Apply Cert changes
Issue-ID: AAF-822
Change-Id: I3185d827f3f67cb177534f7c7f3281375b77c613
Signed-off-by: Instrumental <jonathan.gathman@att.com>
diff --git a/kubernetes/aaf/charts/aaf-cass/.helmignore b/kubernetes/aaf/charts/aaf-cass/.helmignore
new file mode 100644
index 0000000..daebc7d
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cass/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/aaf/charts/aaf-cass/Chart.yaml b/kubernetes/aaf/charts/aaf-cass/Chart.yaml
new file mode 100644
index 0000000..f06d149
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cass/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAF cassandra
+name: aaf-cass
+version: 4.0.0
diff --git a/kubernetes/aaf/charts/aaf-cass/templates/NOTES.txt b/kubernetes/aaf/charts/aaf-cass/templates/NOTES.txt
new file mode 100644
index 0000000..bd74a42
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cass/templates/NOTES.txt
@@ -0,0 +1,33 @@
+# Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml
new file mode 100644
index 0000000..c664d03
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml
@@ -0,0 +1,118 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.global.aaf.cass.replicas }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: {{ .Values.global.repository }}/onap/aaf/aaf_cass:{{.Values.global.aaf.imageVersion}}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ # installing with cmd "onap" will not only initialize the DB, but add ONAP bootstrap data as well
+ command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"]
+ lifecycle:
+ preStop:
+ exec:
+ command: ["/bin/sh","-c","rm /opt/app/aaf/status/aaf-cass"]
+ ports:
+ - name: storage
+ containerPort: {{.Values.global.aaf.cass.storage_port}}
+ - name: ssl-storage
+ containerPort: {{.Values.global.aaf.cass.ssl_storage_port}}
+ - name: native-trans
+ containerPort: {{.Values.global.aaf.cass.native_trans_port}}
+ - name: rpc
+ containerPort: {{.Values.global.aaf.cass.rpc_port}}
+ env:
+ - name: CASSANDRA_CLUSTER_NAME
+ value: {{.Values.global.aaf.cass.cluster_name}}
+ - name: CASSANDRA_DC
+ value: {{.Values.global.aaf.cass.dc}}
+ - name: HEAP_NEWSIZE
+ value: {{.Values.global.aaf.cass.heap_new_size}}
+ - name: MAX_HEAP_SIZE
+ value: {{.Values.global.aaf.cass.max_heap_size}}
+ - name: MY_POD_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.name
+ - name: MY_POD_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: MY_POD_IP
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
+ volumeMounts:
+ - mountPath: /var/lib/cassandra
+ name: aaf-cass-vol
+ - mountPath: /opt/app/aaf/status
+ name: aaf-status-vol
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{.Values.global.aaf.cass.native_trans_port}}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{.Values.global.aaf.cass.native_trans_port}}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ resources:
+{{ include "common.resources" . | indent 10 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: aaf-status-vol
+ persistentVolumeClaim:
+ claimName: {{ .Release.Name }}-aaf-status-pvc
+ - name: aaf-cass-vol
+ {{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}-pvc
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml b/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml
new file mode 100644
index 0000000..8249d84
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml
@@ -0,0 +1,44 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-pv
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.size}}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
diff --git a/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml b/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml
new file mode 100644
index 0000000..4f9dac0
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml
@@ -0,0 +1,48 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" .}}-pvc
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
diff --git a/kubernetes/aaf/charts/aaf-cass/templates/service.yaml b/kubernetes/aaf/charts/aaf-cass/templates/service.yaml
new file mode 100644
index 0000000..71882b1
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cass/templates/service.yaml
@@ -0,0 +1,49 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+# annotations:
+# service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - name: storage
+ protocol: TCP
+ port: {{.Values.global.aaf.cass.storage_port}}
+ containerPort: {{.Values.global.aaf.cass.storage_port}}
+ - name: ssl-storage
+ protocol: TCP
+ port: {{.Values.global.aaf.cass.ssl_storage_port}}
+ containerPort: {{.Values.global.aaf.cass.ssl_storage_port}}
+ - name: native-trans
+ protocol: TCP
+ port: {{.Values.global.aaf.cass.native_trans_port}}
+ containerPort: {{.Values.global.aaf.cass.native_trans_port}}
+ - name: rpc
+ protocol: TCP
+ port: {{.Values.global.aaf.cass.rpc_port}}
+ containerPort: {{.Values.global.aaf.cass.rpc_port}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ clusterIP: None
diff --git a/kubernetes/aaf/charts/aaf-cass/values.yaml b/kubernetes/aaf/charts/aaf-cass/values.yaml
new file mode 100644
index 0000000..ee05a19
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cass/values.yaml
@@ -0,0 +1,90 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+flavor: small
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application configuration
+config: {}
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 120
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 5
+ periodSeconds: 10
+
+service:
+ name: aaf-cass
+ type: ClusterIP
+ portName: aaf-cass
+ #targetPort
+ internalPort: 7000
+ #port
+ externalPort: 7000
+
+ internalPort2: 7001
+ externalPort2: 7001
+ internalPort3: 9042
+ externalPort3: 9042
+ internalPort4: 9160
+ externalPort4: 9160
+
+ingress:
+ enabled: false
+
+# Configure resource requests and limits
+resources: {}
+ # Following AAI's advice, and not trying to guess on Cass usage. Guessing just makes it slow
+# small:
+# limits:
+# cpu: "1000m"
+# memory: 4096Mi
+# requests:
+# cpu: 20m
+# memory: 2048Mi
+# large:
+# limits:
+# cpu: 400m
+# memory: 12000Mi
+# requests:
+# cpu: 40m
+# memory: 9000Mi
+# unlimited: {}
+
+persistence:
+ enabled: true
+ #existingClaim:
+ mountPath: /dockerdata-nfs
+ mountSubPath: "cass"
+ volumeReclaimPolicy: Retain
+ accessMode: ReadWriteOnce
+ size: 20Gi
+ storageClass: "manual"