[SO] Service mesh compatibility
Patch on SO charts dedicated to allign the service port names
according to Istio naming schema.
Change the mariadb job to wait for the sidecar and kill it afterwards.
Remove CertInitializer TLS job, if AAF is not enabled
Added all missing changed from https://gerrit.onap.org/r/c/oom/+/124231
Issue-ID: OOM-2824
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I5b333ab19673ad248fd2e3bd138a99fe15025f5e
diff --git a/kubernetes/so/Chart.yaml b/kubernetes/so/Chart.yaml
index d746647..0c47c3b 100755
--- a/kubernetes/so/Chart.yaml
+++ b/kubernetes/so/Chart.yaml
@@ -28,6 +28,7 @@
- name: certInitializer
version: ~10.x-0
repository: '@local'
+ condition: global.aafEnabled
- name: readinessCheck
version: ~10.x-0
repository: '@local'
diff --git a/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml b/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml
index 4b46721..808c439 100644
--- a/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml
+++ b/kubernetes/so/components/so-admin-cockpit/templates/deployment.yaml
@@ -116,7 +116,7 @@
ports:
- containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-admin-cockpit/templates/service.yaml b/kubernetes/so/components/so-admin-cockpit/templates/service.yaml
index c443978..b23e5ab 100644
--- a/kubernetes/so/components/so-admin-cockpit/templates/service.yaml
+++ b/kubernetes/so/components/so-admin-cockpit/templates/service.yaml
@@ -39,14 +39,12 @@
{{if and (eq .Values.service.type "NodePort") (.Values.global.aafEnabled) -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
-
-
diff --git a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml
index 360936d..9feab4d 100755
--- a/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/resources/config/overrides/override.yaml
@@ -17,7 +17,11 @@
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}}
dme2:
timeout: '30000'
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
workflowAaiDistributionDelay: PT30S
pnfEntryNotificationTimeout: P14D
cds:
@@ -158,7 +162,11 @@
oof:
auth: {{ .Values.mso.oof.auth }}
callbackEndpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
+ {{ if (include "common.needTLS" .) }}
endpoint: https://oof-osdf.{{ include "common.namespace" . }}:8698
+ {{ else }}
+ endpoint: http://oof-osdf.{{ include "common.namespace" . }}:8698
+ {{ end }}
timeout: PT30M
workflow:
CreateGenericVNFV1:
diff --git a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml
index 57a2b2c..2b8b827 100755
--- a/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/templates/deployment.yaml
@@ -87,7 +87,7 @@
{{ include "so.helpers.livenessProbe" .| indent 8 }}
ports:
- containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
# Filebeat sidecar container
{{ include "common.log.sidecar" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-bpmn-infra/templates/service.yaml b/kubernetes/so/components/so-bpmn-infra/templates/service.yaml
index 6eb6f27..5b8dee0 100755
--- a/kubernetes/so/components/so-bpmn-infra/templates/service.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/templates/service.yaml
@@ -29,11 +29,11 @@
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/so/components/so-bpmn-infra/values.yaml b/kubernetes/so/components/so-bpmn-infra/values.yaml
index d5ff829..af185ae 100755
--- a/kubernetes/so/components/so-bpmn-infra/values.yaml
+++ b/kubernetes/so/components/so-bpmn-infra/values.yaml
@@ -123,7 +123,7 @@
type: ClusterIP
internalPort: *containerPort
externalPort: 8081
- portName: so-bpmn-port
+ portName: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml
index 30e5551..fa9d3a6 100755
--- a/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-catalog-db-adapter/templates/deployment.yaml
@@ -85,7 +85,7 @@
{{ include "so.helpers.livenessProbe" .| indent 8 }}
ports:
- containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml b/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml
index 6eb6f27..5b8dee0 100755
--- a/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-catalog-db-adapter/templates/service.yaml
@@ -29,11 +29,11 @@
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/so/components/so-catalog-db-adapter/values.yaml b/kubernetes/so/components/so-catalog-db-adapter/values.yaml
index a5961ee..b436094 100755
--- a/kubernetes/so/components/so-catalog-db-adapter/values.yaml
+++ b/kubernetes/so/components/so-catalog-db-adapter/values.yaml
@@ -87,7 +87,7 @@
type: ClusterIP
internalPort: *containerPort
externalPort: *containerPort
- portName: so-catdb-port
+ portName: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
diff --git a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml
index c99465b..0c2f679 100755
--- a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml
@@ -16,7 +16,11 @@
aai:
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.server.aai.auth ) }}
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
enabled: {{ .Values.global.aai.enabled }}
logging:
path: logs
@@ -50,4 +54,3 @@
prometheus:
enabled: true # Whether exporting of metrics to Prometheus is enabled.
step: 1m # Step size (i.e. reporting frequency) to use.
-
diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml
index 5fc28e2..7c1cb1b 100644
--- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/resources/config/overrides/override.yaml
@@ -17,7 +17,11 @@
aai:
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}}
version: v19
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
spring:
datasource:
hikari:
@@ -54,7 +58,11 @@
etsi-catalog-manager:
base:
{{- if .Values.global.msbEnabled }}
+ {{ if (include "common.needTLS" .) }}
endpoint: https://msb-iag:443/api
+ {{ else }}
+ endpoint: http://msb-iag:443/api
+ {{ end }}
http:
client:
ssl:
diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml
index e6a1d7c..33b38ad 100755
--- a/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-etsi-sol003-adapter/resources/config/overrides/override.yaml
@@ -16,7 +16,11 @@
aai:
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}}
version: v15
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
spring:
security:
usercredentials:
@@ -42,7 +46,11 @@
username: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.username "value2" .Values.sdc.username )}}
password: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.password "value2" .Values.sdc.password )}}
key: {{ .Values.sdc.key }}
+ {{ if (include "common.needTLS" .) }}
endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://sdc-be.{{ include "common.namespace" . }}:8080
+ {{ end }}
vnfmadapter:
endpoint: http://so-etsi-sol003-adapter.{{ include "common.namespace" . }}:9092
etsi-catalog-manager:
diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml
index 3272bfd..7751bf4 100755
--- a/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-etsi-sol003-adapter/templates/deployment.yaml
@@ -76,7 +76,7 @@
failureThreshold: {{ .Values.livenessProbe.failureThreshold}}
ports:
- containerPort: {{ .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml b/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml
index 5772a89..96a2acd 100755
--- a/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-etsi-sol003-adapter/templates/service.yaml
@@ -40,11 +40,11 @@
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml
index dd46da0..e1e2fc2 100755
--- a/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-etsi-sol005-adapter/resources/config/overrides/override.yaml
@@ -45,7 +45,11 @@
msb-port: 80
adapters:
requestDb:
+ {{ if (include "common.needTLS" .) }}
endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+ {{ else }}
+ endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+ {{ end }}
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}}
#Actuator
management:
diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml
index 4f8f4d9..1abf218 100755
--- a/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-etsi-sol005-adapter/templates/deployment.yaml
@@ -94,7 +94,7 @@
failureThreshold: {{ .Values.livenessProbe.failureThreshold}}
ports:
- containerPort: {{ .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml b/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml
index 2ecc66f..5b8dee0 100755
--- a/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-etsi-sol005-adapter/templates/service.yaml
@@ -29,12 +29,12 @@
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
\ No newline at end of file
+ release: {{ include "common.release" . }}
diff --git a/kubernetes/so/components/so-mariadb/templates/job.yaml b/kubernetes/so/components/so-mariadb/templates/job.yaml
index 2a84fac..d9c6009 100644
--- a/kubernetes/so/components/so-mariadb/templates/job.yaml
+++ b/kubernetes/so/components/so-mariadb/templates/job.yaml
@@ -53,13 +53,17 @@
command:
- /bin/bash
- -c
- - mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb nfvo > /var/data/mariadb/backup-`date +%s`.sql
+ - |
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
+ mysqldump -vv --user=${DB_USER} --password=${DB_PASS} --host=${DB_HOST} --port=${DB_PORT} --databases --single-transaction --quick --lock-tables=false catalogdb requestdb nfvo > /var/data/mariadb/backup-`date +%s`.sql
volumeMounts:
- mountPath: /etc/localtime
name: localtime
readOnly: true
- name: backup-storage
mountPath: /var/data/mariadb
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: localtime
@@ -105,6 +109,8 @@
- /bin/bash
- -c
- >
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
mysql() { /usr/bin/mysql -h ${DB_HOST} -P ${DB_PORT} "$@"; };
export -f mysql;
mysql --user=root --password=${MYSQL_ROOT_PASSWORD} requestdb -e exit > /dev/null 2>&1 {{ if not .Values.global.migration.enabled }} && echo "Database already initialized!!!" && exit 0 {{ end }};
@@ -157,6 +163,7 @@
{{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
diff --git a/kubernetes/so/components/so-mariadb/values.yaml b/kubernetes/so/components/so-mariadb/values.yaml
index 58e34b7..13dd086 100755
--- a/kubernetes/so/components/so-mariadb/values.yaml
+++ b/kubernetes/so/components/so-mariadb/values.yaml
@@ -21,7 +21,7 @@
nodePortPrefix: 302
nodePortPrefixExt: 304
repository: nexus3.onap.org:10001
- readinessImage: onap/oom/readiness:3.0.1
+ readinessImage: onap/oom/readiness:4.1.0
ubuntuInitRepository: docker.io
mariadbGalera:
nameOverride: &mariadbName mariadb-galera
@@ -187,3 +187,7 @@
nameOverride: so-mariadb
roles:
- read
+
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}-config'
diff --git a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml
index 75db547..1d8a97c 100755
--- a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml
@@ -15,7 +15,11 @@
*/}}
aai:
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}}
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
logging:
path: logs
spring:
@@ -51,7 +55,11 @@
msb-port: 80
adapters:
requestDb:
+ {{ if (include "common.needTLS" .) }}
endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+ {{ else }}
+ endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+ {{ end }}
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}}
#Actuator
management:
diff --git a/kubernetes/so/components/so-nssmf-adapter/values.yaml b/kubernetes/so/components/so-nssmf-adapter/values.yaml
index 2489ddd..29f9f4e 100755
--- a/kubernetes/so/components/so-nssmf-adapter/values.yaml
+++ b/kubernetes/so/components/so-nssmf-adapter/values.yaml
@@ -107,7 +107,7 @@
service:
type: ClusterIP
ports:
- - name: api
+ - name: http
port: *containerPort
updateStrategy:
type: RollingUpdate
diff --git a/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml
index 5013c34..8db5d26 100755
--- a/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-oof-adapter/resources/config/overrides/override.yaml
@@ -42,7 +42,11 @@
endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/mso/WorkflowMessage
oof:
auth: ${OOF_LOGIN}:${OOF_PASSWORD}
+ {{ if (include "common.needTLS" .) }}
endpoint: https://oof-osdf.{{ include "common.namespace" . }}:8698
+ {{ else }}
+ endpoint: http://oof-osdf.{{ include "common.namespace" . }}:8698
+ {{ end }}
#Actuator
management:
endpoints:
diff --git a/kubernetes/so/components/so-oof-adapter/values.yaml b/kubernetes/so/components/so-oof-adapter/values.yaml
index 863e0e9..530c35a 100755
--- a/kubernetes/so/components/so-oof-adapter/values.yaml
+++ b/kubernetes/so/components/so-oof-adapter/values.yaml
@@ -89,7 +89,7 @@
service:
type: ClusterIP
ports:
- - name: api
+ - name: http
port: *containerPort
updateStrategy:
type: RollingUpdate
diff --git a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml
index e332f98..487e931 100755
--- a/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/resources/config/overrides/override.yaml
@@ -15,7 +15,11 @@
*/}}
aai:
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.aai.auth )}}
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
server:
port: {{ index .Values.containerPort }}
spring:
diff --git a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml
index f370fbd..55493f7 100755
--- a/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/templates/deployment.yaml
@@ -87,7 +87,7 @@
{{ include "so.helpers.livenessProbe" .| indent 8 }}
ports:
- containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
# Filebeat sidecar container
{{ include "common.log.sidecar" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-openstack-adapter/templates/service.yaml b/kubernetes/so/components/so-openstack-adapter/templates/service.yaml
index 6eb6f27..5b8dee0 100755
--- a/kubernetes/so/components/so-openstack-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/templates/service.yaml
@@ -29,11 +29,11 @@
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/so/components/so-openstack-adapter/values.yaml b/kubernetes/so/components/so-openstack-adapter/values.yaml
index 057f8a0..28338cf 100755
--- a/kubernetes/so/components/so-openstack-adapter/values.yaml
+++ b/kubernetes/so/components/so-openstack-adapter/values.yaml
@@ -95,7 +95,7 @@
type: ClusterIP
internalPort: *containerPort
externalPort: *containerPort
- portName: so-optack-port
+ portName: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
diff --git a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml
index 30e5551..fa9d3a6 100755
--- a/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-request-db-adapter/templates/deployment.yaml
@@ -85,7 +85,7 @@
{{ include "so.helpers.livenessProbe" .| indent 8 }}
ports:
- containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-request-db-adapter/templates/service.yaml b/kubernetes/so/components/so-request-db-adapter/templates/service.yaml
index 6eb6f27..5b8dee0 100755
--- a/kubernetes/so/components/so-request-db-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-request-db-adapter/templates/service.yaml
@@ -29,11 +29,11 @@
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/so/components/so-request-db-adapter/values.yaml b/kubernetes/so/components/so-request-db-adapter/values.yaml
index e932a0b..6bcd388 100755
--- a/kubernetes/so/components/so-request-db-adapter/values.yaml
+++ b/kubernetes/so/components/so-request-db-adapter/values.yaml
@@ -83,7 +83,7 @@
type: ClusterIP
internalPort: *containerPort
externalPort: *containerPort
- portName: so-reqdb-port
+ portName: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
diff --git a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml
index b20e33a..ffa66e9 100755
--- a/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-sdc-controller/resources/config/overrides/override.yaml
@@ -63,19 +63,28 @@
endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.requestDb.auth )}}
aai:
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
asdc-connections:
asdc-controller1:
user: mso
consumerGroup: SO-OpenSource-Env11
consumerId: SO-COpenSource-Env11
environmentName: AUTO
+ {{ if (include "common.needTLS" .) }}
asdcAddress: sdc-be.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ asdcAddress: sdc-be.{{ include "common.namespace" . }}:8080
+ {{ end }}
password: {{ index .Values "mso" "asdc-connections" "asdc-controller1" "password" }}
pollingInterval: 60
pollingTimeout: 60
relevantArtifactTypes: HEAT,HEAT_ENV,HEAT_VOL
useHttpsWithDmaap: false
+ useHttpsWithSdc: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
activateServerTLSAuth: false
keyStorePassword:
keyStorePath:
diff --git a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml
index f370fbd..55493f7 100755
--- a/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml
+++ b/kubernetes/so/components/so-sdc-controller/templates/deployment.yaml
@@ -87,7 +87,7 @@
{{ include "so.helpers.livenessProbe" .| indent 8 }}
ports:
- containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
# Filebeat sidecar container
{{ include "common.log.sidecar" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-sdc-controller/templates/service.yaml b/kubernetes/so/components/so-sdc-controller/templates/service.yaml
index 6eb6f27..5b8dee0 100755
--- a/kubernetes/so/components/so-sdc-controller/templates/service.yaml
+++ b/kubernetes/so/components/so-sdc-controller/templates/service.yaml
@@ -29,11 +29,11 @@
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml
index 58e93f5..c0e3f50 100755
--- a/kubernetes/so/components/so-sdc-controller/values.yaml
+++ b/kubernetes/so/components/so-sdc-controller/values.yaml
@@ -91,7 +91,7 @@
type: ClusterIP
internalPort: *containerPort
externalPort: *containerPort
- portName: so-sdc-port
+ portName: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
diff --git a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml
index 01e0ab7..b95e0b5 100755
--- a/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-sdnc-adapter/templates/deployment.yaml
@@ -91,7 +91,7 @@
{{ include "so.helpers.livenessProbe" .| indent 8 }}
ports:
- containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
# Filebeat sidecar container
{{ include "common.log.sidecar" . | nindent 6 }}
diff --git a/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml b/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml
index 6eb6f27..5b8dee0 100755
--- a/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml
+++ b/kubernetes/so/components/so-sdnc-adapter/templates/service.yaml
@@ -29,11 +29,11 @@
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/so/components/so-sdnc-adapter/values.yaml b/kubernetes/so/components/so-sdnc-adapter/values.yaml
index cb9d02a..54fa88c 100755
--- a/kubernetes/so/components/so-sdnc-adapter/values.yaml
+++ b/kubernetes/so/components/so-sdnc-adapter/values.yaml
@@ -110,7 +110,7 @@
type: ClusterIP
internalPort: *containerPort
externalPort: *containerPort
- portName: so-sdnc-port
+ portName: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
diff --git a/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml
index f46219c..8471540 100755
--- a/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-ve-vnfm-adapter/resources/config/overrides/override.yaml
@@ -18,10 +18,18 @@
port: {{ include "common.getPort" (dict "global" . "name" "http") }}
vevnfmadapter:
+ {{ if (include "common.needTLS" .) }}
endpoint: https://msb-iag:30283/api/{{ include "common.servicename" . }}/v1
+ {{ else }}
+ endpoint: http://msb-iag:30283/api/{{ include "common.servicename" . }}/v1
+ {{ end }}
aai:
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
dmaap:
endpoint: http://message-router.{{ include "common.namespace" . }}:3904
diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml
index efb3fab..6933607 100755
--- a/kubernetes/so/resources/config/overrides/override.yaml
+++ b/kubernetes/so/resources/config/overrides/override.yaml
@@ -1,5 +1,9 @@
aai:
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}}
server:
port: {{ index .Values.containerPort }}
@@ -45,13 +49,21 @@
activate:
instanceid: test
userid: cs0008
- endpoint: http://sdc-be.{{ include "common.namespace" . }}:8443
+ {{ if (include "common.needTLS" .) }}
+ endpoint: https://sdc-be.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://sdc-be.{{ include "common.namespace" . }}:8080
+ {{ end }}
tenant:
isolation:
retry:
count: 3
aai:
+ {{ if (include "common.needTLS" .) }}
endpoint: https://aai.{{ include "common.namespace" . }}:8443
+ {{ else }}
+ endpoint: http://aai.{{ include "common.namespace" . }}:8080
+ {{ end }}
auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}}
extApi:
diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml
index 47701d8..99a5eff 100755
--- a/kubernetes/so/templates/deployment.yaml
+++ b/kubernetes/so/templates/deployment.yaml
@@ -87,7 +87,7 @@
{{ include "so.helpers.livenessProbe" .| indent 8 }}
ports:
- containerPort: {{ index .Values.containerPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
protocol: TCP
# Filebeat sidecar container
{{ include "common.log.sidecar" . | nindent 6 }}
diff --git a/kubernetes/so/templates/service.yaml b/kubernetes/so/templates/service.yaml
index 2849ede..5a83d56 100755
--- a/kubernetes/so/templates/service.yaml
+++ b/kubernetes/so/templates/service.yaml
@@ -392,11 +392,11 @@
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml
index 1f454f6..553de8c 100755
--- a/kubernetes/so/values.yaml
+++ b/kubernetes/so/values.yaml
@@ -213,7 +213,7 @@
nodePort: 77
internalPort: *containerPort
externalPort: *containerPort
- portName: so-apih-port
+ portName: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1