Merge "Policy 1.2.2 released artifacts"
diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst
index 6b0c00e..bb8ff0b 100644
--- a/docs/oom_user_guide.rst
+++ b/docs/oom_user_guide.rst
@@ -10,7 +10,7 @@
.. _Helm Documentation: https://docs.helm.sh/helm/
.. _Helm: https://docs.helm.sh/
.. _Kubernetes: https://Kubernetes.io/
-
+.. _Kubernetes LoadBalancer: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
.. _user-guide-label:
OOM User Guide
@@ -348,6 +348,60 @@
<...>
+Accessing the ONAP Portal using OOM and a Kubernetes Cluster
+------------------------------------------------------------
+
+The ONAP deployment created by OOM operates in a private IP network that isn't
+publicly accessible (i.e. Openstack VMs with private internal network) which
+blocks access to the ONAP Portal. To enable direct access to this Portal from a
+user's own environment (a laptop etc.) the portal application's port 8989 is
+exposed through a `Kubernetes LoadBalancer`_ object.
+
+Typically, to be able to access the Kubernetes nodes publicly a public address is
+assigned. In Openstack this is a floating IP address.
+
+When the `portal-app` chart is deployed a Kubernetes service is created that
+instantiates a load balancer. The LB chooses the private interface of one of
+the nodes as in the example below (10.0.0.4 is private to the K8s cluster only).
+Then to be able to access the portal on port 8989 from outside the K8s &
+Openstack environment, the user needs to assign/get the floating IP address that
+corresponds to the private IP as follows::
+
+ > kubectl -n onap get services|grep "portal-app"
+ portal-app LoadBalancer 10.43.142.201 10.0.0.4 8989:30215/TCP,8006:30213/TCP,8010:30214/TCP 1d app=portal-app,release=dev
+
+
+In this example, use the 10.0.0.4 private address as a key find the
+corresponding public address which in this example is 10.12.6.155. If you're
+using OpenStack you'll do the lookup with the horizon GUI or the Openstack CLI
+for your tenant (openstack server list). That IP is then used in your
+`/etc/hosts` to map the fixed DNS aliases required by the ONAP Portal as shown
+below::
+
+ 10.12.6.155 portal.api.simpledemo.onap.org
+ 10.12.6.155 vid.api.simpledemo.onap.org
+ 10.12.6.155 sdc.api.fe.simpledemo.onap.org
+ 10.12.6.155 portal-sdk.simpledemo.onap.org
+ 10.12.6.155 policy.api.simpledemo.onap.org
+ 10.12.6.155 aai.api.sparky.simpledemo.onap.org
+ 10.12.6.155 cli.api.simpledemo.onap.org
+ 10.12.6.155 msb.api.discovery.simpledemo.onap.org
+
+Ensure you've disabled any proxy settings the browser you are using to access
+the portal and then simply access the familiar URL:
+http://portal.api.simpledemo.onap.org:8989/ONAPPORTAL/login.htm
+
+.. note:: Alternatives Considered.
+
+ Kubernetes port forwarding was considered but discarded as it would require
+ the end user to run a script that opens up port forwarding tunnels to each of
+ the pods that provides a portal application widget.
+
+ Reverting to a VNC server similar to what was deployed in the Amsterdam
+ release was also considered but there were many issues with resolution, lack
+ of volume mount, /etc/hosts dynamic update, file upload that were a tall order
+ to solve in time for the Beijing release.
+
.. figure:: oomLogoV2-Monitor.png
:align: right
diff --git a/kubernetes/clamp/charts/clamp-dash-es/values.yaml b/kubernetes/clamp/charts/clamp-dash-es/values.yaml
index 83fb73e..7a8becf 100644
--- a/kubernetes/clamp/charts/clamp-dash-es/values.yaml
+++ b/kubernetes/clamp/charts/clamp-dash-es/values.yaml
@@ -32,8 +32,8 @@
# application image
loggingRepository: docker.elastic.co
-image: elasticsearch/elasticsearch:5.6.8
-pullPolicy: IfNotPresent
+image: elasticsearch/elasticsearch:5.6.9
+pullPolicy: Always
# flag to enable debugging - application support required
debugEnabled: false
@@ -81,6 +81,7 @@
size: 4Gi
mountPath: /dockerdata-nfs
mountSubPath: clamp/dashboard-elasticsearch/data
+ mountSubPathLogs: clamp
service:
type: ClusterIP
diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml
index 64b515c..60a504d 100644
--- a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml
+++ b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml
@@ -39,8 +39,8 @@
# application image
loggingRepository: docker.elastic.co
-image: kibana/kibana:5.6.8
-pullPolicy: IfNotPresent
+image: kibana/kibana:5.6.9
+pullPolicy: Always
# flag to enable debugging - application support required
debugEnabled: false
diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml
index e3463e9..bb12210 100644
--- a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml
+++ b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml
@@ -30,8 +30,8 @@
# application image
loggingRepository: docker.elastic.co
-image: logstash/logstash:5.6.8
-pullPolicy: IfNotPresent
+image: logstash/logstash:5.6.9
+pullPolicy: Always
# flag to enable debugging - application support required
debugEnabled: false
diff --git a/kubernetes/clamp/resources/config/sdc-controllers-config.json b/kubernetes/clamp/resources/config/sdc-controllers-config.json
new file mode 100644
index 0000000..3adda95
--- /dev/null
+++ b/kubernetes/clamp/resources/config/sdc-controllers-config.json
@@ -0,0 +1,18 @@
+{
+ "sdc-connections":{
+ "sdc-controller":{
+ "user": "clamp",
+ "consumerGroup": "clamp",
+ "consumerId": "clamp",
+ "environmentName": "AUTO",
+ "sdcAddress": "sdc-be.{{ include "common.namespace" . }}:8443",
+ "password": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981",
+ "pollingInterval":30,
+ "pollingTimeout":30,
+ "activateServerTLSAuth":"false",
+ "keyStorePassword":"",
+ "keyStorePath":"",
+ "messageBusAddresses":["message-router.{{ include "common.namespace" . }}"]
+ }
+ }
+}
diff --git a/kubernetes/clamp/templates/configmap.yaml b/kubernetes/clamp/templates/configmap.yaml
index bee8f13..7a66c64 100644
--- a/kubernetes/clamp/templates/configmap.yaml
+++ b/kubernetes/clamp/templates/configmap.yaml
@@ -23,4 +23,5 @@
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
- spring_application_json: {{ tpl .Values.config.springApplicationJson . | quote }}
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+ spring_application_json: {{ tpl .Values.config.springApplicationJson . | quote }}
diff --git a/kubernetes/clamp/templates/deployment.yaml b/kubernetes/clamp/templates/deployment.yaml
index 4a3a0f9..38eabeb 100644
--- a/kubernetes/clamp/templates/deployment.yaml
+++ b/kubernetes/clamp/templates/deployment.yaml
@@ -65,6 +65,10 @@
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - mountPath: /opt/clamp/sdc-controllers-config.json
+ name: {{ include "common.fullname" . }}-config
+ subPath: sdc-controllers-config.json
env:
- name: SPRING_APPLICATION_JSON
valueFrom:
@@ -81,5 +85,12 @@
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ volumes:
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}
+ items:
+ - key: sdc-controllers-config.json
+ path: sdc-controllers-config.json
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml
index 06fe3d9..71752fc 100644
--- a/kubernetes/clamp/values.yaml
+++ b/kubernetes/clamp/values.yaml
@@ -41,17 +41,18 @@
dataRootDir: /dockerdata-nfs
springApplicationJson: >
{
- "spring.datasource.cldsdb.url": "jdbc:mariadb:sequential://clampdb:3306/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3",
- "clamp.config.sdc.catalog.url": "https://sdc-be:8443/sdc/v1/catalog/",
- "clamp.config.sdc.hostUrl": "https://sdc-be:8443/",
- "clamp.config.sdc.serviceUrl": "https://sdc-be:8443/sdc/v1/catalog/services",
+ "spring.datasource.cldsdb.url": "jdbc:mariadb:sequential://clampdb.{{ include "common.namespace" . }}:3306/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3",
+ "clamp.config.sdc.catalog.url": "http://sdc-be.{{ include "common.namespace" . }}:8080/sdc/v1/catalog/",
+ "clamp.config.sdc.hostUrl": "http://sdc-be.{{ include "common.namespace" . }}:8080/",
+ "clamp.config.sdc.serviceUrl": "http://sdc-be.{{ include "common.namespace" . }}:8080/sdc/v1/catalog/services",
"clamp.config.sdc.serviceUsername": "clamp",
"clamp.config.sdc.servicePassword": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981",
- "clamp.config.dcae.inventory.url": "http://dcaegen2:8080",
- "clamp.config.dcae.dispatcher.url": "http://dcaegen2:8080",
- "clamp.config.policy.pdpUrl1": "https://policy-pdp:9091/pdp/ , testpdp, alpha123",
- "clamp.config.policy.pdpUrl2": "https://policy-pdp:9091/pdp/ , testpdp, alpha123",
- "clamp.config.policy.papUrl": "https://policy-pap:8443/pap/ , testpap, alpha123",
+ "clamp.config.files.sdcController": "file:/opt/clamp/sdc-controllers-config.json",
+ "clamp.config.dcae.inventory.url": "http://dcaegen2.{{ include "common.namespace" . }}:8080",
+ "clamp.config.dcae.dispatcher.url": "http://dcaegen2.{{ include "common.namespace" . }}:8080",
+ "clamp.config.policy.pdpUrl1": "https://pdp.{{ include "common.namespace" . }}:9091/pdp/ , testpdp, alpha123",
+ "clamp.config.policy.pdpUrl2": "https://pdp.{{ include "common.namespace" . }}:9091/pdp/ , testpdp, alpha123",
+ "clamp.config.policy.papUrl": "https://pap.{{ include "common.namespace" . }}:8443/pap/ , testpap, alpha123",
"clamp.config.policy.clientKey": "5CE79532B3A2CB4D132FC0C04BF916A7"
}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/clamp-health.json b/kubernetes/consul/resources/config/consul-agent-config/clamp-health.json
new file mode 100644
index 0000000..5fb57b4
--- /dev/null
+++ b/kubernetes/consul/resources/config/consul-agent-config/clamp-health.json
@@ -0,0 +1,17 @@
+{
+ "service": {
+ "name": "Health Check: CLAMP",
+ "check":[
+ {
+ "id" : "clamp-health",
+ "name": "Clamp Health Check",
+ "http": "http://clamp:8080/restservices/clds/v1/clds/healthcheck",
+ "tls_skip_verify": true,
+ "method": "GET",
+ "interval": "10s",
+ "timeout": "1s"
+ }
+ ]
+ }
+}
+
diff --git a/kubernetes/consul/resources/config/consul-agent-config/clamp-mariadb-health.json b/kubernetes/consul/resources/config/consul-agent-config/clamp-mariadb-health.json
new file mode 100644
index 0000000..f5ae467
--- /dev/null
+++ b/kubernetes/consul/resources/config/consul-agent-config/clamp-mariadb-health.json
@@ -0,0 +1,16 @@
+{
+ "service": {
+ "name": "Health Check: CLAMP - MariaDb",
+ "checks": [
+ {
+ "id": "clamp-mariadb",
+ "name": "CLAMP Mariadb Health Check",
+ "script": "/consul/scripts/clamp-mariadb-script.sh",
+ "interval": "10s",
+ "timeout": "1s"
+ }
+ ]
+
+ }
+}
+
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh
new file mode 100644
index 0000000..2cf7fc7
--- /dev/null
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/clamp-mariadb-script.sh
@@ -0,0 +1,15 @@
+NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "[^[:space:]]*-clampdb[^[:space:]]*")
+
+ if [ -n "$NAME" ]; then
+ if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
+ echo Success. CLAMP DBHost is running. 2>&1
+ exit 0
+ else
+ echo Failed. CLAMP DBHost is not running. 2>&1
+ exit 1
+ fi
+ else
+ echo Failed. CLAMP DBHost is offline. 2>&1
+ exit 1
+ fi
+
diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh
index 65ef705..5470007 100644
--- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh
+++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh
@@ -16,3 +16,7 @@
${POLICY_HOME}/bin/features enable healthcheck
+${POLICY_HOME}/bin/features enable pooling-dmaap
+${POLICY_HOME}/bin/features enable distributed-locking
+
+${POLICY_HOME}/bin/db-migrator -s pooling -o upgrade
diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/feature-pooling-dmaap.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/feature-pooling-dmaap.conf
new file mode 100644
index 0000000..8238407
--- /dev/null
+++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/feature-pooling-dmaap.conf
@@ -0,0 +1,15 @@
+# Copyright 2018 AT&T Intellectual Property. All rights reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+POOLING_TOPIC=POOLING
diff --git a/kubernetes/policy/charts/drools/templates/statefulset.yaml b/kubernetes/policy/charts/drools/templates/statefulset.yaml
index 9041478..68b415e 100644
--- a/kubernetes/policy/charts/drools/templates/statefulset.yaml
+++ b/kubernetes/policy/charts/drools/templates/statefulset.yaml
@@ -88,6 +88,9 @@
- mountPath: /tmp/policy-install/config/feature-healthcheck.conf
name: drools-secret
subPath: feature-healthcheck.conf
+ - mountPath: /tmp/policy-install/config/feature-pooling-dmaap.conf
+ name: drools-config
+ subPath: feature-pooling-dmaap.conf
- mountPath: /tmp/policy-install/config/base.conf
name: drools-config
subPath: base.conf
@@ -160,6 +163,9 @@
- key: base.conf
path: base.conf
mode: 0755
+ - key: feature-pooling-dmaap.conf
+ path: feature-pooling-dmaap.conf
+ mode: 0755
- key: policy-management.conf
path: policy-management.conf
mode: 0755
diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml
index f309520..9ce8040 100644
--- a/kubernetes/policy/charts/drools/values.yaml
+++ b/kubernetes/policy/charts/drools/values.yaml
@@ -51,7 +51,7 @@
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
- enabled: false
+ enabled: true
readiness:
initialDelaySeconds: 10
diff --git a/kubernetes/policy/charts/mariadb/resources/config/db.sh b/kubernetes/policy/charts/mariadb/resources/config/db.sh
index ead656e..067b3c3 100644
--- a/kubernetes/policy/charts/mariadb/resources/config/db.sh
+++ b/kubernetes/policy/charts/mariadb/resources/config/db.sh
@@ -14,7 +14,7 @@
#!/bin/bash -xv
-for db in support onap_sdk log
+for db in support onap_sdk log migration operationshistory10 pooling
do
mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};"
mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;"
diff --git a/kubernetes/policy/resources/config/pe/pap.conf b/kubernetes/policy/resources/config/pe/pap.conf
index ae9d47c..3fe9bd0 100644
--- a/kubernetes/policy/resources/config/pe/pap.conf
+++ b/kubernetes/policy/resources/config/pe/pap.conf
@@ -39,7 +39,7 @@
REST_ADMIN_WORKSPACE=workspace
# PDP related properties
-PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-0.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/,testpdp,alpha123;http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-1.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/
+PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-0.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/,testpdp,alpha123;http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-1.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/,testpdp,alpha123;http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-3.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/,testpdp,alpha123;http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-4.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/
PAP_PDP_HTTP_USER_ID=testpdp
PAP_PDP_HTTP_PASSWORD=alpha123
diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml
index e3a2e13..54d72a7 100644
--- a/kubernetes/robot/values.yaml
+++ b/kubernetes/robot/values.yaml
@@ -21,7 +21,7 @@
# application image
repository: nexus3.onap.org:10001
-image: onap/testsuite:1.2-STAGING-latest
+image: onap/testsuite:1.2.0
pullPolicy: Always
ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
diff --git a/kubernetes/sniro-emulator/values.yaml b/kubernetes/sniro-emulator/values.yaml
index 3896960..970578d 100644
--- a/kubernetes/sniro-emulator/values.yaml
+++ b/kubernetes/sniro-emulator/values.yaml
@@ -20,7 +20,7 @@
# application image
repository: nexus3.onap.org:10001
-image: onap/sniroemulator
+image: onap/sniroemulator:latest
pullPolicy: IfNotPresent
# flag to enable debugging - application support required
diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml
index cf1be00..200821c 100644
--- a/kubernetes/vnfsdk/values.yaml
+++ b/kubernetes/vnfsdk/values.yaml
@@ -28,7 +28,7 @@
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/vnfsdk/refrepo:1.1-STAGING-latest
+image: onap/vnfsdk/refrepo:1.1.1
pullPolicy: Always
postgres: