/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-openstack-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml index e332f98302..487e93132d 100755 --- a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml @@ -15,7 +15,11 @@ */}} aai: auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}} + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} server: port: {{ index .Values.containerPort }} spring: diff --git a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml index f370fbd315..55493f7c42 100755 --- a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml @@ -87,7 +87,7 @@ spec: {{ include "so.helpers.livenessProbe" .| indent 8 }} ports: - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} diff --git a/kubernetes/so/components/so-openstack-adapter/templates/service.yaml b/kubernetes/so/components/so-openstack-adapter/templates/service.yaml index 6eb6f27e26..5b8dee0774 100755 --- a/kubernetes/so/components/so-openstack-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-openstack-adapter/templates/service.yaml @@ -29,11 +29,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/so/components/so-openstack-adapter/values.yaml b/kubernetes/so/components/so-openstack-adapter/values.yaml index 057f8a0a85..28338cfa11 100755 --- a/kubernetes/so/components/so-openstack-adapter/values.yaml +++ b/kubernetes/so/components/so-openstack-adapter/values.yaml @@ -95,7 +95,7 @@ service: type: ClusterIP internalPort: *containerPort externalPort: *containerPort - portName: so-optack-port + portName: http updateStrategy: type: RollingUpdate maxUnavailable: 1 diff --git a/kubernetes/so/components/so-request-db-adapter/Chart.yaml b/kubernetes/so/components/so-request-db-adapter/Chart.yaml index 6e65cd7f53..db6855aa63 100755 --- a/kubernetes/so/components/so-request-db-adapter/Chart.yaml +++ b/kubernetes/so/components/so-request-db-adapter/Chart.yaml @@ -16,24 +16,24 @@ apiVersion: v2 description: A Helm chart for request-db-adapter name: so-request-db-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml index 30e55511cc..fa9d3a6a4b 100755 --- a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml @@ -85,7 +85,7 @@ spec: {{ include "so.helpers.livenessProbe" .| indent 8 }} ports: - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "so.certificate.volumes" . | nindent 6 }} diff --git a/kubernetes/so/components/so-request-db-adapter/templates/service.yaml b/kubernetes/so/components/so-request-db-adapter/templates/service.yaml index 6eb6f27e26..5b8dee0774 100755 --- a/kubernetes/so/components/so-request-db-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-request-db-adapter/templates/service.yaml @@ -29,11 +29,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/so/components/so-request-db-adapter/values.yaml b/kubernetes/so/components/so-request-db-adapter/values.yaml index e932a0b643..6bcd388b25 100755 --- a/kubernetes/so/components/so-request-db-adapter/values.yaml +++ b/kubernetes/so/components/so-request-db-adapter/values.yaml @@ -83,7 +83,7 @@ service: type: ClusterIP internalPort: *containerPort externalPort: *containerPort - portName: so-reqdb-port + portName: http updateStrategy: type: RollingUpdate maxUnavailable: 1 diff --git a/kubernetes/so/components/so-sdc-controller/Chart.yaml b/kubernetes/so/components/so-sdc-controller/Chart.yaml index a50e498d68..2f7cac5cf1 100755 --- a/kubernetes/so/components/so-sdc-controller/Chart.yaml +++ b/kubernetes/so/components/so-sdc-controller/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-sdc-controller -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml index b20e33a140..ffa66e9d78 100755 --- a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml @@ -63,19 +63,28 @@ mso: endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083 auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.requestDb.auth )}} aai: + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} asdc-connections: asdc-controller1: user: mso consumerGroup: SO-OpenSource-Env11 consumerId: SO-COpenSource-Env11 environmentName: AUTO + {{ if (include "common.needTLS" .) }} asdcAddress: sdc-be.{{ include "common.namespace" . }}:8443 + {{ else }} + asdcAddress: sdc-be.{{ include "common.namespace" . }}:8080 + {{ end }} password: {{ index .Values "mso" "asdc-connections" "asdc-controller1" "password" }} pollingInterval: 60 pollingTimeout: 60 relevantArtifactTypes: HEAT,HEAT_ENV,HEAT_VOL useHttpsWithDmaap: false + useHttpsWithSdc: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }} activateServerTLSAuth: false keyStorePassword: keyStorePath: diff --git a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml index f370fbd315..55493f7c42 100755 --- a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml +++ b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml @@ -87,7 +87,7 @@ spec: {{ include "so.helpers.livenessProbe" .| indent 8 }} ports: - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} diff --git a/kubernetes/so/components/so-sdc-controller/templates/service.yaml b/kubernetes/so/components/so-sdc-controller/templates/service.yaml index 6eb6f27e26..5b8dee0774 100755 --- a/kubernetes/so/components/so-sdc-controller/templates/service.yaml +++ b/kubernetes/so/components/so-sdc-controller/templates/service.yaml @@ -29,11 +29,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml index 58e93f53af..c0e3f5088f 100755 --- a/kubernetes/so/components/so-sdc-controller/values.yaml +++ b/kubernetes/so/components/so-sdc-controller/values.yaml @@ -91,7 +91,7 @@ service: type: ClusterIP internalPort: *containerPort externalPort: *containerPort - portName: so-sdc-port + portName: http updateStrategy: type: RollingUpdate maxUnavailable: 1 diff --git a/kubernetes/so/components/so-sdnc-adapter/Chart.yaml b/kubernetes/so/components/so-sdnc-adapter/Chart.yaml index 01bb209726..f75662d9d3 100755 --- a/kubernetes/so/components/so-sdnc-adapter/Chart.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/Chart.yaml @@ -17,21 +17,21 @@ apiVersion: v2 appVersion: "1.0" description: A Helm chart for Kubernetes name: so-sdnc-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml index 01e0ab7077..b95e0b58a3 100755 --- a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml @@ -91,7 +91,7 @@ spec: {{ include "so.helpers.livenessProbe" .| indent 8 }} ports: - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} diff --git a/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml b/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml index 6eb6f27e26..5b8dee0774 100755 --- a/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml @@ -29,11 +29,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/so/components/so-sdnc-adapter/values.yaml b/kubernetes/so/components/so-sdnc-adapter/values.yaml index cb9d02ae05..54fa88c7c0 100755 --- a/kubernetes/so/components/so-sdnc-adapter/values.yaml +++ b/kubernetes/so/components/so-sdnc-adapter/values.yaml @@ -110,7 +110,7 @@ service: type: ClusterIP internalPort: *containerPort externalPort: *containerPort - portName: so-sdnc-port + portName: http updateStrategy: type: RollingUpdate maxUnavailable: 1 diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/Chart.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/Chart.yaml index 6508ca41cf..a9f3821887 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/Chart.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 description: ONAP SO VE VNFM Adapter (SOL002) name: so-ve-vnfm-adapter -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: readinessCheck - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: soHelpers - version: ~10.x-0 + version: ~11.x-0 repository: 'file://../soHelpers' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml index f46219c6c9..8471540011 100755 --- a/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml @@ -18,10 +18,18 @@ server: port: {{ include "common.getPort" (dict "global" . "name" "http") }} vevnfmadapter: + {{ if (include "common.needTLS" .) }} endpoint: https://msb-iag:30283/api/{{ include "common.servicename" . }}/v1 + {{ else }} + endpoint: http://msb-iag:30283/api/{{ include "common.servicename" . }}/v1 + {{ end }} aai: + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} dmaap: endpoint: http://message-router.{{ include "common.namespace" . }}:3904 diff --git a/kubernetes/so/components/soHelpers/Chart.yaml b/kubernetes/so/components/soHelpers/Chart.yaml index a8415a3542..2029d4fd8c 100755 --- a/kubernetes/so/components/soHelpers/Chart.yaml +++ b/kubernetes/so/components/soHelpers/Chart.yaml @@ -16,15 +16,15 @@ apiVersion: v2 description: A Helm chart for SO helpers name: soHelpers -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml index efb3fab558..6933607827 100755 --- a/kubernetes/so/resources/config/overrides/override.yaml +++ b/kubernetes/so/resources/config/overrides/override.yaml @@ -1,5 +1,9 @@ aai: + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}} server: port: {{ index .Values.containerPort }} @@ -45,13 +49,21 @@ mso: activate: instanceid: test userid: cs0008 - endpoint: http://sdc-be.{{ include "common.namespace" . }}:8443 + {{ if (include "common.needTLS" .) }} + endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://sdc-be.{{ include "common.namespace" . }}:8080 + {{ end }} tenant: isolation: retry: count: 3 aai: + {{ if (include "common.needTLS" .) }} endpoint: https://aai.{{ include "common.namespace" . }}:8443 + {{ else }} + endpoint: http://aai.{{ include "common.namespace" . }}:8080 + {{ end }} auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}} extApi: diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml index 47701d89b9..99a5eff0e7 100755 --- a/kubernetes/so/templates/deployment.yaml +++ b/kubernetes/so/templates/deployment.yaml @@ -87,7 +87,7 @@ spec: {{ include "so.helpers.livenessProbe" .| indent 8 }} ports: - containerPort: {{ index .Values.containerPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} protocol: TCP # Filebeat sidecar container {{ include "common.log.sidecar" . | nindent 6 }} diff --git a/kubernetes/so/templates/service.yaml b/kubernetes/so/templates/service.yaml index 2849edecc7..5a83d566ac 100755 --- a/kubernetes/so/templates/service.yaml +++ b/kubernetes/so/templates/service.yaml @@ -392,11 +392,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index 1f454f63df..553de8c2d9 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -213,7 +213,7 @@ service: nodePort: 77 internalPort: *containerPort externalPort: *containerPort - portName: so-apih-port + portName: http updateStrategy: type: RollingUpdate maxUnavailable: 1 diff --git a/kubernetes/strimzi/Chart.yaml b/kubernetes/strimzi/Chart.yaml index 6ce866bdeb..17da739927 100644 --- a/kubernetes/strimzi/Chart.yaml +++ b/kubernetes/strimzi/Chart.yaml @@ -15,19 +15,19 @@ apiVersion: v2 description: ONAP Strimzi kafka name: strimzi -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/poddisruptionbudget.yaml b/kubernetes/strimzi/templates/strimzi-kafka-admin-user.yaml similarity index 59% rename from kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/poddisruptionbudget.yaml rename to kubernetes/strimzi/templates/strimzi-kafka-admin-user.yaml index d12ec126f9..2653c6799c 100644 --- a/kubernetes/dmaap/components/message-router/components/message-router-kafka/templates/poddisruptionbudget.yaml +++ b/kubernetes/strimzi/templates/strimzi-kafka-admin-user.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2018 AT&T +# Copyright © 2022 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,18 +13,19 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} - -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget +apiVersion: kafka.strimzi.io/v1beta2 +kind: KafkaUser metadata: - name: {{ include "common.fullname" . }}-pdb + name: {{ .Values.kafkaStrimziAdminUser }} labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} + strimzi.io/cluster: {{ include "common.release" . }}-strimzi spec: - selector: - matchLabels: - app: {{ include "common.name" . }} - maxUnavailable: 1 + authentication: + type: {{ .Values.saslMechanism }} + authorization: + type: simple + acls: + - resource: + type: group + name: onap-group + operation: Read \ No newline at end of file diff --git a/kubernetes/strimzi/templates/strimzi-kafka.yaml b/kubernetes/strimzi/templates/strimzi-kafka.yaml index a94879b8a0..4e8779d1d2 100644 --- a/kubernetes/strimzi/templates/strimzi-kafka.yaml +++ b/kubernetes/strimzi/templates/strimzi-kafka.yaml @@ -57,21 +57,22 @@ spec: authorization: type: simple superUsers: - - {{ include "common.release" . }}-{{ .Values.kafkaStrimziAdminUser }} + - {{ .Values.kafkaStrimziAdminUser }} template: pod: securityContext: runAsUser: 0 fsGroup: 0 config: + default.replication.factor: {{ .Values.replicaCount }} + min.insync.replicas: {{ .Values.replicaCount }} offsets.topic.replication.factor: {{ .Values.replicaCount }} transaction.state.log.replication.factor: {{ .Values.replicaCount }} - transaction.state.log.min.isr: 2 + transaction.state.log.min.isr: {{ .Values.replicaCount }} log.message.format.version: "3.0" inter.broker.protocol.version: "3.0" storage: type: jbod - class: {{ include "common.storageClass" (dict "dot" . "suffix" "kafka" "persistenceInfos" .Values.persistenceKafka) }} volumes: - id: 0 type: persistent-claim @@ -87,6 +88,10 @@ spec: replicas: {{ .Values.replicaCount }} config: ssl.hostnameVerification: false + ssl.quorum.hostnameVerification: false + {{- if (include "common.onServiceMesh" .) }} + sslQuorum: false + {{- end }} storage: type: persistent-claim size: {{ .Values.persistenceZk.size }} diff --git a/kubernetes/strimzi/values.yaml b/kubernetes/strimzi/values.yaml index 9e63c2c131..26b714a342 100644 --- a/kubernetes/strimzi/values.yaml +++ b/kubernetes/strimzi/values.yaml @@ -23,7 +23,7 @@ global: ################################################################# # Application configuration defaults. ################################################################# -replicaCount: 2 +replicaCount: 3 kafkaInternalPort: 9092 saslMechanism: scram-sha-512 version: 3.0.0 diff --git a/kubernetes/uui/Chart.yaml b/kubernetes/uui/Chart.yaml index dab69dd3e3..6a0b0c996d 100644 --- a/kubernetes/uui/Chart.yaml +++ b/kubernetes/uui/Chart.yaml @@ -17,24 +17,24 @@ apiVersion: v2 description: ONAP uui name: uui -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: uui-server - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/uui-server' - name: uui-nlp - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/uui-nlp' diff --git a/kubernetes/uui/components/uui-nlp/Chart.yaml b/kubernetes/uui/components/uui-nlp/Chart.yaml index d748aad543..84664dcfb5 100644 --- a/kubernetes/uui/components/uui-nlp/Chart.yaml +++ b/kubernetes/uui/components/uui-nlp/Chart.yaml @@ -20,15 +20,15 @@ apiVersion: v2 description: ONAP UUI NLP name: uui-nlp -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/uui/components/uui-server/Chart.yaml b/kubernetes/uui/components/uui-server/Chart.yaml index d6cc6f0697..133ebc5bf6 100644 --- a/kubernetes/uui/components/uui-server/Chart.yaml +++ b/kubernetes/uui/components/uui-server/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: ONAP uui server name: uui-server -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' \ No newline at end of file diff --git a/kubernetes/uui/components/uui-server/resources/entrypoint/run.sh b/kubernetes/uui/components/uui-server/resources/entrypoint/run.sh index f96dd74bd3..283d55b741 100644 --- a/kubernetes/uui/components/uui-server/resources/entrypoint/run.sh +++ b/kubernetes/uui/components/uui-server/resources/entrypoint/run.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh {{/* # # Copyright 2016-2017 ZTE Corporation. @@ -28,7 +28,7 @@ sleep 10 echo "usecase-ui database init script start..." dbScript="$main_path/resources/bin/initDB.sh" -source $dbScript 127.0.0.1 5432 postgres uui +$dbScript 127.0.0.1 5432 postgres uui echo "usecase-ui database init script finished normally..." JAVA_PATH="$JAVA_HOME/bin/java" @@ -40,4 +40,4 @@ jar_path="$main_path/usecase-ui-server.jar" echo @jar_path@ $jar_path echo "Starting usecase-ui-server..." -$JAVA_PATH $JAVA_OPTS -classpath $jar_path -jar $jar_path $SPRING_OPTS \ No newline at end of file +$JAVA_PATH $JAVA_OPTS -classpath $jar_path -jar $jar_path $SPRING_OPTS diff --git a/kubernetes/uui/components/uui-server/values.yaml b/kubernetes/uui/components/uui-server/values.yaml index 5bd781eb2d..d279163690 100644 --- a/kubernetes/uui/components/uui-server/values.yaml +++ b/kubernetes/uui/components/uui-server/values.yaml @@ -63,7 +63,7 @@ flavor: small # application image repository: nexus3.onap.org:10001 -image: onap/usecase-ui-server:4.0.6 +image: onap/usecase-ui-server:4.0.7 pullPolicy: Always # application configuration diff --git a/kubernetes/uui/values.yaml b/kubernetes/uui/values.yaml index 1ed9b470d2..f133ad5a27 100644 --- a/kubernetes/uui/values.yaml +++ b/kubernetes/uui/values.yaml @@ -57,7 +57,7 @@ subChartsOnly: flavor: small # application image -image: onap/usecase-ui:4.0.6 +image: onap/usecase-ui:4.0.7 pullPolicy: Always # application configuration diff --git a/kubernetes/vfc/Chart.yaml b/kubernetes/vfc/Chart.yaml index aecd278778..26c9747d35 100644 --- a/kubernetes/vfc/Chart.yaml +++ b/kubernetes/vfc/Chart.yaml @@ -17,48 +17,48 @@ apiVersion: v2 description: ONAP Virtual Function Controller (VF-C) name: vfc -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.mariadbGalera.localCluster - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: vfc-generic-vnfm-driver - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/vfc-generic-vnfm-driver' condition: vfc-generic-vnfm-driver.enabled - name: vfc-huawei-vnfm-driver - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/vfc-huawei-vnfm-driver' condition: vfc-huawei-vnfm-driver.enabled - name: vfc-nslcm - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/vfc-nslcm' condition: vfc-nslcm.enabled - name: vfc-redis - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/vfc-redis' condition: vfc-redis.enabled - name: vfc-vnflcm - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/vfc-vnflcm' condition: vfc-vnflcm.enabled - name: vfc-vnfmgr - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/vfc-vnfmgr' condition: vfc-vnfmgr.enabled - name: vfc-vnfres - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/vfc-vnfres' condition: vfc-vnfres.enabled - name: vfc-zte-vnfm-driver - version: ~10.x-0 + version: ~11.x-0 repository: 'file://components/vfc-zte-vnfm-driver' condition: vfc-zte-vnfm-driver.enabled diff --git a/kubernetes/vfc/components/vfc-generic-vnfm-driver/Chart.yaml b/kubernetes/vfc/components/vfc-generic-vnfm-driver/Chart.yaml index 1e1bb3cc55..74f472eeb5 100644 --- a/kubernetes/vfc/components/vfc-generic-vnfm-driver/Chart.yaml +++ b/kubernetes/vfc/components/vfc-generic-vnfm-driver/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP VFC - Generic VNFM Driver name: vfc-generic-vnfm-driver -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/deployment.yaml b/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/deployment.yaml index d5a043d533..b5ab1fb93c 100644 --- a/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/deployment.yaml @@ -59,9 +59,14 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MSB_HOST - value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }} - name: SSL_ENABLED - value: "{{ .Values.global.config.ssl_enabled }}" + value: "true" + {{- else }} + - name: SSL_ENABLED + value: "false" + {{- end }} - name: REG_TO_MSB_WHEN_START value: "{{ .Values.global.config.reg_to_msb_when_start }}" volumeMounts: diff --git a/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/service.yaml b/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/service.yaml index df7fe3149a..85498aeca8 100644 --- a/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/service.yaml +++ b/kubernetes/vfc/components/vfc-generic-vnfm-driver/templates/service.yaml @@ -43,11 +43,11 @@ spec: - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/vfc/components/vfc-generic-vnfm-driver/values.yaml b/kubernetes/vfc/components/vfc-generic-vnfm-driver/values.yaml index d92989dbcb..6a4a802028 100644 --- a/kubernetes/vfc/components/vfc-generic-vnfm-driver/values.yaml +++ b/kubernetes/vfc/components/vfc-generic-vnfm-driver/values.yaml @@ -26,7 +26,7 @@ global: # application image flavor: small -image: onap/vfc/gvnfmdriver:1.4.3 +image: onap/vfc/gvnfmdriver:1.4.4 pullPolicy: Always #Istio sidecar injection policy @@ -60,7 +60,7 @@ readiness: service: type: ClusterIP name: vfc-generic-vnfm-driver - portName: vfc-generic-vnfm-driver + portName: http externalPort: 8484 internalPort: 8484 # nodePort: 30484 diff --git a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/Chart.yaml b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/Chart.yaml index 33698eacb2..3fa0c45f0c 100644 --- a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/Chart.yaml +++ b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP VFC - Huawei VNFM Driver name: vfc-huawei-vnfm-driver -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/deployment.yaml b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/deployment.yaml index dd763b4f1e..f96d4d664b 100644 --- a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/deployment.yaml @@ -60,9 +60,14 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MSB_PROTO - value: "{{ .Values.global.config.msbprotocol }}" + value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}" + {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }} - name: SSL_ENABLED - value: "{{ .Values.global.config.ssl_enabled }}" + value: "true" + {{- else }} + - name: SSL_ENABLED + value: "false" + {{- end }} - name: MSB_ADDR value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" - name: REG_TO_MSB_WHEN_START diff --git a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/service.yaml b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/service.yaml index 95a84cff02..def3fa2a54 100644 --- a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/service.yaml +++ b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/templates/service.yaml @@ -44,7 +44,7 @@ spec: port: {{ .Values.service.internalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - - name: {{ .Values.service.portName }}2 + - name: {{ .Values.service.portName }}s port: {{ .Values.service.internalPort2 }} targetPort: {{ .Values.service.internalPort2 }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} @@ -54,7 +54,7 @@ spec: name: {{ .Values.service.portName }} - port: {{ .Values.service.externalPort2 }} targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName }}2 + name: {{ .Values.service.portName }}s {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/values.yaml b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/values.yaml index 596a1cf36d..32221692e3 100644 --- a/kubernetes/vfc/components/vfc-huawei-vnfm-driver/values.yaml +++ b/kubernetes/vfc/components/vfc-huawei-vnfm-driver/values.yaml @@ -60,7 +60,7 @@ readiness: service: type: ClusterIP name: vfc-huawei-vnfm-driver - portName: vfc-huawei-vnfm-driver + portName: http externalPort: 8482 internalPort: 8482 externalPort2: 8483 diff --git a/kubernetes/vfc/components/vfc-nslcm/Chart.yaml b/kubernetes/vfc/components/vfc-nslcm/Chart.yaml index 24942d1ee0..f415fec224 100644 --- a/kubernetes/vfc/components/vfc-nslcm/Chart.yaml +++ b/kubernetes/vfc/components/vfc-nslcm/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP VFC - NS Life Cycle Management name: vfc-nslcm -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml b/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml index 13c17059f4..f9faa7e845 100644 --- a/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml @@ -79,9 +79,14 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MSB_HOST - value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }} - name: SSL_ENABLED - value: "{{ .Values.global.config.ssl_enabled }}" + value: "true" + {{- else }} + - name: SSL_ENABLED + value: "false" + {{- end }} - name: MYSQL_ADDR value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}' - name: MYSQL_ROOT_USER diff --git a/kubernetes/vfc/components/vfc-nslcm/templates/service.yaml b/kubernetes/vfc/components/vfc-nslcm/templates/service.yaml index f46530ded9..4ca1cb891c 100644 --- a/kubernetes/vfc/components/vfc-nslcm/templates/service.yaml +++ b/kubernetes/vfc/components/vfc-nslcm/templates/service.yaml @@ -52,11 +52,11 @@ spec: - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/vfc/components/vfc-nslcm/values.yaml b/kubernetes/vfc/components/vfc-nslcm/values.yaml index 21ff189046..0cd3ce178a 100644 --- a/kubernetes/vfc/components/vfc-nslcm/values.yaml +++ b/kubernetes/vfc/components/vfc-nslcm/values.yaml @@ -41,7 +41,7 @@ secrets: # application image flavor: small -image: onap/vfc/nslcm:1.4.4 +image: onap/vfc/nslcm:1.4.7 pullPolicy: Always #Istio sidecar injection policy @@ -78,7 +78,7 @@ readiness: service: type: ClusterIP name: vfc-nslcm - portName: vfc-nslcm + portName: http externalPort: 8403 internalPort: 8403 # nodePort: 30403 diff --git a/kubernetes/vfc/components/vfc-redis/Chart.yaml b/kubernetes/vfc/components/vfc-redis/Chart.yaml index dac35a7984..9fe692baeb 100644 --- a/kubernetes/vfc/components/vfc-redis/Chart.yaml +++ b/kubernetes/vfc/components/vfc-redis/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP VFC - REDIS name: vfc-redis -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vfc/components/vfc-redis/templates/service.yaml b/kubernetes/vfc/components/vfc-redis/templates/service.yaml index b20f3f8880..23518e95f1 100644 --- a/kubernetes/vfc/components/vfc-redis/templates/service.yaml +++ b/kubernetes/vfc/components/vfc-redis/templates/service.yaml @@ -31,11 +31,11 @@ spec: - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/vfc/components/vfc-redis/values.yaml b/kubernetes/vfc/components/vfc-redis/values.yaml index 0bbb395938..1c6c4b4cce 100644 --- a/kubernetes/vfc/components/vfc-redis/values.yaml +++ b/kubernetes/vfc/components/vfc-redis/values.yaml @@ -55,7 +55,7 @@ readiness: service: type: ClusterIP name: vfc-redis - portName: vfc-redis + portName: http externalPort: 6379 internalPort: 6379 diff --git a/kubernetes/vfc/components/vfc-vnflcm/Chart.yaml b/kubernetes/vfc/components/vfc-vnflcm/Chart.yaml index a816c4ad94..288e447339 100644 --- a/kubernetes/vfc/components/vfc-vnflcm/Chart.yaml +++ b/kubernetes/vfc/components/vfc-vnflcm/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP VFC - VNF Life Cycle Management name: vfc-vnflcm -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml index 69de15c171..8c414ffc59 100644 --- a/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml @@ -79,9 +79,14 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MSB_HOST - value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }} - name: SSL_ENABLED - value: "{{ .Values.global.config.ssl_enabled }}" + value: "true" + {{- else }} + - name: SSL_ENABLED + value: "false" + {{- end }} - name: MYSQL_ADDR value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}' - name: MYSQL_ROOT_USER diff --git a/kubernetes/vfc/components/vfc-vnflcm/templates/service.yaml b/kubernetes/vfc/components/vfc-vnflcm/templates/service.yaml index b64740bbe2..7970e8a9b1 100644 --- a/kubernetes/vfc/components/vfc-vnflcm/templates/service.yaml +++ b/kubernetes/vfc/components/vfc-vnflcm/templates/service.yaml @@ -43,11 +43,11 @@ spec: - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/vfc/components/vfc-vnflcm/values.yaml b/kubernetes/vfc/components/vfc-vnflcm/values.yaml index e4ae447491..fcad261817 100644 --- a/kubernetes/vfc/components/vfc-vnflcm/values.yaml +++ b/kubernetes/vfc/components/vfc-vnflcm/values.yaml @@ -41,7 +41,7 @@ secrets: # application image flavor: small -image: onap/vfc/vnflcm:1.4.2 +image: onap/vfc/vnflcm:1.4.3 pullPolicy: Always #Istio sidecar injection policy @@ -78,7 +78,7 @@ readiness: service: type: ClusterIP name: vfc-vnflcm - portName: vfc-vnflcm + portName: http externalPort: 8801 internalPort: 8801 # nodePort: 30801 diff --git a/kubernetes/vfc/components/vfc-vnfmgr/Chart.yaml b/kubernetes/vfc/components/vfc-vnfmgr/Chart.yaml index 49191effbf..93fb2edafc 100644 --- a/kubernetes/vfc/components/vfc-vnfmgr/Chart.yaml +++ b/kubernetes/vfc/components/vfc-vnfmgr/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP VFC - VNF Manager name: vfc-vnfmgr -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml index 0ee0b931b2..9fcf9b923d 100644 --- a/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml @@ -79,9 +79,14 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MSB_HOST - value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }} - name: SSL_ENABLED - value: "{{ .Values.global.config.ssl_enabled }}" + value: "true" + {{- else }} + - name: SSL_ENABLED + value: "false" + {{- end }} - name: MYSQL_ADDR value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}' - name: REDIS_HOST diff --git a/kubernetes/vfc/components/vfc-vnfmgr/templates/service.yaml b/kubernetes/vfc/components/vfc-vnfmgr/templates/service.yaml index 97ef463977..9daf4e0e26 100644 --- a/kubernetes/vfc/components/vfc-vnfmgr/templates/service.yaml +++ b/kubernetes/vfc/components/vfc-vnfmgr/templates/service.yaml @@ -43,11 +43,11 @@ spec: - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/vfc/components/vfc-vnfmgr/values.yaml b/kubernetes/vfc/components/vfc-vnfmgr/values.yaml index cc2becc576..528bbe0c01 100644 --- a/kubernetes/vfc/components/vfc-vnfmgr/values.yaml +++ b/kubernetes/vfc/components/vfc-vnfmgr/values.yaml @@ -78,7 +78,7 @@ readiness: service: type: ClusterIP name: vfc-vnfmgr - portName: vfc-vnfmgr + portName: http externalPort: 8803 internalPort: 8803 # nodePort: 30803 diff --git a/kubernetes/vfc/components/vfc-vnfres/Chart.yaml b/kubernetes/vfc/components/vfc-vnfres/Chart.yaml index 383b34a585..b02dfefb62 100644 --- a/kubernetes/vfc/components/vfc-vnfres/Chart.yaml +++ b/kubernetes/vfc/components/vfc-vnfres/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP VFC - VNF Resource Manager name: vfc-vnfres -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml index a0178151d4..5723b0f322 100644 --- a/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml @@ -79,9 +79,14 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MSB_HOST - value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }} - name: SSL_ENABLED - value: "{{ .Values.global.config.ssl_enabled }}" + value: "true" + {{- else }} + - name: SSL_ENABLED + value: "false" + {{- end }} - name: MYSQL_ADDR value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}' - name: REDIS_HOST diff --git a/kubernetes/vfc/components/vfc-vnfres/templates/service.yaml b/kubernetes/vfc/components/vfc-vnfres/templates/service.yaml index c043913b70..4f583f2181 100644 --- a/kubernetes/vfc/components/vfc-vnfres/templates/service.yaml +++ b/kubernetes/vfc/components/vfc-vnfres/templates/service.yaml @@ -43,11 +43,11 @@ spec: - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/vfc/components/vfc-vnfres/values.yaml b/kubernetes/vfc/components/vfc-vnfres/values.yaml index 68d66a6558..c2954d5517 100644 --- a/kubernetes/vfc/components/vfc-vnfres/values.yaml +++ b/kubernetes/vfc/components/vfc-vnfres/values.yaml @@ -41,7 +41,7 @@ secrets: # application image flavor: small -image: onap/vfc/vnfres:1.4.0 +image: onap/vfc/vnfres:1.4.1 pullPolicy: Always #Istio sidecar injection policy @@ -78,7 +78,7 @@ readiness: service: type: ClusterIP name: vfc-vnfres - portName: vfc-vnfres + portName: http externalPort: 8802 internalPort: 8802 # nodePort: 30802 diff --git a/kubernetes/vfc/components/vfc-zte-vnfm-driver/Chart.yaml b/kubernetes/vfc/components/vfc-zte-vnfm-driver/Chart.yaml index f4c5d397ed..5f8a392870 100644 --- a/kubernetes/vfc/components/vfc-zte-vnfm-driver/Chart.yaml +++ b/kubernetes/vfc/components/vfc-zte-vnfm-driver/Chart.yaml @@ -17,12 +17,12 @@ apiVersion: v2 description: ONAP VFC - ZTE VNFM Driver name: vfc-zte-vnfm-driver -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/deployment.yaml b/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/deployment.yaml index 9dcba3bf9b..855532ddf3 100644 --- a/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/deployment.yaml +++ b/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/deployment.yaml @@ -59,9 +59,14 @@ spec: periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: MSB_HOST - value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + value: "{{ .Values.global.config.msbprotocol }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}" + {{- if and (include "common.needTLS" .) (eq .Values.global.config.ssl_enabled true) }} - name: SSL_ENABLED - value: "{{ .Values.global.config.ssl_enabled }}" + value: "true" + {{- else }} + - name: SSL_ENABLED + value: "false" + {{- end }} - name: REG_TO_MSB_WHEN_START value: "{{ .Values.global.config.reg_to_msb_when_start }}" volumeMounts: diff --git a/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/service.yaml b/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/service.yaml index 826b6904f9..8a80a87062 100644 --- a/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/service.yaml +++ b/kubernetes/vfc/components/vfc-zte-vnfm-driver/templates/service.yaml @@ -43,11 +43,11 @@ spec: - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/vfc/components/vfc-zte-vnfm-driver/values.yaml b/kubernetes/vfc/components/vfc-zte-vnfm-driver/values.yaml index c6db92a7a4..258407b6ba 100644 --- a/kubernetes/vfc/components/vfc-zte-vnfm-driver/values.yaml +++ b/kubernetes/vfc/components/vfc-zte-vnfm-driver/values.yaml @@ -60,7 +60,7 @@ readiness: service: type: ClusterIP name: vfc-zte-vnfm-driver - portName: vfc-zte-vnfm-driver + portName: http externalPort: 8410 internalPort: 8410 diff --git a/kubernetes/vfc/values.yaml b/kubernetes/vfc/values.yaml index 01d9eefd67..a0b69e0c94 100644 --- a/kubernetes/vfc/values.yaml +++ b/kubernetes/vfc/values.yaml @@ -15,7 +15,7 @@ global: config: ssl_enabled: false - msbprotocol: https + msbprotocol: http msbServiceName: msb-iag msbPort: 443 redisServiceName: vfc-redis diff --git a/kubernetes/vid/Chart.yaml b/kubernetes/vid/Chart.yaml index aea0849d08..fe6164a46e 100644 --- a/kubernetes/vid/Chart.yaml +++ b/kubernetes/vid/Chart.yaml @@ -17,26 +17,26 @@ apiVersion: v2 description: ONAP Virtual Infrastructure Deployment name: vid -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: mariadb-galera - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: global.mariadbGalera.localCluster - name: mariadb-init - version: ~10.x-0 + version: ~11.x-0 repository: '@local' condition: not global.mariadbGalera.localCluster - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/vnfsdk/Chart.yaml b/kubernetes/vnfsdk/Chart.yaml index 59522b842d..7ef08bd32d 100644 --- a/kubernetes/vnfsdk/Chart.yaml +++ b/kubernetes/vnfsdk/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: ONAP VNF SDK name: vnfsdk -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: postgres - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/requirements.txt b/requirements.txt index f3d82daf4a..554df8559d 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,8 +1,9 @@ -Sphinx +lfdocs-conf +sphinx>=4.2.0 # BSD +sphinx-rtd-theme>=1.0.0 # MIT doc8 docutils six -lfdocs-conf sphinxcontrib-redoc sphinxcontrib-spelling PyEnchant