update certs
fix the issues while toggling the aaf and prometheus flags
add Prometheus monitoring to message router
Issue-ID: DMAAP-1411
Change-Id: I80cbaa4e9d7d015fd4976c2e672335b63f7426ca
Signed-off-by: su622b <su622b@att.com>
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/config/cadi.properties b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/config/cadi.properties
index 977699d..2bee404 100644
--- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/config/cadi.properties
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/config/cadi.properties
@@ -3,16 +3,15 @@
aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm
cadi_truststore=/etc/kafka/secrets/cert/org.onap.dmaap.mr.trust.jks
-cadi_truststore_password=enc:gvXm0E9p-_SRNw5_feOUE7wqXBxgxV3S_bdAyB08Sq9F35cCUZHWgQyKIDtTAbEw
+cadi_truststore_password=enc:mN6GiIzFQxKGDzAXDOs7b4j8DdIX02QrZ9QOWNRpxV3rD6whPCfizSMZkJwxi_FJ
cadi_keyfile=/etc/kafka/secrets/cert/org.onap.dmaap.mr.keyfile
cadi_alias=dmaapmr@mr.dmaap.onap.org
cadi_keystore=/etc/kafka/secrets/cert/org.onap.dmaap.mr.p12
-cadi_keystore_password=enc:pLMCzQzk-OP7IpYNi0TPtQSkNcraFAdarZG8HbdOKq4BycW6g_7mfhphLhOZo6ht
+cadi_keystore_password=enc:_JJT2gAEkRzXla5xfDIHal8pIoIB5iIos3USvZQT6sL-l14LpI5fRFR_QIGUCh5W
cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
-
cadi_loglevel=INFO
cadi_protocols=TLSv1.1,TLSv1.2
cadi_latitude=37.78187
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/configmap.yaml
index 5039898..1a86f18 100644
--- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/configmap.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/configmap.yaml
@@ -38,8 +38,8 @@
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/jaas/kafka_server_jaas.conf").AsConfig . | indent 2 }}
-
-{{ else }}
+---
+{{- else }}
apiVersion: v1
kind: ConfigMap
@@ -53,7 +53,7 @@
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/jaas/zk_client_jaas.conf").AsConfig . | indent 2 }}
-
+---
{{- end }}
{{- if .Values.prometheus.jmx.enabled }}
@@ -68,6 +68,6 @@
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
data:
-{{ (.Files.Glob "resources/config/jmx-kafka-prometheus.yml").AsConfig | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/jmx-kafka-prometheus.yml").AsConfig . | indent 2 }}
---
{{- end }}
\ No newline at end of file
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml
index ab3a6bf..ad08b6e 100644
--- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml
@@ -201,7 +201,7 @@
- name: KAFKA_AUTHORIZER_CLASS_NAME
value: "{{ .Values.kafka.authorizer }}"
{{ else }}
- - name: KAFKA_OPTS
+ - name: KAFKA_OPTS
value: "{{ .Values.kafka.jaasOptions }}"
- name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP
value: "{{ .Values.kafka.protocolMap }}"
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml
index 0399c3a..4d87c06 100644
--- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/values.yaml
@@ -31,7 +31,7 @@
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dmaap/kafka111:1.0.3
+image: onap/dmaap/kafka111:1.0.4
pullPolicy: Always
ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
busyBoxImage: busybox:1.30
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/configmap.yaml
index 907111d..50091bd 100644
--- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/configmap.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/configmap.yaml
@@ -24,7 +24,7 @@
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
data:
-{{ (.Files.Glob "resources/config/jmx-zookeeper-prometheus.yml").AsConfig | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/jmx-zookeeper-prometheus.yml").AsConfig . | indent 2 }}
---
{{ end }}
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml
index e98e614..bd8a23c 100644
--- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml
@@ -210,7 +210,7 @@
name: {{ include "common.fullname" . }}-jaas-configmap
{{- if .Values.prometheus.jmx.enabled }}
- name: jmx-config
- configMap:
+ configMap:
name: {{ include "common.fullname" . }}-prometheus-configmap
{{- end }}
{{ if not .Values.persistence.enabled }}
diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties
index 36dafce..dca56c8 100755
--- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties
+++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties
@@ -4,17 +4,16 @@
aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm
cadi_truststore=/appl/dmaapMR1/etc/org.onap.dmaap.mr.trust.jks
-cadi_truststore_password=enc:gvXm0E9p-_SRNw5_feOUE7wqXBxgxV3S_bdAyB08Sq9F35cCUZHWgQyKIDtTAbEw
+cadi_truststore_password=enc:mN6GiIzFQxKGDzAXDOs7b4j8DdIX02QrZ9QOWNRpxV3rD6whPCfizSMZkJwxi_FJ
cadi_keyfile=/appl/dmaapMR1/etc/org.onap.dmaap.mr.keyfile
cadi_alias=dmaapmr@mr.dmaap.onap.org
cadi_keystore=/appl/dmaapMR1/etc/org.onap.dmaap.mr.p12
-cadi_keystore_password=enc:pLMCzQzk-OP7IpYNi0TPtQSkNcraFAdarZG8HbdOKq4BycW6g_7mfhphLhOZo6ht
+cadi_keystore_password=enc:_JJT2gAEkRzXla5xfDIHal8pIoIB5iIos3USvZQT6sL-l14LpI5fRFR_QIGUCh5W
cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
-
cadi_loglevel=INFO
cadi_protocols=TLSv1.1,TLSv1.2
cadi_latitude=37.78187
-cadi_longitude=-122.26147
+cadi_longitude=-122.26147
\ No newline at end of file
diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/jmx-mrservice-prometheus.yml b/kubernetes/dmaap/components/message-router/resources/config/dmaap/jmx-mrservice-prometheus.yml
new file mode 100644
index 0000000..3ee9fc5
--- /dev/null
+++ b/kubernetes/dmaap/components/message-router/resources/config/dmaap/jmx-mrservice-prometheus.yml
@@ -0,0 +1,4 @@
+jmxUrl: service:jmx:rmi:///jndi/rmi://localhost:{{ .Values.prometheus.jmx.targetPort }}/jmxrmi
+lowercaseOutputName: true
+lowercaseOutputLabelNames: true
+ssl: false
\ No newline at end of file
diff --git a/kubernetes/dmaap/components/message-router/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/templates/configmap.yaml
index 9a2dea8..f981d6f 100644
--- a/kubernetes/dmaap/components/message-router/templates/configmap.yaml
+++ b/kubernetes/dmaap/components/message-router/templates/configmap.yaml
@@ -12,7 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
apiVersion: v1
kind: ConfigMap
metadata:
@@ -79,4 +78,21 @@
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/topics/*.json").AsConfig . | indent 2 }}
+---
+{{- if .Values.prometheus.jmx.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-prometheus-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/dmaap/jmx-mrservice-prometheus.yml").AsConfig . | indent 2 }}
+---
+{{ end }}
+
diff --git a/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml b/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml
index 4b45352..26f38c9 100644
--- a/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml
+++ b/kubernetes/dmaap/components/message-router/templates/post-install-job.yaml
@@ -1,3 +1,17 @@
+{{- if .Values.global.aafEnabled }}
+# Copyright © 2020 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
apiVersion: batch/v1
kind: Job
metadata:
@@ -73,3 +87,4 @@
name: {{ include "common.fullname" . }}-dbc-topics
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
+{{- end }}
\ No newline at end of file
diff --git a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml
index c17fda1..695a816 100644
--- a/kubernetes/dmaap/components/message-router/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/message-router/templates/statefulset.yaml
@@ -41,6 +41,27 @@
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
containers:
+ {{- if .Values.prometheus.jmx.enabled }}
+ - name: prometheus-jmx-exporter
+ image: "{{ .Values.prometheus.jmx.imageRepository }}/{{ .Values.prometheus.jmx.image }}:{{ .Values.prometheus.jmx.imageTag }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - java
+ - -XX:+UnlockExperimentalVMOptions
+ - -XX:+UseCGroupMemoryLimitForHeap
+ - -XX:MaxRAMFraction=1
+ - -XshowSettings:vm
+ - -jar
+ - jmx_prometheus_httpserver.jar
+ - {{ .Values.prometheus.jmx.port | quote }}
+ - /etc/jmx-kafka/jmx-mrservice-prometheus.yml
+ ports:
+ - containerPort: {{ .Values.prometheus.jmx.port }}
+ resources:
+ volumeMounts:
+ - name: jmx-config
+ mountPath: /etc/jmx-kafka
+ {{- end }}
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
@@ -92,6 +113,11 @@
- name: cadi
configMap:
name: {{ include "common.fullname" . }}-cadi-prop-configmap
+ {{- if .Values.prometheus.jmx.enabled }}
+ - name: jmx-config
+ configMap:
+ name: {{ include "common.fullname" . }}-prometheus-configmap
+ {{- end }}
- name: mykey
secret:
secretName: {{ include "common.fullname" . }}-secret
diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml
index b14c35f..da9e41e 100644
--- a/kubernetes/dmaap/components/message-router/values.yaml
+++ b/kubernetes/dmaap/components/message-router/values.yaml
@@ -28,7 +28,7 @@
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/dmaap/dmaap-mr:1.1.17
+image: onap/dmaap/dmaap-mr:1.1.18
pullPolicy: Always
kafka:
@@ -84,6 +84,15 @@
port_protocol: http
nodePort: 26
+prometheus:
+ jmx:
+ enabled: false
+ image: solsson/kafka-prometheus-jmx-exporter@sha256
+ imageTag: 6f82e2b0464f50da8104acd7363fb9b995001ddff77d248379f8788e78946143
+ imageRepository: docker.io
+ port: 5556
+ targetPort: 5555
+
ingress:
enabled: false