[VFC] Use common mariadb-galera instance
Have following updates for VFC:
- Add section under .Values.global for shared mariadb instance default
info with a condition to instantiate local instance.
- Update the related section of Mariadb-galera under .Values
- Add condition under requirments.yaml to install local mariadb instance
* Note: Since Components initiate their own DBs and Users, there is no
need to initiate the common mariadb-galera with mariadb-init, instead
root password will injected to components to be able to create the DBs.
Have following updates for nslcm, vnflcm, vnfmgr and vnfres:
- Update .Values to accommodate for the new changes in parent .Values
file.
- Update root secret with the condition of having local mariadb or using
the common.
- Update deployments to include the definitions of mariadb service and
port defined in (common/_mariadb.tpl)
Issue-ID: OOM-2840
Signed-off-by: Mahmoud Abdelhamid <mahmoud.abdelhamid@orange.com>
Change-Id: Ia6a8e91ca3978928c4bf336a3a86ab1c6d64597a
diff --git a/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml b/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml
index 40ca646..17d8cc2 100644
--- a/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml
+++ b/kubernetes/vfc/components/vfc-nslcm/templates/deployment.yaml
@@ -42,7 +42,7 @@
- /app/ready.py
args:
- --container-name
- - {{ .Values.config.mariadbService }}
+ - '{{ ternary (index .Values "mariadb-galera" "nameOverride") .Values.global.mariadbGalera.service .Values.global.mariadbGalera.localCluster }}'
env:
- name: NAMESPACE
valueFrom:
@@ -83,7 +83,7 @@
- name: SSL_ENABLED
value: "{{ .Values.global.config.ssl_enabled }}"
- name: MYSQL_ADDR
- value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}"
+ value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}'
- name: MYSQL_ROOT_USER
value: "{{ .Values.global.config.mariadb_admin }}"
- name: MYSQL_ROOT_PASSWORD
diff --git a/kubernetes/vfc/components/vfc-nslcm/values.yaml b/kubernetes/vfc/components/vfc-nslcm/values.yaml
index 5854a37..ead1a4c 100644
--- a/kubernetes/vfc/components/vfc-nslcm/values.yaml
+++ b/kubernetes/vfc/components/vfc-nslcm/values.yaml
@@ -19,15 +19,20 @@
nodePortPrefix: 302
config:
ssl_enabled: false
+ mariadbGalera:
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
#################################################################
# Secrets metaconfig
#################################################################
secrets:
- - uid: "db-root-pass"
- externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}'
+ - uid: db-root-pass
+ externalSecret: '{{ ternary (index .Values "mariadb-galera" "rootUser" "externalSecret") (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride))) .Values.global.mariadbGalera.localCluster }}'
type: password
- password: '{{ .Values.config.mariadbRootPassword }}'
+ password: '{{ index .Values "mariadb-galera" "rootUser" "password" }}'
policy: required
#################################################################
@@ -45,13 +50,11 @@
# flag to enable debugging - application support required
debugEnabled: false
-# application configuration
-config:
- mariadbService: vfc-mariadb
- mariadbPort: 3306
- mariadbRootPassword: secretpassword
- # mariadbRootPasswordExternalSecret: some secret
-
+# Local mariadb galera instance default name
+mariadb-galera:
+ rootUser:
+ externalSecret: '{{ include "common.release" . }}-vfc-db-root-pass'
+ nameOverride: vfc-mariadb
# default number of instances
replicaCount: 1
diff --git a/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml
index b93d7af..75968b2 100644
--- a/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml
+++ b/kubernetes/vfc/components/vfc-vnflcm/templates/deployment.yaml
@@ -42,7 +42,7 @@
- /app/ready.py
args:
- --container-name
- - {{ .Values.config.mariadbService }}
+ - '{{ ternary (index .Values "mariadb-galera" "nameOverride") .Values.global.mariadbGalera.service .Values.global.mariadbGalera.localCluster }}'
env:
- name: NAMESPACE
valueFrom:
@@ -58,7 +58,7 @@
- sh
args:
- -c
- - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh'
+ - 'MYSQL_AUTH=${MYSQL_ROOT_USER}:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh'
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
@@ -83,7 +83,7 @@
- name: SSL_ENABLED
value: "{{ .Values.global.config.ssl_enabled }}"
- name: MYSQL_ADDR
- value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}"
+ value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}'
- name: MYSQL_ROOT_USER
value: "{{ .Values.global.config.mariadb_admin }}"
- name: MYSQL_ROOT_PASSWORD
diff --git a/kubernetes/vfc/components/vfc-vnflcm/values.yaml b/kubernetes/vfc/components/vfc-vnflcm/values.yaml
index acdf006..cd5e999 100644
--- a/kubernetes/vfc/components/vfc-vnflcm/values.yaml
+++ b/kubernetes/vfc/components/vfc-vnflcm/values.yaml
@@ -19,15 +19,20 @@
nodePortPrefix: 302
config:
ssl_enabled: false
+ mariadbGalera:
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
#################################################################
# Secrets metaconfig
#################################################################
secrets:
- - uid: "db-root-pass"
- externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}'
+ - uid: db-root-pass
+ externalSecret: '{{ ternary (index .Values "mariadb-galera" "rootUser" "externalSecret") (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride))) .Values.global.mariadbGalera.localCluster }}'
type: password
- password: '{{ .Values.config.mariadbRootPassword }}'
+ password: '{{ index .Values "mariadb-galera" "rootUser" "password" }}'
policy: required
#################################################################
@@ -45,13 +50,11 @@
# flag to enable debugging - application support required
debugEnabled: false
-# application configuration
-config:
- mariadbService: vfc-mariadb
- mariadbPort: 3306
- mariadbRootPassword: secretpassword
- # mariadbRootPasswordExternalSecret: some secret
-
+# Local mariadb galera instance default name
+mariadb-galera:
+ rootUser:
+ externalSecret: '{{ include "common.release" . }}-vfc-db-root-pass'
+ nameOverride: vfc-mariadb
# default number of instances
replicaCount: 1
diff --git a/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml
index 9c8430c..f9a8ba7 100644
--- a/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml
+++ b/kubernetes/vfc/components/vfc-vnfmgr/templates/deployment.yaml
@@ -42,7 +42,7 @@
- /app/ready.py
args:
- --container-name
- - {{ .Values.config.mariadbService }}
+ - '{{ ternary (index .Values "mariadb-galera" "nameOverride") .Values.global.mariadbGalera.service .Values.global.mariadbGalera.localCluster }}'
env:
- name: NAMESPACE
valueFrom:
@@ -58,7 +58,7 @@
- sh
args:
- -c
- - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh'
+ - 'MYSQL_AUTH=${MYSQL_ROOT_USER}:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh'
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
@@ -83,7 +83,7 @@
- name: SSL_ENABLED
value: "{{ .Values.global.config.ssl_enabled }}"
- name: MYSQL_ADDR
- value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}"
+ value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}'
- name: REDIS_HOST
value: "{{ .Values.global.config.redisServiceName }}"
- name: REDIS_PORT
diff --git a/kubernetes/vfc/components/vfc-vnfmgr/values.yaml b/kubernetes/vfc/components/vfc-vnfmgr/values.yaml
index aa32779..35aa0aa 100644
--- a/kubernetes/vfc/components/vfc-vnfmgr/values.yaml
+++ b/kubernetes/vfc/components/vfc-vnfmgr/values.yaml
@@ -19,15 +19,20 @@
nodePortPrefix: 302
config:
ssl_enabled: false
+ mariadbGalera:
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
#################################################################
# Secrets metaconfig
#################################################################
secrets:
- - uid: "db-root-pass"
- externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}'
+ - uid: db-root-pass
+ externalSecret: '{{ ternary (index .Values "mariadb-galera" "rootUser" "externalSecret") (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride))) .Values.global.mariadbGalera.localCluster }}'
type: password
- password: '{{ .Values.config.mariadbRootPassword }}'
+ password: '{{ index .Values "mariadb-galera" "rootUser" "password" }}'
policy: required
#################################################################
@@ -45,12 +50,11 @@
# flag to enable debugging - application support required
debugEnabled: false
-# application configuration
-config:
- mariadbService: vfc-mariadb
- mariadbPort: 3306
- mariadbRootPassword: secretpassword
- # mariadbRootPasswordExternalSecret: some secret
+# Local mariadb galera instance default name
+mariadb-galera:
+ rootUser:
+ externalSecret: '{{ include "common.release" . }}-vfc-db-root-pass'
+ nameOverride: vfc-mariadb
# default number of instances
replicaCount: 1
diff --git a/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml b/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml
index 2577887..06258a0 100644
--- a/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml
+++ b/kubernetes/vfc/components/vfc-vnfres/templates/deployment.yaml
@@ -42,7 +42,7 @@
- /app/ready.py
args:
- --container-name
- - {{ .Values.config.mariadbService }}
+ - '{{ ternary (index .Values "mariadb-galera" "nameOverride") .Values.global.mariadbGalera.service .Values.global.mariadbGalera.localCluster }}'
env:
- name: NAMESPACE
valueFrom:
@@ -58,7 +58,7 @@
- sh
args:
- -c
- - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh'
+ - 'MYSQL_AUTH=${MYSQL_ROOT_USER}:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh'
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
@@ -83,7 +83,7 @@
- name: SSL_ENABLED
value: "{{ .Values.global.config.ssl_enabled }}"
- name: MYSQL_ADDR
- value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}"
+ value: '{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}'
- name: REDIS_HOST
value: "{{ .Values.global.config.redisServiceName }}"
- name: REDIS_PORT
diff --git a/kubernetes/vfc/components/vfc-vnfres/values.yaml b/kubernetes/vfc/components/vfc-vnfres/values.yaml
index 7683912..204d414 100644
--- a/kubernetes/vfc/components/vfc-vnfres/values.yaml
+++ b/kubernetes/vfc/components/vfc-vnfres/values.yaml
@@ -19,15 +19,20 @@
nodePortPrefix: 302
config:
ssl_enabled: false
+ mariadbGalera:
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
#################################################################
# Secrets metaconfig
#################################################################
secrets:
- - uid: "db-root-pass"
- externalSecret: '{{ tpl (default "" .Values.config.mariadbRootPasswordExternalSecret) . }}'
+ - uid: db-root-pass
+ externalSecret: '{{ ternary (index .Values "mariadb-galera" "rootUser" "externalSecret") (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (default "mariadb-galera" .Values.global.mariadbGalera.nameOverride))) .Values.global.mariadbGalera.localCluster }}'
type: password
- password: '{{ .Values.config.mariadbRootPassword }}'
+ password: '{{ index .Values "mariadb-galera" "rootUser" "password" }}'
policy: required
#################################################################
@@ -45,13 +50,11 @@
# flag to enable debugging - application support required
debugEnabled: false
-# application configuration
-config:
- mariadbService: vfc-mariadb
- mariadbPort: 3306
- mariadbRootPassword: secretpassword
- # mariadbRootPasswordExternalSecret: some secret
-
+# Local mariadb galera instance default name
+mariadb-galera:
+ rootUser:
+ externalSecret: '{{ include "common.release" . }}-vfc-db-root-pass'
+ nameOverride: vfc-mariadb
# default number of instances
replicaCount: 1
diff --git a/kubernetes/vfc/requirements.yaml b/kubernetes/vfc/requirements.yaml
index ab3f4ae..7f65b02 100644
--- a/kubernetes/vfc/requirements.yaml
+++ b/kubernetes/vfc/requirements.yaml
@@ -19,6 +19,7 @@
- name: mariadb-galera
version: ~8.x-0
repository: '@local'
+ condition: global.mariadbGalera.localCluster
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
diff --git a/kubernetes/vfc/values.yaml b/kubernetes/vfc/values.yaml
index 0560832..64bd029 100644
--- a/kubernetes/vfc/values.yaml
+++ b/kubernetes/vfc/values.yaml
@@ -26,42 +26,47 @@
# we use this flag to determine who is responbile for serice registeration
# and it can reduce duplicate registration.
reg_to_msb_when_start: False
- mariadb_admin: root
+ mariadb_admin: &mariadbAdmin root
persistence:
mountPath: /dockerdata-nfs
+ mariadbGalera: &mariadbGalera
+ #This flag allows VFC to instantiate its own mariadb-galera cluster
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
#################################################################
# Secrets metaconfig
#################################################################
secrets:
- - uid: "db-root-pass"
+ - uid: db-root-pass
name: &dbRootPassSecret '{{ include "common.release" . }}-vfc-db-root-pass'
+ externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .) (hasSuffix "db-root-pass" (index .Values "mariadb-galera" "rootUser" "externalSecret"))}}'
+ login: '{{ index .Values "mariadb-galera" "rootUser" "user" }}'
+ password: '{{ index .Values "mariadb-galera" "rootUser" "password" }}'
type: password
- password: '{{ .Values.config.mariadbRootPassword }}'
# application configuration
config:
logstashServiceName: log-ls
logstashPort: 5044
-mariadb-galera:
+mariadb-galera: &localMariadb
rootUser:
+ user: *mariadbAdmin
+ # password:
externalSecret: *dbRootPassSecret
- nameOverride: &vfc-mariadb vfc-mariadb
+ nameOverride: &dbServer vfc-mariadb
nfsprovisionerPrefix: vfc
persistence:
mountSubPath: vfc/data
enabled: true
disableNfsProvisioner: true
serviceAccount:
- nameOverride: *vfc-mariadb
+ nameOverride: *dbServer
replicaCount: 1
-db: &dbConfig
- mariadbService: vfc-mariadb
- mariadbPort: 3306
- mariadbRootPasswordExternalSecret: *dbRootPassSecret
-
vfc-generic-vnfm-driver:
enabled: true
@@ -70,26 +75,22 @@
vfc-nslcm:
enabled: true
- config:
- << : *dbConfig
+ mariadb-galera: *localMariadb
vfc-redis:
enabled: true
vfc-vnflcm:
enabled: true
- config:
- << : *dbConfig
+ mariadb-galera: *localMariadb
vfc-vnfmgr:
enabled: true
- config:
- << : *dbConfig
+ mariadb-galera: *localMariadb
vfc-vnfres:
enabled: true
- config:
- << : *dbConfig
+ mariadb-galera: *localMariadb
# sub-chart configuration
vfc-workflow: