Merge "[HV-VES-STRIMZI] Migrate hv-ves to use strimzi kafka"
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
index fbaaedf..9781e33 100644
--- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
@@ -58,7 +58,7 @@
{{- range $envName, $envValue := .Values.applicationEnv }}
{{- if kindIs "string" $envValue }}
- name: {{ $envName }}
- value: {{ $envValue | quote }}
+ value: {{ tpl $envValue $global | quote }}
{{- else }}
{{ if or (not $envValue.secretUid) (not $envValue.key) }}
{{ fail (printf "Env %s definition is not a string and does not contain secretUid or key fields" $envName) }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml
new file mode 100644
index 0000000..ff977aa
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-kafka-user.yaml
@@ -0,0 +1,47 @@
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaUser
+metadata:
+ name: {{ include "common.release" . }}-{{ .Values.hvVesKafkaUser }}
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ authentication:
+ type: scram-sha-512
+ authorization:
+ type: simple
+ acls:
+ - resource:
+ type: topic
+ name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-fault-supervision" "kafka_info" "topic_name" }}
+ operation: Write
+ - resource:
+ type: topic
+ name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-provisioning" "kafka_info" "topic_name" }}
+ operation: Write
+ - resource:
+ type: topic
+ name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-heartbeat" "kafka_info" "topic_name" }}
+ operation: Write
+ - resource:
+ type: topic
+ name: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-performance-assurance" "kafka_info" "topic_name" }}
+ operation: Write
+ - resource:
+ type: topic
+ name: {{ .Values.applicationConfig.streams_publishes.perf3gpp.kafka_info.topic_name }}
+ operation: Write
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml
new file mode 100644
index 0000000..e407758
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/hv-ves-topics.yaml
@@ -0,0 +1,79 @@
+{{/*
+# Copyright © 2022 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: ves-3gpp-fault-supervision
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-fault-supervision" "kafka_info" "topic_name" }}
+ partitions: 10
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: ves-3gpp-provisioning
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-provisioning" "kafka_info" "topic_name" }}
+ partitions: 10
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: ves-3gpp-heartbeat
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-heartbeat" "kafka_info" "topic_name" }}
+ partitions: 10
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: ves-3gpp-performance-assurance
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ topicName: {{ index .Values "applicationConfig" "streams_publishes" "ves-3gpp-performance-assurance" "kafka_info" "topic_name" }}
+ partitions: 10
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
+---
+apiVersion: kafka.strimzi.io/v1beta2
+kind: KafkaTopic
+metadata:
+ name: perf3gpp
+ labels:
+ strimzi.io/cluster: {{ include "common.release" . }}-strimzi
+spec:
+ topicName: {{ .Values.applicationConfig.streams_publishes.perf3gpp.kafka_info.topic_name }}
+ partitions: 10
+ config:
+ retention.ms: 7200000
+ segment.bytes: 1073741824
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
index 5a62836..67add37 100644
--- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
@@ -2,6 +2,7 @@
# ================================================================================
# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved.
# Copyright (c) 2021-2022 Nokia. All rights reserved.
+# Copyright © 2022 Nordix Foundation
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -61,11 +62,15 @@
tlsServer: true
secrets:
- - uid: &aafCredsUID aafcreds
- type: basicAuth
- login: '{{ .Values.aafCreds.user }}'
- password: '{{ .Values.aafCreds.password }}'
- passwordPolicy: required
+ - uid: hv-ves-kafka-secret
+ externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+ type: genericKV
+ envs:
+ - name: sasl.jaas.config
+ value: '{{ .Values.config.someConfig }}'
+ policy: generate
+config:
+ someConfig: blah
# CMPv2 certificate
# It is used only when:
@@ -113,17 +118,8 @@
port_protocol: http
nodePort: 22
-aafCreds:
- user: admin
- password: admin_secret
-
-credentials:
-- name: AAF_USER
- uid: *aafCredsUID
- key: login
-- name: AAF_PASSWORD
- uid: *aafCredsUID
- key: password
+#strimzi kafka config
+hvVesKafkaUser: dcae-hv-ves-kafka-user
# initial application configuration
applicationConfig:
@@ -139,48 +135,38 @@
streams_publishes:
ves-3gpp-fault-supervision:
type: kafka
- aaf_credentials:
- username: ${AAF_USER}
- password: ${AAF_PASSWORD}
kafka_info:
- bootstrap_servers: message-router-kafka:9092
+ bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS}
topic_name: SEC_3GPP_FAULTSUPERVISION_OUTPUT
ves-3gpp-provisioning:
type: kafka
- aaf_credentials:
- username: ${AAF_USER}
- password: ${AAF_PASSWORD}
kafka_info:
- bootstrap_servers: message-router-kafka:9092
+ bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS}
topic_name: SEC_3GPP_PROVISIONING_OUTPUT
ves-3gpp-heartbeat:
type: kafka
- aaf_credentials:
- username: ${AAF_USER}
- password: ${AAF_PASSWORD}
kafka_info:
- bootstrap_servers: message-router-kafka:9092
+ bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS}
topic_name: SEC_3GPP_HEARTBEAT_OUTPUT
ves-3gpp-performance-assurance:
type: kafka
- aaf_credentials:
- username: ${AAF_USER}
- password: ${AAF_PASSWORD}
kafka_info:
- bootstrap_servers: message-router-kafka:9092
+ bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS}
topic_name: SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT
perf3gpp:
type: kafka
- aaf_credentials:
- username: ${AAF_USER}
- password: ${AAF_PASSWORD}
kafka_info:
- bootstrap_servers: message-router-kafka:9092
+ bootstrap_servers: ${KAFKA_BOOTSTRAP_SERVERS}
topic_name: HV_VES_PERF3GPP
applicationEnv:
JAVA_OPTS: '-Dlogback.configurationFile=/etc/ONAP/dcae-hv-ves-collector/logback.xml'
CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml'
+ KAFKA_BOOTSTRAP_SERVERS: '{{ include "common.release" . }}-strimzi-kafka-bootstrap:9092'
+ USE_SCRAM: 'true'
+ JAAS_CONFIG:
+ secretUid: hv-ves-kafka-secret
+ key: sasl.jaas.config
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/dcaegen2-services/values.yaml b/kubernetes/dcaegen2-services/values.yaml
index a7e24d1..1652f04 100644
--- a/kubernetes/dcaegen2-services/values.yaml
+++ b/kubernetes/dcaegen2-services/values.yaml
@@ -16,6 +16,7 @@
global:
centralizedLoggingEnabled: true
+ hvVesKafkaUser: dcae-hv-ves-kafka-user
#################################################################
# Filebeat Configuration Defaults.
@@ -46,6 +47,8 @@
dcae-hv-ves-collector:
enabled: true
logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
+ config:
+ jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.hvVesKafkaUser }}'
dcae-kpi-ms:
enabled: false
logConfigMapNamePrefix: '{{ include "common.release" . }}-dcaegen2-services'
diff --git a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
index 700b17a..3c5f9ce 100644
--- a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
+++ b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
@@ -188,6 +188,9 @@
GLOBAL_DMAAP_KAFKA_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "message-router-kafka" "port" 9092) }}'
GLOBAL_DMAAP_KAFKA_JAAS_USERNAME = '{{ .Values.kafkaJaasUsername }}'
GLOBAL_DMAAP_KAFKA_JAAS_PASSWORD = '{{ .Values.kafkaJaasPassword }}'
+# strimzi kafka
+GLOBAL_KAFKA_BOOTSTRAP_SERVICE = '{{ include "common.release" . }}-strimzi-kafka-bootstrap:9092'
+GLOBAL_KAFKA_USER = '{{ .Values.strimziKafkaJaasUsername }}'
# DROOL server port and credentials
GLOBAL_DROOLS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "policy-drools-pdp" "port" 9696) }}'
GLOBAL_DROOLS_USERNAME = '{{ .Values.droolsUsername }}'
diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml
index d8beeed..0b1aa0e 100644
--- a/kubernetes/robot/values.yaml
+++ b/kubernetes/robot/values.yaml
@@ -364,10 +364,14 @@
# DMAAP BC
bcUsername: "dmaap-bc@dmaap-bc.onap.org"
bcPassword: "demo123456!"
+
# DMAAP KAFKA JAAS
kafkaJaasUsername: "admin"
kafkaJaasPassword: "admin_secret"
+# STRIMZI KAFKA JAAS
+strimziKafkaJaasUsername: "strimzi-kafka-admin"
+
#OOF
oofUsername: "oof@oof.onap.org"
oofPassword: "demo123456!"