[SO] move subcharts to components folder
Move subcharts to components folder in order to be able to
enable/disable them one by one.
Also use certInitializer to retrieve truststore in order to be able to
discuss with other ONAP components.
Issue-ID: SO-2046
Change-Id: Ia5c2a590a2ad75e4b69be0748e9d79fda996af37
Signed-off-by: seshukm <seshu.kumar.m@huawei.com>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
diff --git a/kubernetes/so/components/so-bpmn-infra/Chart.yaml b/kubernetes/so/components/so-bpmn-infra/Chart.yaml
new file mode 100755
index 0000000..faba23e
--- /dev/null
+++ b/kubernetes/so/components/so-bpmn-infra/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2018 AT&T USA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for SO Bpmn Infra
+name: so-bpmn-infra
+version: 6.0.0
diff --git a/kubernetes/so/components/so-bpmn-infra/requirements.yaml b/kubernetes/so/components/so-bpmn-infra/requirements.yaml
new file mode 100755
index 0000000..1feea23
--- /dev/null
+++ b/kubernetes/so/components/so-bpmn-infra/requirements.yaml
@@ -0,0 +1,23 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+dependencies:
+ - name: common
+ version: ~6.x-0
+ # local reference to common chart, as it is
+ # a part of this chart's package and will not
+ # be published independently to a repo (at this point)
+ repository: '@local'
+ - name: soHelpers
+ version: ~6.x-0
+ repository: 'file://../soHelpers'
diff --git a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml
new file mode 100755
index 0000000..028b698
--- /dev/null
+++ b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml
@@ -0,0 +1,383 @@
+# Copyright © 2018 AT&T USA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+aai:
+ auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}}
+ dme2:
+ timeout: '30000'
+ endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ workflowAaiDistributionDelay: PT30S
+ pnfEntryNotificationTimeout: P14D
+cds:
+ endpoint: cds-blueprints-processor-grpc
+ port: 9111
+ auth: {{ .Values.cds.auth }}
+ timeout: 600
+camunda:
+ bpm:
+ admin-user:
+ id: admin
+ password: admin
+ history-level: full
+ job-execution:
+ max-pool-size: 30
+ core-pool-size: 3
+entitymanager:
+ packagesToScan: com
+pnf:
+ dmaap:
+ host: message-router
+ port: 3904
+ protocol: http
+ uriPathPrefix: events
+ topicName: unauthenticated.PNF_READY
+ consumerGroup: consumerGroup
+ consumerId: consumerId
+ topicListenerDelayInSeconds: 5
+bpelURL: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081
+msb-ip: msb-iag
+msb-port: 80
+mso:
+ rainyDay:
+ retryDurationMultiplier: 2
+ maxRetries: 5
+ msoKey: {{ .Values.mso.key }}
+ correlation:
+ timeout: 60
+ logPath: logs
+ config:
+ cadi: {{ include "so.cadi.keys" . | nindent 8}}
+ async:
+ core-pool-size: 50
+ max-pool-size: 50
+ queue-capacity: 500
+ adapters:
+ completemsoprocess:
+ endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/CompleteMsoProcess
+ requestDb:
+ endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+ auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.adapters.requestDb.auth )}}
+ db:
+ auth: {{ .Values.mso.adapters.db.auth }}
+ password: {{ .Values.mso.adapters.db.password }}
+ endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/services/RequestsDbAdapter
+ spring:
+ endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+ network:
+ endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/NetworkAdapter
+ rest:
+ endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/rest/v1/networks
+ openecomp:
+ db:
+ endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/services/RequestsDbAdapter
+ po:
+ auth: {{ .Values.mso.adapters.po.auth }}
+ sdnc:
+ endpoint: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/SDNCAdapter
+ rest:
+ endpoint: http://so-sdnc-adapter.{{ include "common.namespace" . }}:8086/adapters/rest/v1/sdnc
+ timeout: PT60M
+ tenant:
+ endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/TenantAdapter
+ vnf:
+ endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/VnfAdapter
+ rest:
+ endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/rest/v1/vnfs
+ volume-groups:
+ rest:
+ endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/rest/v1/volume-groups
+ vnf-async:
+ endpoint: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/services/VnfAsync
+ vfc:
+ rest:
+ endpoint: http://so-vfc-adapter.{{ include "common.namespace" . }}:8084/services/v1/vfcadapter
+ workflow:
+ message:
+ endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
+ nssmf:
+ endpoint: http://so-nssmf-adapter.{{ include "common.namespace" . }}:8088
+ bpmn:
+ process:
+ historyTimeToLive: '30'
+ callbackRetryAttempts: '5'
+ catalog:
+ db:
+ endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082/ecomp/mso/catalog
+ spring:
+ endpoint: http://so-catalog-db-adapter.{{ include "common.namespace" . }}:8082
+ db:
+ auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}}
+ default:
+ adapter:
+ namespace: http://org.onap.mso
+ healthcheck:
+ log:
+ debug: 'false'
+ infra:
+ endpoint:
+ url: http://so.{{ include "common.namespace" . }}:8080/onap/so/infra
+ customer:
+ id: testCustIdInfra
+ po:
+ timeout: PT60M
+ request:
+ db:
+ endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083/
+ rollback: 'true'
+ sdnc:
+ password: {{ .Values.mso.sdnc.password }}
+ service:
+ agnostic:
+ sniro:
+ endpoint: /sniro/api/v2/placement
+ host: http://sniro-emulator:80
+ site-name: CamundaEngine
+ sniro:
+ auth: {{ .Values.mso.sniro.auth }}
+ callback: http://so-openstack-adapter.{{ include "common.namespace" . }}:8087/adapters/rest/SDNCNotify
+ endpoint: {{ .Values.mso.sniro.endpoint }}
+ timeout: PT30M
+ oof:
+ auth: {{ .Values.mso.oof.auth }}
+ callbackEndpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
+ endpoint: https://oof-osdf.{{ include "common.namespace" . }}:8698
+ timeout: PT30M
+ workflow:
+ CreateGenericVNFV1:
+ aai:
+ volume-group:
+ uri: /aai/v6/cloud-infrastructure/volume-groups/volume-group
+ default:
+ aai:
+ version: '14'
+ cloud-region:
+ version: '14'
+ generic-vnf:
+ version: '14'
+ v14:
+ customer:
+ uri: /aai/v14/business/customers/customer
+ generic-query:
+ uri: /aai/v14/search/generic-query
+ generic-vnf:
+ uri: /aai/v14/network/generic-vnfs/generic-vnf
+ l3-network:
+ uri: /aai/v14/network/l3-networks/l3-network
+ network-policy:
+ uri: /aai/v14/network/network-policies/network-policy
+ nodes-query:
+ uri: /aai/v14/search/nodes-query
+ route-table-reference:
+ uri: /aai/v14/network/route-table-references/route-table-reference
+ tenant:
+ uri: /aai/v14/cloud-infrastructure/cloud-regions/cloud-region/CloudOwner/RegionOne/tenants/tenant
+ vce:
+ uri: /aai/v14/network/vces/vce
+ vpn-binding:
+ uri: /aai/v14/network/vpn-bindings/vpn-binding
+ sp-partner:
+ uri: /aai/v14/business/sp-partners/sp-partner
+ device:
+ uri: /aai/v14/network/devices/device
+ v11:
+ customer:
+ uri: /aai/v11/business/customers/customer
+ generic-query:
+ uri: /aai/v11/search/generic-query
+ generic-vnf:
+ uri: /aai/v11/network/generic-vnfs/generic-vnf
+ l3-network:
+ uri: /aai/v11/network/l3-networks/l3-network
+ network-policy:
+ uri: /aai/v11/network/network-policies/network-policy
+ nodes-query:
+ uri: /aai/v11/search/nodes-query
+ route-table-reference:
+ uri: /aai/v11/network/route-table-references/route-table-reference
+ tenant:
+ uri: /aai/v11/cloud-infrastructure/cloud-regions/cloud-region/CloudOwner/RegionOne/tenants/tenant
+ vce:
+ uri: /aai/v11/network/vces/vce
+ vpn-binding:
+ uri: /aai/v11/network/vpn-bindings/vpn-binding
+ v8:
+ configuration:
+ uri: /aai/v11/network/configurations/configuration
+ customer:
+ uri: /aai/v8/business/customers/customer
+ generic-query:
+ uri: /aai/v8/search/generic-query
+ l3-network:
+ uri: /aai/v8/network/l3-networks/l3-network
+ network-policy:
+ uri: /aai/v8/network/network-policies/network-policy
+ nodes-query:
+ uri: /aai/v8/search/nodes-query
+ route-table-reference:
+ uri: /aai/v8/network/route-table-references/route-table-reference
+ tenant:
+ uri: /aai/v8/cloud-infrastructure/cloud-regions/cloud-region/CloudOwner/RegionOne/tenants/tenant
+ vce:
+ uri: /aai/v8/network/vces/vce
+ vpn-binding:
+ uri: /aai/v8/network/vpn-bindings/vpn-binding
+ v9:
+ cloud-region:
+ uri: /aai/v9/cloud-infrastructure/cloud-regions/cloud-region/CloudOwner
+ generic-vnf:
+ uri: /aai/v9/network/generic-vnfs/generic-vnf
+ retry:
+ attempts: '1'
+ deleteCinderVolumeV1:
+ aai:
+ volume-group:
+ uri: /aai/v6/cloud-infrastructure/volume-groups/volume-group
+ global:
+ default:
+ aai:
+ namespace: http://org.onap.aai.inventory/
+ version: 14
+ message:
+ endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
+ notification:
+ name: GenericNotificationServiceATT
+ sdnc:
+ replication:
+ delay: PT60S
+ sdncadapter:
+ callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/SDNCAdapterCallbackService
+ vnfadapter:
+ create:
+ callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
+ delete:
+ callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
+ query:
+ callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
+ rollback:
+ callback: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/vnfAdapterNotify
+ use:
+ qualified:
+ host: false
+ global:
+ dmaap:
+ username: testuser
+ password: alRyMzJ3NUNeakxl
+ host: http://10.42.111.36:904
+ publisher:
+ topic: replaceme
+ naming:
+ endpoint: http://naming.demo.onap.com:8081/web/service/v1/genNetworkElementName
+ auth: Basic bTA0NzY4QG5vbi1wcm9kLm1zby5lY29tcC5hdHQuY29tOkF0dG0wNDc2OExpZmUhQA==
+policy:
+ auth: Basic dGVzdHBkcDphbHBoYTEyMw==
+ default:
+ disposition: Skip
+ client:
+ auth: Basic bTAzNzQzOnBvbGljeVIwY2sk
+ endpoint: http://pdp.{{ include "common.namespace" . }}:8081/pdp/api/
+ environment: TEST
+sdnc:
+ auth: Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ==
+ host: http://{{ .Values.global.sdncOamService }}.{{ include "common.namespace" . }}:{{ .Values.global.sdncOamPort }}
+ path: /restconf/operations/GENERIC-RESOURCE-API
+ si:
+ svc:
+ types: PORT-MIRROR,PPROBE
+ dmaap:
+ host: http://message-router.{{ include "common.namespace" . }}:3904
+ timeout: 30000
+ lcm:
+ path: '/restconf/operations/LCM:'
+ actionTimeout: 300000
+ dmapp:
+ readTopic: SDNC-LCM-WRITE
+ writeTopic: SDNC-LCM-READ
+appc:
+ client:
+ topic:
+ read:
+ name: APPC-LCM-WRITE
+ timeout: 360000
+ write: APPC-LCM-READ
+ sdnc:
+ read: SDNC-LCM-WRITE
+ write: SDNC-LCM-READ
+ response:
+ timeout: 360000
+ key: VIlbtVl6YLhNUrtU
+ secret: 64AG2hF4pYeG2pq7CT6XwUOT
+ service: ueb
+ poolMembers: message-router.{{ include "common.namespace" . }}:3904,message-router.{{ include "common.namespace" . }}:3904
+sniro:
+ conductor:
+ enabled: true
+ host: http://sniro-emulator:80
+ uri: /v1/release-orders
+ headers.auth: Basic dGVzdDp0ZXN0cHdk
+ manager:
+ timeout: PT30M
+ host: http://sniro-emulator:80
+ uri.v1: /sniro/api/v2/placement
+ uri.v2: /sniro/api/placement/v2
+ headers.auth: Basic dGVzdDp0ZXN0cHdk
+ headers.patchVersion: 1
+ headers.minorVersion: 1
+ headers.latestVersion: 2
+server:
+ port: {{ index .Values.containerPort }}
+ tomcat:
+ max-threads: 50
+spring:
+ datasource:
+ hikari:
+ jdbcUrl: jdbc:mariadb://${DB_HOST}:${DB_PORT}/camundabpmn
+ username: ${DB_USERNAME}
+ password: ${DB_PASSWORD}
+ driver-class-name: org.mariadb.jdbc.Driver
+ pool-name: bpmn-pool
+ registerMbeans: true
+ security:
+ usercredentials:
+ -
+ username: apihBpmn
+ password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
+ role: BPMN-Client
+ -
+ username: sdncaBpmn
+ password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
+ role: BPMN-Client
+ -
+ username: poBpmn
+ password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
+ role: BPMN-Client
+ -
+ username: wmaBpmn
+ password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
+ role: BPMN-Client
+ -
+ username: sniro
+ password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
+ role: SNIRO-Client
+ -
+ username: mso_admin
+ password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
+ role: ACTUATOR
+so:
+ vnfm:
+ adapter:
+ url: https://so-vnfm-adapter.{{ include "common.namespace" . }}:9092/so/vnfm-adapter/v1/
+ auth: {{ .Values.so.vnfm.adapter.auth }}
+org:
+ onap:
+ so:
+ cloud-owner: CloudOwner
diff --git a/kubernetes/so/components/so-bpmn-infra/templates/configmap.yaml b/kubernetes/so/components/so-bpmn-infra/templates/configmap.yaml
new file mode 100755
index 0000000..7479416
--- /dev/null
+++ b/kubernetes/so/components/so-bpmn-infra/templates/configmap.yaml
@@ -0,0 +1,49 @@
+# Copyright © 2018 AT&T USA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+data:
+ LOG_PATH: {{ index .Values.logPath }}
+ APP: {{ index .Values.app }}
+ ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}}
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-app-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }}
+
diff --git a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml
new file mode 100755
index 0000000..de76901
--- /dev/null
+++ b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml
@@ -0,0 +1,140 @@
+# Copyright © 2018 AT&T USA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ replicas: {{ index .Values.replicaCount }}
+ minReadySeconds: {{ index .Values.minReadySeconds }}
+ strategy:
+ type: {{ index .Values.updateStrategy.type }}
+ rollingUpdate:
+ maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
+ maxSurge: {{ index .Values.updateStrategy.maxSurge }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
+ spec:
+ initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }}
+ - command:
+ - /app/ready.py
+ args:
+ - --job-name
+ - {{ include "common.release" . }}-so-mariadb-config-job
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ containers:
+ - name: {{ include "common.name" . }}
+ image: {{ include "common.repository" . }}/{{ .Values.image }}
+ resources: {{ include "common.resources" . | nindent 12 }}
+ {{- if .Values.global.aafEnabled }}
+ command:
+ - sh
+ args:
+ - -c
+ - |
+ export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
+ {{- if .Values.global.security.aaf.enabled }}
+ export KEYSTORE_PASSWORD="${cadi_keystore_password}"
+ {{- end }}
+ /app/start-app.sh
+ {{- end }}
+ env:
+ - name: DB_HOST
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.release" . }}-so-db-secrets
+ key: mariadb.readwrite.host
+ - name: DB_PORT
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.release" . }}-so-db-secrets
+ key: mariadb.readwrite.port
+ - name: DB_USERNAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
+ - name: DB_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 10 }}
+ - name: DB_ADMIN_USERNAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }}
+ - name: DB_ADMIN_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }}
+ {{ include "so.certificates.env" . | indent 8 | trim }}
+ envFrom:
+ - configMapRef:
+ name: {{ include "common.fullname" . }}-configmap
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }}
+ - name: logs
+ mountPath: /app/logs
+ - name: config
+ mountPath: /app/config
+ readOnly: true
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /var/log/onap
+{{ include "so.helpers.livenessProbe" .| indent 8 }}
+ ports:
+ - containerPort: {{ index .Values.containerPort }}
+ name: {{ .Values.service.portName }}
+ protocol: TCP
+ # Filebeat sidecar container
+ - name: {{ include "common.name" . }}-filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ mountPath: /usr/share/filebeat/data
+ - name: logs
+ mountPath: /var/log/onap/so
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /var/log/onap
+ volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
+ - name: logs
+ emptyDir: {}
+ - name: config
+ configMap:
+ name: {{ include "common.fullname" . }}-app-configmap
+ - name: {{ include "common.fullname" . }}-log-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-log
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ configMap:
+ name: {{ .Release.Name }}-so-filebeat-configmap
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/so/components/so-bpmn-infra/templates/secret.yaml b/kubernetes/so/components/so-bpmn-infra/templates/secret.yaml
new file mode 100644
index 0000000..bd7eb8e
--- /dev/null
+++ b/kubernetes/so/components/so-bpmn-infra/templates/secret.yaml
@@ -0,0 +1,15 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/so/components/so-bpmn-infra/templates/service.yaml b/kubernetes/so/components/so-bpmn-infra/templates/service.yaml
new file mode 100755
index 0000000..6711c3b
--- /dev/null
+++ b/kubernetes/so/components/so-bpmn-infra/templates/service.yaml
@@ -0,0 +1,38 @@
+# Copyright © 2018 AT&T USA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
diff --git a/kubernetes/so/components/so-bpmn-infra/values.yaml b/kubernetes/so/components/so-bpmn-infra/values.yaml
new file mode 100755
index 0000000..b6f315a
--- /dev/null
+++ b/kubernetes/so/components/so-bpmn-infra/values.yaml
@@ -0,0 +1,164 @@
+# Copyright © 2018 AT&T USA
+# Copyright © 2020 Huawei
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ nodePortPrefixExt: 304
+ repository: nexus3.onap.org:10001
+ readinessImage: onap/oom/readiness:3.0.1
+ aafAgentImage: onap/aaf/aaf_agent:2.1.20
+ envsubstImage: dibi/envsubst
+ persistence:
+ mountPath: /dockerdata-nfs
+ #This configuration specifies Service and port for SDNC OAM interface
+ sdncOamService: sdnc-oam
+ sdncOamPort: 8282
+ security:
+ aaf:
+ enabled: false
+ aaf:
+ auth:
+ encrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456
+
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: db-user-creds
+ name: '{{ include "common.release" . }}-so-bpmn-infra-db-user-creds'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}'
+ login: '{{ .Values.db.userName }}'
+ password: '{{ .Values.db.userPassword }}'
+ passwordPolicy: required
+ - uid: db-admin-creds
+ name: '{{ include "common.release" . }}-so-bpmn-infra-db-admin-creds'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}'
+ login: '{{ .Values.db.adminName }}'
+ password: '{{ .Values.db.adminPassword }}'
+ passwordPolicy: required
+
+#secretsFilePaths: |
+# - 'my file 1'
+# - '{{ include "templateThatGeneratesFileName" . }}'
+
+
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+repository: nexus3.onap.org:10001
+image: onap/so/bpmn-infra:1.6.4
+pullPolicy: Always
+
+db:
+ userName: so_user
+ userPassword: so_User123
+ # userCredsExternalSecret: some secret
+ adminName: so_admin
+ adminPassword: so_Admin123
+ # adminCredsExternalSecret: some secret
+
+aai:
+ auth: 221187EFA3AD4E33600DE0488F287099934CE65C3D0697BCECC00BB58E784E07CD74A24581DC31DBC086FF63DF116378776E9BE3D1325885
+
+cds:
+ auth: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
+
+mso:
+ key: 07a7159d3bf51a0e53be7a8f89699be7
+ adapters:
+ requestDb:
+ auth: Basic YnBlbDpwYXNzd29yZDEk
+ db:
+ auth: A3745B5DBE165EFCF101D85A6FC81C211AB8BF604F8861B6C413D5DC90F8F30E0139DE44B8A342F4EF70AF
+ password: wLg4sjrAFUS8rfVfdvTXeQ==
+ po:
+ auth: A3745B5DBE165EFCF101D85A6FC81C211AB8BF604F8861B6C413D5DC90F8F30E0139DE44B8A342F4EF70AF
+ sdnc:
+ password: 1D78CFC35382B6938A989066A7A7EAEF4FE933D2919BABA99EB4763737F39876C333EE5F
+ sniro:
+ auth: test:testpwd
+ oof:
+ auth: test:testpwd
+so:
+ vnfm:
+ adapter:
+ auth: Basic dm5mbTpwYXNzd29yZDEk
+sniro:
+ endpoint: http://replaceme:28090/optimizationInstance/V1/create
+
+replicaCount: 1
+minReadySeconds: 10
+containerPort: &containerPort 8081
+logPath: ./logs/bpmn/
+app: so-bpmn-infra
+service:
+ type: ClusterIP
+ internalPort: *containerPort
+ externalPort: 8081
+ portName: so-bpmn-port
+updateStrategy:
+ type: RollingUpdate
+ maxUnavailable: 1
+ maxSurge: 1
+
+#################################################################
+# soHelper part
+#################################################################
+soHelpers:
+ nameOverride: so-bpmn-cert-init
+ certInitializer:
+ nameOverride: so-bpmn-cert-init
+ credsPath: /opt/app/osaaf/local
+ cadi:
+ apiEnforcement: org.onap.so.bpmnPerm
+ containerPort: *containerPort
+
+
+# Resource Limit flavor -By Default using small
+flavor: large
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ memory: 4Gi
+ cpu: 2000m
+ requests:
+ memory: 1Gi
+ cpu: 500m
+ large:
+ limits:
+ memory: 8Gi
+ cpu: 4000m
+ requests:
+ memory: 2Gi
+ cpu: 1000m
+ unlimited: {}
+livenessProbe:
+ path: /manage/health
+ scheme: HTTP
+ initialDelaySeconds: 600
+ periodSeconds: 60
+ timeoutSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
+ingress:
+ enabled: false
+nodeSelector: {}
+tolerations: []
+affinity: {}