Merge "[DCAE] Policy-handler version revision for bugfix"
diff --git a/docs/index.rst b/docs/index.rst
index 68b38de..639e069 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -1,7 +1,7 @@
.. This work is licensed under a Creative Commons Attribution 4.0
.. International License.
.. http://creativecommons.org/licenses/by/4.0
-.. Copyright 2018-2020 Amdocs, Bell Canada, Orange, Samsung
+.. Copyright 2018-2021 Amdocs, Bell Canada, Orange, Samsung, Nokia
.. _master_index:
@@ -15,6 +15,7 @@
oom_quickstart_guide_helm3.rst
oom_user_guide.rst
oom_user_guide_helm3.rst
+ oom_setup_paas.rst
oom_developer_guide.rst
oom_cloud_setup_guide.rst
release-notes.rst
diff --git a/docs/oom_setup_paas.rst b/docs/oom_setup_paas.rst
new file mode 100644
index 0000000..9d90558
--- /dev/null
+++ b/docs/oom_setup_paas.rst
@@ -0,0 +1,103 @@
+.. This work is licensed under a Creative Commons Attribution 4.0
+.. International License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright 2021 Nokia
+
+.. Links
+.. _Cert-Manager Installation documentation: https://cert-manager.io/docs/installation/kubernetes/
+.. _Cert-Manager kubectl plugin documentation: https://cert-manager.io/docs/usage/kubectl-plugin/
+
+.. _oom_setup_paas:
+
+ONAP PaaS set-up (optional)
+###########################
+
+Starting from Honolulu release, Cert-Manager and Prometheus Stack are a part
+of k8s PaaS for ONAP operations and can be optionally installed to provide
+additional functionality for ONAP engineers.
+
+The versions of PaaS compoents that are supported by OOM are as follows:
+
+.. table:: ONAP PaaS components
+
+ ============== ============= =================
+ Release Cert-Manager Prometheus Stack
+ ============== ============= =================
+ honolulu 1.2.0 13.x
+ ============== ============= =================
+
+This guide provides instructions on how to install the following PaaS
+components for ONAP:
+
+- Cert-Manager
+- Prometheus Stack
+
+Cert-Manager
+============
+
+Cert-Manager is a native Kubernetes certificate management controller.
+It can help with issuing certificates from a variety of sources, such as
+Let’s Encrypt, HashiCorp Vault, Venafi, a simple signing key pair, self
+signed or external issuers. It ensures certificates are valid and up to
+date, and attempt to renew certificates at a configured time before expiry.
+
+Installation steps
+------------------
+
+The recommended version of Cert-Manager for Kubernetes 1.19 is v1.2.0.
+Cert-Manager is deployed using regular YAML manifests which include all
+the needed resources (the CustomResourceDefinitions, cert-manager,
+namespace, and the webhook component).
+
+Full installation instructions, including details on how to configure extra
+functionality in Cert-Manager can be found in the
+`Cert-Manager Installation documentation`_.
+
+There is also a kubectl plugin (kubectl cert-manager) that can help you
+to manage cert-manager resources inside your cluster. For installation
+steps, please refer to `Cert-Manager kubectl plugin documentation`_.
+
+Installation can be as simple as::
+
+ > kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.2.0/cert-manager.yaml
+
+Prometheus Stack
+================
+
+Prometheus is an open-source systems monitoring and alerting toolkit with
+an active ecosystem.
+
+Kube Prometheus Stack is a collection of Kubernetes manifests, Grafana
+dashboards, and Prometheus rules combined with documentation and scripts to
+provide easy to operate end-to-end Kubernetes cluster monitoring with
+Prometheus using the Prometheus Operator. As it includes both Prometheus
+Operator and Grafana dashboards, there is no need to set up them separately.
+
+Installation steps
+------------------
+
+The recommended version of kube-prometheus-stack chart for
+Kubernetes 1.19 is 13.x (which is currently the latest major chart version),
+for example 13.3.1.
+
+In order to install Prometheus Stack, you must follow these steps:
+
+- Create the namespace for Prometheus Stack::
+
+ > kubectl create namespace prometheus
+
+- Add the prometheus-community Helm repository::
+
+ > helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+
+- Update your local Helm chart repository cache::
+
+ > helm repo update
+
+- To install the kube-prometheus-stack Helm chart in latest version::
+
+ > helm install prometheus prometheus-community/kube-prometheus-stack --namespace=prometheus
+
+ To install the kube-prometheus-stack Helm chart in specific version, for example 13.3.1::
+
+ > helm install prometheus prometheus-community/kube-prometheus-stack --namespace=prometheus --version=13.3.1
diff --git a/kubernetes/a1policymanagement/templates/deployment.yaml b/kubernetes/a1policymanagement/templates/deployment.yaml
index 43431f0..822c0e3 100644
--- a/kubernetes/a1policymanagement/templates/deployment.yaml
+++ b/kubernetes/a1policymanagement/templates/deployment.yaml
@@ -107,10 +107,10 @@
- name: {{ include "common.fullname" . }}-policy-conf-input
configMap:
name: {{ include "common.fullname" . }}-policy-conf
- defaultMode: 0555
- name: {{ include "common.fullname" . }}-envsubst-scripts
configMap:
name: {{ include "common.fullname" . }}-envsubst-scripts
+ defaultMode: 0555
- name: config
emptyDir:
medium: Memory
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat
index 8f18203..30d20ab 100644
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat
+++ b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat
@@ -47,6 +47,7 @@
policy@policy.onap.org|policy_onap|local|/opt/app/osaaf/local||mailto:|org.onap.policy|root|30|{'*.pdp', '*.pdp.onap.svc.cluster.local', 'brmsgw', 'brmsgw.onap', 'drools', 'drools.onap', 'pap', 'pap.onap', 'pdp', 'pdp.onap', 'policy', 'policy-apex-pdp', 'policy-apex-pdp.onap', 'policy-distribution', 'policy-distribution.onap', 'policy.api.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'pkcs12'}
pomba@pomba.onap.org|onap.pomba|local|/opt/app/osaaf/local||mailto:|org.onap.pomba|root|30|{'onap.pomba', 'onap_pomba', 'pomba', 'pomba.api.simpledemo.onap.org', 'pomba.onap', 'pomba_onap'}|aaf_admin@osaaf.org|{'jks', 'pkcs12', 'script'}
portal@portal.onap.org|portal|local|/opt/app/osaaf/local||mailto:|org.onap.portal|root|30|{'onap.portal', 'onap_portal', 'portal', 'portal-app', 'portal.api.simpledemo.onap.org', 'portal.onap', 'portal_onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
+refrepo@refrepo.onap.org|refrepo|local|/opt/app/osaaf/local||mailto:|org.onap.refrepo|root|30|{'refrepo', 'refrepo.api.simpledemo.onap.org', 'refrepo.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12'}
sdc@sdc.onap.org|sdc-fe.onap|local|/opt/app/osaaf/local||mailto:|org.onap.sdc|root|30|{'sdc-fe.onap', 'sdc.api.simpledemo.onap.org', 'sdc.onap'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
sdc@sdc.onap.org|sdc|local|/opt/app/osaaf/local||mailto:|org.onap.sdc|root|60|{'*.onap', '*.onap.org', 'sdc', 'sdc-be.onap', 'sdc-dcae-be.onap', 'sdc-dcae-dt.onap', 'sdc-dcae-fe.onap', 'sdc-dcae-tosca-lab.onap', 'sdc-es.onap', 'sdc-fe.onap', 'sdc-kb.onap', 'sdc-onap.org', 'sdc-onboarding-be.onap', 'sdc-wfd-be.onap', 'sdc-wfd-fe.onap', 'sdc.api.fe.simpledemo.onap.org', 'sdc.api.simpledemo.onap.org', 'sdc.dcae.plugin.simpledemo.onap.org', 'sdc.workflow.plugin.simpledemo.onap.org', 'webseal.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
sdc@sdc.onap.org|sdc.onap|local|/opt/app/osaaf/local||mailto:|org.onap.sdc|root|60|{'*.onap', '*.onap.org', 'sdc', 'sdc-be.onap', 'sdc-dcae-be.onap', 'sdc-dcae-dt.onap', 'sdc-dcae-fe.onap', 'sdc-dcae-tosca-lab.onap', 'sdc-es.onap', 'sdc-fe.onap', 'sdc-kb.onap', 'sdc-onap.org', 'sdc-onboarding-be.onap', 'sdc-wfd-be.onap', 'sdc-wfd-fe.onap', 'sdc.api.fe.simpledemo.onap.org', 'sdc.api.simpledemo.onap.org', 'sdc.dcae.plugin.simpledemo.onap.org', 'sdc.workflow.plugin.simpledemo.onap.org', 'webseal.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/cred.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/cred.dat
index bcbffdc..5e3e3e3 100644
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/cred.dat
+++ b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/cred.dat
@@ -24,6 +24,7 @@
msb-eag@msb-eag.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.msb-eag|53344||
msb-iag@msb-iag.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.msb-iag|53344||
music@music.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.music|53344||
+refrepo@refrepo.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.refrepo|53344||
vid@vid.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vid|53344||
vid1@vid1.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vid1|53344||
vid2@vid2.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vid2|53344||
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns.dat
index 7c5ee26..5cce1d1 100644
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns.dat
+++ b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns.dat
@@ -66,6 +66,7 @@
org.onap.pomba||org.onap||3
org.onap.portal|ONAP Portal|org.onap.portal|3|3
org.onap.portal.test||org.onap.portal||3
+org.onap.refrepo||org.onap||3
org.onap.sdc||org.onap||3
org.onap.sdnc-cds||org.onap||3
org.onap.sdnc||org.onap||3
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/perm.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/perm.dat
index 281133b..eaf710d 100644
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/perm.dat
+++ b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/perm.dat
@@ -445,6 +445,9 @@
org.onap.portal|url|userAppRoles|*|userAppRoles|"{'org.onap.portal|Account_Administrator'}"
org.onap.portal|url|userApps|*|User Apps|"{'org.onap.portal|Account_Administrator'}"
org.onap.portal|url|view_reports|*|View Raptor reports|
+org.onap.refrepo|access|*|*|AAF Namespace Write Access|"{'org.onap.refrepo|admin', 'org.onap.refrepo|service'}"
+org.onap.refrepo|access|*|read|AAF Namespace Read Access|"{'org.onap.refrepo|owner'}"
+org.onap.refrepo|certman|local|request,ignoreIPs,showpass||"{'org.onap.refrepo|admin', 'org.onap.refrepo|seeCerts', 'org.osaaf.aaf|deploy'}"
org.onap.sdc|access|*|*|AAF Namespace Write Access|"{'org.onap.sdc|admin'}"
org.onap.sdc|access|*|read|AAF Namespace Read Access|"{'org.onap.sdc|owner'}"
org.onap.sdc|administrator.access|*|*||"{'org.onap.sdc|admin'}"
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/role.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/role.dat
index 87a2274..4072707 100644
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/role.dat
+++ b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/role.dat
@@ -277,6 +277,10 @@
org.onap.portal.test|owner|AAF Namespace Owners|"{'org.onap.portal.test|access|*|read'}"
org.onap.portal.test|user1||
org.onap.portal|Usage_Analyst|Usage Analyst|"{'org.onap.portal|menu|menu_admin|*', 'org.onap.portal|menu|menu_task_search|*', 'org.onap.portal|menu|menu_task|*', 'org.onap.portal|menu|menu_web_analytics|*'}"
+org.onap.refrepo|admin|AAF Namespace Administrators|"{'org.onap.refrepo|access|*|*', 'org.onap.refrepo|certman|local|request,ignoreIPs,showpass'}"
+org.onap.refrepo|owner|AAF Namespace Owners|"{'org.onap.refrepo|access|*|read'}"
+org.onap.refrepo|seeCerts||"{'org.onap.refrepo|certman|local|request,ignoreIPs,showpass'}"
+org.onap.refrepo|service||"{'org.onap.refrepo|access|*|*'}"
org.onap.sdc|Account_Administrator||
org.onap.sdc|admin|AAF Namespace Administrators|"{'org.onap.oof|certman|local|request,ignoreIPs,showpass', 'org.onap.sdc|access|*|*', 'org.onap.sdc|administrator.access|*|*', 'org.onap.sdc|certman|local|request,ignoreIPs,showpass'}"
org.onap.sdc|ADMIN|ADMIN|
@@ -323,7 +327,7 @@
org.openecomp.dmaapBC|owner|AAF Owners|"{'org.openecomp.dmaapBC.access|*|read'}"
org.openecomp|owner|OpenEcomp Owners|"{'org.openecomp.access|*|read'}"
org.osaaf.aaf|admin|AAF Admins|"{'org.osaaf.aaf.access|*|*', 'org.osaaf.aaf|cache|all|clear', 'org.osaaf.aaf|cache|role|clear', 'org.osaaf.aaf|password|*|create,reset'}"
-org.osaaf.aaf|deploy|ONAP Deployment Role|"{'org.onap.a1p|certman|local|request,ignoreIPs,showpass', 'org.onap.aaf-sms|certman|local|request,ignoreIPs,showpass', 'org.onap.aai|certman|local|request,ignoreIPs,showpass', 'org.onap.aai-resources|certman|local|request,ignoreIPs,showpass', 'org.onap.aai-traversal|certman|local|request,ignoreIPs,showpass', 'org.onap.appc|certman|local|request,ignoreIPs,showpass', 'org.onap.appc-cdt|certman|local|request,ignoreIPs,showpass', 'org.onap.clamp|certman|local|request,ignoreIPs,showpass', 'org.onap.cli|certman|local|request,ignoreIPs,showpass', 'org.onap.dcae|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc-mm-prov|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc-topic-mgr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-mr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap.mr|certman|local|request,ignoreIPs,showpass', 'org.onap.msb-eag|certman|local|request,ignoreIPs,showpass', 'org.onap.msb-iag|certman|local|request,ignoreIPs,showpass', 'org.onap.music|certman|local|request,ignoreIPs,showpass', 'org.onap.nbi|certman|local|request,ignoreIPs,showpass', 'org.onap.oof|certman|local|request,ignoreIPs,showpass', 'org.onap.policy|certman|local|request,ignoreIPs,showpass', 'org.onap.pomba|certman|local|request,ignoreIPs,showpass', 'org.onap.portal|certman|local|request,ignoreIPs,showpass', 'org.onap.sdc|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc-cds|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc|certman|local|request,ignoreIPs,showpass', 'org.onap.so|certman|local|request,ignoreIPs,showpass', 'org.onap.vfc|certman|local|request,ignoreIPs,showpass', 'org.onap.vid1|certman|local|request,ignoreIPs,showpass', 'org.onap.vid2|certman|local|request,ignoreIPs,showpass', 'org.onap.vid|certman|local|request,ignoreIPs,showpass', 'org.osaaf.aaf|certman|local|request,ignoreIPs,showpass'}"
+org.osaaf.aaf|deploy|ONAP Deployment Role|"{'org.onap.a1p|certman|local|request,ignoreIPs,showpass', 'org.onap.aaf-sms|certman|local|request,ignoreIPs,showpass', 'org.onap.aai|certman|local|request,ignoreIPs,showpass', 'org.onap.aai-resources|certman|local|request,ignoreIPs,showpass', 'org.onap.aai-traversal|certman|local|request,ignoreIPs,showpass', 'org.onap.appc|certman|local|request,ignoreIPs,showpass', 'org.onap.appc-cdt|certman|local|request,ignoreIPs,showpass', 'org.onap.clamp|certman|local|request,ignoreIPs,showpass', 'org.onap.cli|certman|local|request,ignoreIPs,showpass', 'org.onap.dcae|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc-mm-prov|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc-topic-mgr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-mr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap.mr|certman|local|request,ignoreIPs,showpass', 'org.onap.msb-eag|certman|local|request,ignoreIPs,showpass', 'org.onap.msb-iag|certman|local|request,ignoreIPs,showpass', 'org.onap.music|certman|local|request,ignoreIPs,showpass', 'org.onap.nbi|certman|local|request,ignoreIPs,showpass', 'org.onap.oof|certman|local|request,ignoreIPs,showpass', 'org.onap.policy|certman|local|request,ignoreIPs,showpass', 'org.onap.pomba|certman|local|request,ignoreIPs,showpass', 'org.onap.portal|certman|local|request,ignoreIPs,showpass', 'org.onap.refrepo|certman|local|request,ignoreIPs,showpass', 'org.onap.sdc|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc-cds|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc|certman|local|request,ignoreIPs,showpass', 'org.onap.so|certman|local|request,ignoreIPs,showpass', 'org.onap.vfc|certman|local|request,ignoreIPs,showpass', 'org.onap.vid1|certman|local|request,ignoreIPs,showpass', 'org.onap.vid2|certman|local|request,ignoreIPs,showpass', 'org.onap.vid|certman|local|request,ignoreIPs,showpass', 'org.osaaf.aaf|certman|local|request,ignoreIPs,showpass'}"
org.osaaf.aaf|owner|AAF Owners|"{'org.osaaf.aaf.access|*|read,approve'}"
org.osaaf.aaf|service||"{'org.osaaf.aaf|cache|*|clear'}"
org.osaaf|admin|OSAAF Admins|"{'org.osaaf.access|*|*'}"
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/user_role.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/user_role.dat
index b849f8c..41af043 100644
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/user_role.dat
+++ b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/user_role.dat
@@ -75,6 +75,7 @@
mmanager@people.osaaf.org|org.onap.pomba.owner|2020-11-26 12:31:54.000+0000|org.onap.pomba|owner
mmanager@people.osaaf.org|org.onap.portal.admin|2020-11-26 12:31:54.000+0000|org.onap.portal|admin
mmanager@people.osaaf.org|org.onap.portal.owner|2020-11-26 12:31:54.000+0000|org.onap.portal|owner
+mmanager@people.osaaf.org|org.onap.refrepo.owner|2020-11-26 12:31:54.000+0000|org.onap.refrepo|owner
mmanager@people.osaaf.org|org.onap.sdc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdc|admin
mmanager@people.osaaf.org|org.onap.sdc.owner|2020-11-26 12:31:54.000+0000|org.onap.sdc|owner
mmanager@people.osaaf.org|org.onap.sdnc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc|admin
@@ -240,6 +241,7 @@
aaf_admin@people.osaaf.org|org.onap.policy.admin|2020-11-26 12:31:54.000+0000|org.onap.policy|admin
aaf_admin@people.osaaf.org|org.onap.pomba.admin|2020-11-26 12:31:54.000+0000|org.onap.pomba|admin
aaf_admin@people.osaaf.org|org.onap.portal.admin|2020-11-26 12:31:54.000+0000|org.onap.portal|admin
+aaf_admin@people.osaaf.org|org.onap.refrepo.admin|2020-11-26 12:31:54.000+0000|org.onap.refrepo|admin
aaf_admin@people.osaaf.org|org.onap.sdc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdc|admin
aaf_admin@people.osaaf.org|org.onap.sdnc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc|admin
aaf_admin@people.osaaf.org|org.onap.sdnc-cds.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc-cds|admin
@@ -337,6 +339,8 @@
nbi@nbi.onap.org|org.onap.nbi.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.nbi|seeCerts
nbi@nbi.onap.org|org.onap.nbi.service|2020-11-26 12:31:54.000+0000|org.onap.nbi|service
music@music.onap.org|org.onap.music.service|2020-11-26 12:31:54.000+0000|org.onap.music|service
+refrepo@refrepo.onap.org|org.onap.refrepo.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.refrepo|seeCerts
+refrepo@refrepo.onap.org|org.onap.refrepo.service|2020-11-26 12:31:54.000+0000|org.onap.refrepo|service
vid@vid.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
vid@vid.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
vid@vid.onap.org|org.onap.vid.service|2020-11-26 12:31:54.000+0000|org.onap.vid|service
diff --git a/kubernetes/aaf/resources/data/identities.dat b/kubernetes/aaf/resources/data/identities.dat
index 1b3f15d..7b123cc 100644
--- a/kubernetes/aaf/resources/data/identities.dat
+++ b/kubernetes/aaf/resources/data/identities.dat
@@ -72,6 +72,7 @@
msb-eag|ONAP MSB EAG Application|MSB EAG|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
msb-iag|ONAP MSB IAG Application|MSB IAG|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
music|ONAP MUSIC Application|MUSIC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+refrepo|ONAP REFREPO Application|REFREPO|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
# VID Identities
vid|ONAP VID Application|VID|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
vid1|ONAP VID Application 1|VID 1|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
diff --git a/kubernetes/cps/resources/config/application.yml b/kubernetes/cps/resources/config/application.yml
old mode 100644
new mode 100755
index 983a754..3fa080e
--- a/kubernetes/cps/resources/config/application.yml
+++ b/kubernetes/cps/resources/config/application.yml
@@ -1,6 +1,7 @@
{{/*
# Copyright (C) 2021 Pantheon.tech
# Modifications Copyright (C) 2020 Bell Canada. All rights reserved.
+ # Modifications Copyright (C) 2021 Nordix Foundation. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -46,6 +47,11 @@
cache-names: yangSchema
caffeine:
spec: maximumSize=10000,expireAfterAccess=10m
+
+ liquibase:
+ change-log: classpath:changelog/changelog-master.yaml
+ labels: ${LIQUIBASE_LABELS}
+
# Actuator
management:
endpoints:
diff --git a/kubernetes/cps/templates/deployment.yaml b/kubernetes/cps/templates/deployment.yaml
old mode 100644
new mode 100755
index e15ae71..4f87d20
--- a/kubernetes/cps/templates/deployment.yaml
+++ b/kubernetes/cps/templates/deployment.yaml
@@ -1,6 +1,7 @@
{{/*
# Copyright (C) 2021 Pantheon.tech, Orange
# Modifications Copyright (C) 2020 Bell Canada. All rights reserved.
+# Modifications Copyright (C) 2021 Nordix Foundation. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -40,6 +41,8 @@
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "login") | indent 12 }}
- name: DB_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 12 }}
+ - name: LIQUIBASE_LABELS
+ value: {{ .Values.config.liquibaseLabels }}
volumeMounts:
- mountPath: /config-input
name: init-data-input
diff --git a/kubernetes/cps/values.yaml b/kubernetes/cps/values.yaml
old mode 100644
new mode 100755
index ee797a5..2c28231
--- a/kubernetes/cps/values.yaml
+++ b/kubernetes/cps/values.yaml
@@ -41,9 +41,13 @@
virtualhost:
baseurl: "simpledemo.onap.org"
-image: onap/cps-and-nf-proxy:0.0.1
+image: onap/cps-and-nf-proxy:1.0.0
containerPort: &svc_port 8080
+config:
+ # Set it for pre loading xnfdata, else set to null
+ liquibaseLabels: xnf-data-preload
+
service:
type: ClusterIP
name: cps
@@ -140,4 +144,4 @@
readinessCheck:
wait_for:
- - cps-postgres
\ No newline at end of file
+ - cps-postgres
diff --git a/kubernetes/dcaegen2-services/.gitignore b/kubernetes/dcaegen2-services/.gitignore
new file mode 100644
index 0000000..3c6a19f
--- /dev/null
+++ b/kubernetes/dcaegen2-services/.gitignore
@@ -0,0 +1,3 @@
+*.lock
+charts/
+dist/
diff --git a/kubernetes/dcaegen2-services/.helmignore b/kubernetes/dcaegen2-services/.helmignore
new file mode 100644
index 0000000..50af031
--- /dev/null
+++ b/kubernetes/dcaegen2-services/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/kubernetes/dcaegen2-services/Chart.yaml b/kubernetes/dcaegen2-services/Chart.yaml
new file mode 100644
index 0000000..6f0d065
--- /dev/null
+++ b/kubernetes/dcaegen2-services/Chart.yaml
@@ -0,0 +1,22 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2020 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+appVersion: "Honolulu"
+description: DCAE Microservices
+name: dcaegen2-services
+version: 7.0.0
diff --git a/kubernetes/dcaegen2-services/Makefile b/kubernetes/dcaegen2-services/Makefile
new file mode 100644
index 0000000..bf267b7
--- /dev/null
+++ b/kubernetes/dcaegen2-services/Makefile
@@ -0,0 +1,51 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES :=
+HELM_BIN := helm
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
+ @$(HELM_BIN) repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
diff --git a/kubernetes/dcaegen2-services/common/Makefile b/kubernetes/dcaegen2-services/common/Makefile
new file mode 100644
index 0000000..bf267b7
--- /dev/null
+++ b/kubernetes/dcaegen2-services/common/Makefile
@@ -0,0 +1,51 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES :=
+HELM_BIN := helm
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
+ @$(HELM_BIN) repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/Chart.yaml b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/Chart.yaml
new file mode 100644
index 0000000..5a15ea9
--- /dev/null
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/Chart.yaml
@@ -0,0 +1,22 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2020 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+appVersion: "Honolulu"
+description: DCAE Microservices Common templates
+name: dcaegen2-services-common
+version: 7.0.0
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/requirements.yaml b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/requirements.yaml
new file mode 100644
index 0000000..bf6b86b
--- /dev/null
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/requirements.yaml
@@ -0,0 +1,18 @@
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: '@local'
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl
new file mode 100644
index 0000000..46f52b8
--- /dev/null
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_configmap.tpl
@@ -0,0 +1,65 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2019 AT&T
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+dcaegen2-services-common.configMap:
+This template produces Kubernetes configMap(s) needed by a
+DCAE microservice.
+
+The template expects the full chart context as input. A chart for a
+DCAE microservice references this template using:
+{{ include "dcaegen2-services-common.configMap" . }}
+The template directly references data in .Values, and indirectly (through its
+use of templates from the ONAP "common" collection) references data in
+.Release.
+
+The template always produces a configMap containing the microservice's
+initial configuration data. This configMap is used by an initContainer
+that loads the configuration into Consul. (See the documentation for
+dcaegen2-services-common.microserviceDeployment for more details.)
+
+If the microservice is using a logging sidecar (again, see the documentation
+for dcaegen2-services-common.microserviceDeployment for more details), the
+template generates an additiona configMap that supplies configuration
+information for the logging sidecar.
+*/}}
+
+{{- define "dcaegen2-services-common.configMap" -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-application-config-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels: {{ include "common.labels" . | nindent 6 }}
+data:
+ application_config.yaml: |
+{{ .Values.applicationConfig | toYaml | indent 4 }}
+
+{{- if .Values.logDirectory }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-filebeat-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels: {{ include "common.labels" . | nindent 6 }}
+data:
+ filebeat.yml: |-
+{{ include "dcaegen2-services-common.filebeatConfiguration" . | indent 4 }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
new file mode 100644
index 0000000..c03be83
--- /dev/null
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
@@ -0,0 +1,239 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+{{/*
+dcaegen2-services-common.microserviceDeployment:
+This template produces a Kubernetes Deployment for a DCAE microservice.
+
+All DCAE microservices currently use very similar Deployments. Having a
+common template eliminates a lot of repetition in the individual charts
+for each microservice.
+
+The template expects the full chart context as input. A chart for a
+DCAE microservice references this template using:
+{{ include "dcaegen2-services-common.microserviceDeployment" . }}
+The template directly references data in .Values, and indirectly (through its
+use of templates from the ONAP "common" collection) references data in
+.Release.
+
+The exact content of the Deployment generated from this template
+depends on the content of .Values.
+
+The Deployment always includes a single Pod, with a container that uses
+the DCAE microservice image.
+
+The Deployment Pod may also include a logging sidecar container.
+The sidecar is included if .Values.logDirectory is set. The
+logging sidecar and the DCAE microservice container share a
+volume where the microservice logs are written.
+
+The Deployment includes an initContainer that pushes the
+microservice's initial configuration (from .Values.applicationConfig)
+into Consul. All DCAE microservices retrieve their initial
+configurations by making an API call to a DCAE platform component called
+the config-binding-service. The config-binding-service currently
+retrieves configuration information from Consul.
+
+The Deployment also includes an initContainer that checks for the
+readiness of other components that the microservice relies on.
+This container is generated by the "common.readinessCheck.waitfor"
+template.
+
+If the microservice acts as a TLS client or server, the Deployment will
+include an initContainer that retrieves certificate information from
+the AAF certificate manager. The information is mounted at the
+mount point specified in .Values.certDirectory. If the microservice is
+a TLS server (indicated by setting .Values.tlsServer to true), the
+certificate information will include a server cert and key, in various
+formats. It will also include the AAF CA cert. If the microservice is
+a TLS client only (indicated by setting .Values.tlsServer to false), the
+certificate information includes only the AAF CA cert.
+*/}}
+
+{{- define "dcaegen2-services-common.microserviceDeployment" -}}
+{{- $logDir := default "" .Values.logDirectory -}}
+{{- $certDir := default "" .Values.certDirectory . -}}
+{{- $tlsServer := default "" .Values.tlsServer -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+spec:
+ replicas: 1
+ selector: {{- include "common.selectors" . | nindent 4 }}
+ template:
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+ spec:
+ initContainers:
+ - command:
+ - sh
+ args:
+ - -c
+ - |
+ {{- range $var := .Values.customEnvVars }}
+ export {{ $var.name }}="{{ $var.value }}";
+ {{- end }}
+ cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done
+ env:
+ {{- range $cred := .Values.credentials }}
+ - name: {{ $cred.name }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" $ "uid" $cred.uid "key" $cred.key) | indent 10 }}
+ {{- end }}
+ volumeMounts:
+ - mountPath: /config-input
+ name: app-config-input
+ - mountPath: /config
+ name: app-config
+ image: {{ include "repositoryGenerator.image.envsubst" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-update-config
+
+ {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
+ - name: init-consul
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.consulLoaderImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ args:
+ - --key-yaml
+ - "{{ include "common.name" . }}|/app-config/application_config.yaml"
+ resources: {{ include "common.resources" . | nindent 2 }}
+ volumeMounts:
+ - mountPath: /app-config
+ name: app-config
+ {{- if $certDir }}
+ - name: init-tls
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.tlsImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: TLS_SERVER
+ value: {{ $tlsServer | quote }}
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ resources: {{ include "common.resources" . | nindent 2 }}
+ volumeMounts:
+ - mountPath: /opt/app/osaaf
+ name: tls-info
+ {{- end }}
+ containers:
+ - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}
+ env:
+ {{- if $certDir }}
+ - name: DCAE_CA_CERTPATH
+ value: {{ $certDir}}/cacert.pem
+ {{- end }}
+ - name: CONSUL_HOST
+ value: consul-server.onap
+ - name: CONFIG_BINDING_SERVICE
+ value: config-binding-service
+ - name: CBS_CONFIG_URL
+ value: https://config-binding-service:10443/service_component_all/{{ include "common.name" . }}
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ {{- if .Values.applicationEnv }}
+ {{- range $envName, $envValue := .Values.applicationEnv }}
+ - name: {{ $envName }}
+ value: {{ $envValue | quote }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.service }}
+ ports: {{ include "common.containerPorts" . | nindent 10 }}
+ {{- end }}
+ {{- if .Values.readiness }}
+ readinessProbe:
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds | default 5 }}
+ periodSeconds: {{ .Values.readiness.periodSeconds | default 15 }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds | default 1 }}
+ {{- $probeType := .Values.readiness.type | default "httpGet" -}}
+ {{- if eq $probeType "httpGet" }}
+ httpGet:
+ scheme: {{ .Values.readiness.scheme }}
+ path: {{ .Values.readiness.path }}
+ port: {{ .Values.readiness.port }}
+ {{- end }}
+ {{- if eq $probeType "exec" }}
+ exec:
+ command:
+ {{- range $cmd := .Values.readiness.command }}
+ - {{ $cmd }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+ resources: {{ include "common.resources" . | nindent 2 }}
+ {{- if or $logDir $certDir }}
+ volumeMounts:
+ {{- if $logDir }}
+ - mountPath: {{ $logDir}}
+ name: component-log
+ {{- end }}
+ {{- if $certDir }}
+ - mountPath: {{ $certDir }}
+ name: tls-info
+ {{- end }}
+ {{- end }}
+ {{- if $logDir }}
+ - image: {{ include "repositoryGenerator.image.logging" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: filebeat
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ resources: {{ include "common.resources" . | nindent 2 }}
+ volumeMounts:
+ - mountPath: /var/log/onap/{{ include "common.name" . }}
+ name: component-log
+ - mountPath: /usr/share/filebeat/data
+ name: filebeat-data
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ name: filebeat-conf
+ subPath: filebeat.yml
+ {{- end }}
+ hostname: {{ include "common.name" . }}
+ volumes:
+ - configMap:
+ defaultMode: 420
+ name: {{ include "common.fullname" . }}-application-config-configmap
+ name: app-config-input
+ - emptyDir:
+ medium: Memory
+ name: app-config
+ {{- if $logDir }}
+ - emptyDir: {}
+ name: component-log
+ - emptyDir: {}
+ name: filebeat-data
+ - configMap:
+ defaultMode: 420
+ name: {{ include "common.fullname" . }}-filebeat-configmap
+ name: filebeat-conf
+ {{- end }}
+ {{- if $certDir }}
+ - emptyDir: {}
+ name: tls-info
+ {{- end }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+{{ end -}}
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_filebeat-config.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_filebeat-config.tpl
new file mode 100644
index 0000000..a402517
--- /dev/null
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_filebeat-config.tpl
@@ -0,0 +1,86 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+{{/*
+dcaegen2-services-common.filebeatConfiguration:
+This template generates configuration data for filebeat (log file aggregation).
+
+The template is used to create a configMap mounted by a filebeat sidecar pod
+running alongside a DCAE microservice pod.
+
+See dcaegen2-services-common.configMap for more information.
+*/}}
+{{- define "dcaegen2-services-common.filebeatConfiguration" -}}
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["{{.Values.filebeatConfig.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.filebeatConfig.logstashPort}}"]
+ #If enable will do load balancing among availabe Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
+
+logging:
+ level: debug
+
+ # enable file rotation with default configuration
+ to_files: true
+
+ # do not log to syslog
+ to_syslog: false
+
+ files:
+ path: /usr/share/filebeat/logs
+ name: mybeat.log
+ keepfiles: 7
+{{- end -}}
\ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_job.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_job.tpl
new file mode 100644
index 0000000..6d52b2a
--- /dev/null
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_job.tpl
@@ -0,0 +1,61 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+{{/*
+dcaegen2-services-common.consulDeleteJob:
+This template generates a Kubernetes Job that runs when a
+DCAE microservice is deleted. The Job deletes the Consul
+entry that contains the microservice's configuration.
+
+The template expects the full chart context as input. A chart for a
+DCAE microservice references this template using:
+{{ include "dcaegen2-services-common.consulDeleteJob" . }}
+The template directly references data in .Values, and indirectly (through its
+use of templates from the ONAP "common" collection) references data in
+.Release.
+
+The microservice configuration data is loaded into Consul by an
+initContainer that is part of the Kubernetes Deployment for the microservice.
+See the documentation for dcaegen2-services-common.microserviceDeployment
+for more information.
+*/}}
+{{- define "dcaegen2-services-common.consulDeleteJob" -}}
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-delete-config
+ namespace: {{ include "common.namespace" . }}
+ labels: {{ include "common.labels" . | nindent 4 }}
+ annotations:
+ "helm.sh/hook": pre-delete
+ "helm.sh/hook-delete-policy": hook-succeeded,hook-failed
+spec:
+ template:
+ metadata:
+ name: {{ include "common.fullname" . }}-delete-config
+ labels: {{ include "common.labels" . | nindent 8 }}
+ spec:
+ restartPolicy: Never
+ containers:
+ - name: dcae-config-delete
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.consulLoaderImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ args:
+ - --delete-key
+ - {{ include "common.name" . }}
+{{ end -}}
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/values.yaml b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/values.yaml
new file mode 100644
index 0000000..cd69da8
--- /dev/null
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/values.yaml
@@ -0,0 +1,18 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+# dcaegen2-services-common templates get any values from the scope
+# they are passed. There are no locally-defined values.
\ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/Makefile b/kubernetes/dcaegen2-services/components/Makefile
new file mode 100644
index 0000000..bf267b7
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/Makefile
@@ -0,0 +1,51 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES :=
+HELM_BIN := helm
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
+ @$(HELM_BIN) repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml
new file mode 100644
index 0000000..24eb2c3
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml
@@ -0,0 +1,22 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+appVersion: "Honolulu"
+description: DCAE HV VES collector
+name: dcae-hv-ves-collector
+version: 7.0.0
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/requirements.yaml
new file mode 100644
index 0000000..e7601ce
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/requirements.yaml
@@ -0,0 +1,27 @@
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
+ - name: readinessCheck
+ version: ~7.x-0
+ repository: '@local'
+ - name: dcaegen2-services-common
+ version: ~7.x-0
+ repository: 'file://../../common/dcaegen2-services-common'
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/configmap.yaml
new file mode 100644
index 0000000..a7d0acd
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/configmap.yaml
@@ -0,0 +1,20 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "dcaegen2-services-common.configMap" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/deployment.yaml
new file mode 100644
index 0000000..29293c7
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/deployment.yaml
@@ -0,0 +1,20 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/secret.yaml
new file mode 100644
index 0000000..34932b7
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/secret.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/service.yaml
new file mode 100644
index 0000000..c3b0715
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/service.yaml
@@ -0,0 +1,20 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "common.service" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
new file mode 100644
index 0000000..19144b4
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
@@ -0,0 +1,144 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ nodePortPrefixExt: 304
+
+#################################################################
+# Filebeat configuration defaults.
+#################################################################
+filebeatConfig:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+
+#################################################################
+# initContainer images.
+#################################################################
+tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
+consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+image: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.6.0
+pullPolicy: Always
+
+# log directory where logging sidecar should look for log files
+# if absent, no sidecar will be deployed
+logDirectory: /var/log/ONAP/dcae-hv-ves-collector
+
+# directory where TLS certs should be stored
+# if absent, no certs will be retrieved and stored
+certDirectory: /etc/ves-hv/ssl
+
+# TLS role -- set to true if microservice acts as server
+# If true, an init container will retrieve a server cert
+# and key from AAF and mount them in certDirectory.
+tlsServer: true
+
+secrets:
+ - uid: &aafCredsUID aafcreds
+ type: basicAuth
+ login: '{{ .Values.aafCreds.user }}'
+ password: '{{ .Values.aafCreds.password }}'
+ passwordPolicy: required
+
+# dependencies
+readinessCheck:
+ wait_for:
+ - dcae-config-binding-service
+ - aaf-cm
+
+# probe configuration
+readiness:
+ type: exec
+ initialDelaySeconds: 5
+ periodSeconds: 15
+ timeoutSeconds: 2
+ command:
+ - /opt/ves-hv-collector/healthcheck.sh
+
+# service configuration
+service:
+ type: NodePort
+ name: dcae-hv-ves-collector
+ ports:
+ - name: http
+ port: 6061
+ port_protocol: http
+ nodePort: 22
+
+aafCreds:
+ user: admin
+ password: admin_secret
+
+credentials:
+- name: AAF_USER
+ uid: *aafCredsUID
+ key: login
+- name: AAF_PASSWORD
+ uid: *aafCredsUID
+ key: password
+
+# initial application configuration
+applicationConfig:
+ logLevel: INFO
+ server.idleTimeoutSec: 300
+ server.listenPort: 6061
+ cbs.requestIntervalSec: 5
+ security.sslDisable: false
+ security.keys.keyStoreFile: /etc/ves-hv/ssl/cert.jks
+ security.keys.keyStorePasswordFile: /etc/ves-hv/ssl/jks.pass
+ security.keys.trustStoreFile: /etc/ves-hv/ssl/trust.jks
+ security.keys.trustStorePasswordFile: /etc/ves-hv/ssl/trust.pass
+ streams_publishes:
+ perf3gpp:
+ type: kafka
+ aaf_credentials:
+ username: ${AAF_USER}
+ password: ${AAF_PASSWORD}
+ kafka_info:
+ bootstrap_servers: message-router-kafka:9092
+ topic_name: HV_VES_PERF3GPP
+
+applicationEnv:
+ JAVA_OPTS: '-Dlogback.configurationFile=/etc/ONAP/dcae-hv-ves-collector/logback.xml'
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
diff --git a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/Chart.yaml
new file mode 100644
index 0000000..d887ffe
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/Chart.yaml
@@ -0,0 +1,24 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+appVersion: "Honolulu"
+description: ONAP DCAE Microservice Health Check
+name: dcae-ms-healthcheck
+version: 7.0.0
diff --git a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/requirements.yaml
new file mode 100644
index 0000000..aadca0d
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/requirements.yaml
@@ -0,0 +1,25 @@
+#============LICENSE_START========================================================
+#=================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
diff --git a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml
new file mode 100644
index 0000000..2b3ab32
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml
@@ -0,0 +1,67 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+apiVersion: apps/v1
+kind: Deployment
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+spec:
+ replicas: 1
+ selector: {{- include "common.selectors" . | nindent 4 }}
+ template:
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports: {{ include "common.containerPorts" . | nindent 12 }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ include "common.getPort" (dict "global" . "name" "http") }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ include "common.getPort" (dict "global" . "name" "http") }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - mountPath: /opt/app/expected-components.json
+ subPath: expected-components.json
+ name: {{ include "common.fullname" .}}-expected-components
+ env:
+ - name: DCAE_NAMESPACE
+ value: {{ include "common.namespace" . }}
+ - name: ONAP_NAMESPACE
+ value: {{ include "common.namespace" . }}
+ - name: HELM_RELEASE
+ value: {{ include "common.release" . }}
+ volumes:
+ - name: {{ include "common.fullname" . }}-expected-components
+ configMap:
+ name: {{ include "common.release" . }}-dcae-expected-microservices
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/service.yaml
new file mode 100644
index 0000000..c3b0715
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/service.yaml
@@ -0,0 +1,20 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "common.service" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml
new file mode 100644
index 0000000..7535325
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml
@@ -0,0 +1,67 @@
+#============LICENSE_START========================================================
+#=================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2020 Nokia
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+
+service:
+ type: ClusterIP
+ name: dcae-ms-healthcheck
+ ports:
+ - port: 8080
+ name: http
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+# application image
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.1.0
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
+
diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/Chart.yaml
new file mode 100644
index 0000000..952cee6
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-prh/Chart.yaml
@@ -0,0 +1,22 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+appVersion: "Honolulu"
+description: DCAE PRH
+name: dcae-prh
+version: 7.0.0
diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/requirements.yaml
new file mode 100644
index 0000000..e7601ce
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-prh/requirements.yaml
@@ -0,0 +1,27 @@
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
+ - name: readinessCheck
+ version: ~7.x-0
+ repository: '@local'
+ - name: dcaegen2-services-common
+ version: ~7.x-0
+ repository: 'file://../../common/dcaegen2-services-common'
diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/templates/configmap.yaml
new file mode 100644
index 0000000..a7d0acd
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-prh/templates/configmap.yaml
@@ -0,0 +1,20 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "dcaegen2-services-common.configMap" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/templates/deployment.yaml
new file mode 100644
index 0000000..be56017
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-prh/templates/deployment.yaml
@@ -0,0 +1,19 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/templates/secret.yaml
new file mode 100644
index 0000000..34932b7
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-prh/templates/secret.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/templates/service.yaml
new file mode 100644
index 0000000..c3b0715
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-prh/templates/service.yaml
@@ -0,0 +1,20 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "common.service" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml
new file mode 100644
index 0000000..d1f3f2a
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-prh/values.yaml
@@ -0,0 +1,167 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ nodePortPrefixExt: 304
+
+#################################################################
+# Filebeat configuration defaults.
+#################################################################
+filebeatConfig:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+
+#################################################################
+# initContainer images.
+#################################################################
+tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
+consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+image: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.6
+pullPolicy: Always
+
+# log directory where logging sidecar should look for log files
+# if absent, no sidecar will be deployed
+logDirectory: /opt/app/prh/logs
+
+# directory where TLS certs should be stored
+# if absent, no certs will be retrieved and stored
+certDirectory: /opt/app/prh/etc/cert
+
+# TLS role -- set to true if microservice acts as server
+# If true, an init container will retrieve a server cert
+# and key from AAF and mount them in certDirectory.
+tlsServer: true
+
+secrets:
+ - uid: &aaiCredsUID aaicreds
+ type: basicAuth
+ login: '{{ .Values.aaiCreds.user }}'
+ password: '{{ .Values.aaiCreds.password }}'
+ passwordPolicy: required
+
+# dependencies
+readinessCheck:
+ wait_for:
+ - dcae-config-binding-service
+ - aaf-cm
+
+# probe configuration
+readiness:
+ initialDelaySeconds: 5
+ periodSeconds: 15
+ path: /heartbeat
+ scheme: HTTP
+ port: 8100
+
+# service configuration
+service:
+ type: ClusterIP
+ name: dcae-prh
+ ports:
+ - port: 8100
+ name: http
+
+aaiCreds:
+ user: AAI
+ password: AAI
+
+credentials:
+- name: AAI_USER
+ uid: *aaiCredsUID
+ key: login
+- name: AAI_PASSWORD
+ uid: *aaiCredsUID
+ key: password
+
+customEnvVars:
+- name: AUTH_HDR
+ value: "Basic `echo -n ${AAI_USER}:${AAI_PASSWORD} | base64`"
+
+# initial application configuration
+applicationConfig:
+ dmaap.dmaapConsumerConfiguration.dmaapContentType: "application/json"
+ dmaap.dmaapConsumerConfiguration.consumerId: "c12"
+ dmaap.dmaapConsumerConfiguration.consumerGroup: "OpenDCAE-c12"
+ dmaap.dmaapConsumerConfiguration.timeoutMs: -1
+ dmaap.dmaapProducerConfiguration.dmaapContentType: "application/json"
+ dmaap.dmaapUpdateProducerConfiguration.dmaapContentType: "application/json"
+ aai.aaiClientConfiguration.pnfUrl: https://aai.onap.svc.cluster.local:8443/aai/v12/network/pnfs/pnf
+ aai.aaiClientConfiguration.baseUrl: https://aai.onap.svc.cluster.local:8443/aai/v12
+ aai.aaiClientConfiguration.aaiHost: aai.onap.svc.cluster.local
+ aai.aaiClientConfiguration.aaiHostPortNumber: 8443
+ aai.aaiClientConfiguration.aaiProtocol: "https"
+ aai.aaiClientConfiguration.aaiUserName: ${AAI_USER}
+ aai.aaiClientConfiguration.aaiUserPassword: ${AAI_PASSWORD}
+ aai.aaiClientConfiguration.aaiIgnoreSslCertificateErrors: true
+ aai.aaiClientConfiguration.aaiBasePath: "/aai/v12"
+ aai.aaiClientConfiguration.aaiPnfPath: "/network/pnfs/pnf"
+ aai.aaiClientConfiguration.aaiServiceInstancePath: "/business/customers/customer/${customer}/service-subscriptions/service-subscription/${serviceType}/service-instances/service-instance/${serviceInstanceId}"
+ aai.aaiClientConfiguration.aaiHeaders:
+ X-FromAppId: "prh"
+ X-TransactionId: "9999"
+ Accept: "application/json"
+ Real-Time: "true"
+ Authorization: $AUTH_HDR
+ security.trustStorePath: "/opt/app/prh/etc/cert/trust.jks"
+ security.trustStorePasswordPath: "/opt/app/prh/etc/cert/trust.pass"
+ security.keyStorePath: "/opt/app/prh/etc/cert/cert.jks"
+ security.keyStorePasswordPath: "/opt/app/prh/etc/cert/jks.pass"
+ security.enableAaiCertAuth: false
+ security.enableDmaapCertAuth: false
+ streams_publishes:
+ pnf-update:
+ type: "message_router"
+ dmaap_info:
+ topic_url: http://message-router.onap.svc.cluster.local:3904/events/unauthenticated.PNF_UPDATE
+ pnf-ready:
+ type: "message_router"
+ dmaap_info:
+ topic_url: http://message-router.onap.svc.cluster.local:3904/events/unauthenticated.PNF_READY
+ streams_subscribes:
+ ves-reg-output:
+ type: "message_router"
+ dmaap_info:
+ topic_url: http://message-router.onap.svc.cluster.local:3904/events/unauthenticated.VES_PNFREG_OUTPUT
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/Chart.yaml
new file mode 100644
index 0000000..3ccec92
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/Chart.yaml
@@ -0,0 +1,22 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+appVersion: "Honolulu"
+description: DCAE TCA (Gen 2)
+name: dcae-tcagen2
+version: 7.0.0
diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/requirements.yaml
new file mode 100644
index 0000000..6f98a22
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/requirements.yaml
@@ -0,0 +1,27 @@
+# Copyright (c) 2020 J. F. Lucas. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
+ - name: readinessCheck
+ version: ~7.x-0
+ repository: '@local'
+ - name: dcaegen2-services-common
+ version: ~7.x-0
+ repository: 'file://../../common/dcaegen2-services-common'
diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/configmap.yaml
new file mode 100644
index 0000000..a7d0acd
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/configmap.yaml
@@ -0,0 +1,20 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "dcaegen2-services-common.configMap" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/deployment.yaml
new file mode 100644
index 0000000..be56017
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/deployment.yaml
@@ -0,0 +1,19 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/secret.yaml
new file mode 100644
index 0000000..34932b7
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/secret.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/service.yaml
new file mode 100644
index 0000000..c3b0715
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/templates/service.yaml
@@ -0,0 +1,20 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "common.service" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
new file mode 100644
index 0000000..da6dc8f
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml
@@ -0,0 +1,152 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ nodePortPrefixExt: 304
+
+#################################################################
+# Filebeat configuration defaults.
+#################################################################
+filebeatConfig:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+
+#################################################################
+# initContainer images.
+#################################################################
+tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
+consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+image: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.2.1
+pullPolicy: Always
+
+# log directory where logging sidecar should look for log files
+# if absent, no sidecar will be deployed
+logDirectory: /opt/logs/dcae-analytics-tca
+
+# directory where TLS certs should be stored
+# if absent, no certs will be retrieved and stored
+certDirectory: /etc/tca-gen2/ssl
+
+# TLS role -- set to true if microservice acts as server
+# If true, an init container will retrieve a server cert
+# and key from AAF and mount them in certDirectory.
+tlsServer: true
+
+secrets:
+ - uid: &aaiCredsUID aaicreds
+ type: basicAuth
+ login: '{{ .Values.aaiCreds.user }}'
+ password: '{{ .Values.aaiCreds.password }}'
+ passwordPolicy: required
+
+# dependencies
+readinessCheck:
+ wait_for:
+ - dcae-config-binding-service
+ - aaf-cm
+
+# probe configuration
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ path: /actuator/health
+ scheme: HTTP
+ port: 9091
+
+# service configuration
+service:
+ type: ClusterIP
+ name: dcae-tcagen2
+ ports:
+ - port: 9091
+ name: http
+
+aaiCreds:
+ user: DCAE
+ password: DCAE
+
+credentials:
+- name: AAI_USERNAME
+ uid: *aaiCredsUID
+ key: login
+- name: AAI_PASSWORD
+ uid: *aaiCredsUID
+ key: password
+
+# initial application configuration
+applicationConfig:
+ service_calls: []
+ streams_publishes:
+ tca_handle_out:
+ dmaap_info:
+ topic_url: http://message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT
+ type: message_router
+ streams_subscribes:
+ tca_handle_in:
+ dmaap_info:
+ topic_url: http://message-router:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT
+ type: message_router
+ spring.data.mongodb.uri: mongodb://dcae-mongohost/dcae-tcagen2
+ streams_subscribes.tca_handle_in.consumer_group: cg1
+ streams_subscribes.tca_handle_in.consumer_ids[0]: c0
+ streams_subscribes.tca_handle_in.consumer_ids[1]: c1
+ streams_subscribes.tca_handle_in.message_limit: 50000
+ streams_subscribes.tca_handle_in.polling.auto_adjusting.max: 60000
+ streams_subscribes.tca_handle_in.polling.auto_adjusting.min: 30000
+ streams_subscribes.tca_handle_in.polling.auto_adjusting.step_down: 30000
+ streams_subscribes.tca_handle_in.polling.auto_adjusting.step_up: 10000
+ streams_subscribes.tca_handle_in.polling.fixed_rate: 0
+ streams_subscribes.tca_handle_in.timeout: -1
+ tca.aai.enable_enrichment: true
+ tca.aai.generic_vnf_path: aai/v11/network/generic-vnfs/generic-vnf
+ tca.aai.node_query_path: aai/v11/search/nodes-query
+ tca.aai.password: ${AAI_PASSWORD}
+ tca.aai.url: http://aai
+ tca.aai.username: ${AAI_USERNAME}
+ tca.policy: '{"domain":"measurementsForVfScaling","metricsPerEventName":[{"eventName":"vFirewallBroadcastPackets","controlLoopSchemaType":"VM","policyScope":"DCAE","policyName":"DCAE.Config_tca-hi-lo","policyVersion":"v0.0.1","thresholds":[{"closedLoopControlName":"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedTotalPacketsDelta","thresholdValue":300,"direction":"LESS_OR_EQUAL","severity":"MAJOR","closedLoopEventStatus":"ONSET"},{"closedLoopControlName":"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedTotalPacketsDelta","thresholdValue":700,"direction":"GREATER_OR_EQUAL","severity":"CRITICAL","closedLoopEventStatus":"ONSET"}]},{"eventName":"vLoadBalancer","controlLoopSchemaType":"VM","policyScope":"DCAE","policyName":"DCAE.Config_tca-hi-lo","policyVersion":"v0.0.1","thresholds":[{"closedLoopControlName":"ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedTotalPacketsDelta","thresholdValue":300,"direction":"GREATER_OR_EQUAL","severity":"CRITICAL","closedLoopEventStatus":"ONSET"}]},{"eventName":"Measurement_vGMUX","controlLoopSchemaType":"VNF","policyScope":"DCAE","policyName":"DCAE.Config_tca-hi-lo","policyVersion":"v0.0.1","thresholds":[{"closedLoopControlName":"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value","thresholdValue":0,"direction":"EQUAL","severity":"MAJOR","closedLoopEventStatus":"ABATED"},{"closedLoopControlName":"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e","version":"1.0.2","fieldPath":"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value","thresholdValue":0,"direction":"GREATER","severity":"CRITICAL","closedLoopEventStatus":"ONSET"}]}]}'
+ tca.processing_batch_size: 10000
+ tca.enable_abatement: true
+ tca.enable_ecomp_logging: true
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/Chart.yaml
new file mode 100644
index 0000000..1ab6abd
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/Chart.yaml
@@ -0,0 +1,22 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+appVersion: "Honolulu"
+description: DCAE VES Collector
+name: dcae-ves-collector
+version: 7.0.0
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/requirements.yaml
new file mode 100644
index 0000000..e7601ce
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/requirements.yaml
@@ -0,0 +1,27 @@
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
+ - name: readinessCheck
+ version: ~7.x-0
+ repository: '@local'
+ - name: dcaegen2-services-common
+ version: ~7.x-0
+ repository: 'file://../../common/dcaegen2-services-common'
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/configmap.yaml
new file mode 100644
index 0000000..a7d0acd
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/configmap.yaml
@@ -0,0 +1,20 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "dcaegen2-services-common.configMap" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/deployment.yaml
new file mode 100644
index 0000000..be56017
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/deployment.yaml
@@ -0,0 +1,19 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/service.yaml
new file mode 100644
index 0000000..c3b0715
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/service.yaml
@@ -0,0 +1,20 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+{{ include "common.service" . }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
new file mode 100644
index 0000000..0c0fd86
--- /dev/null
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
@@ -0,0 +1,174 @@
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ nodePortPrefixExt: 304
+
+#################################################################
+# Filebeat configuration defaults.
+#################################################################
+filebeatConfig:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+
+#################################################################
+# initContainer images.
+#################################################################
+tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
+consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.8.0
+pullPolicy: Always
+
+# log directory where logging sidecar should look for log files
+# if absent, no sidecar will be deployed
+logDirectory: /opt/app/VESCollector/logs
+
+# directory where TLS certs should be stored
+# if absent, no certs will be retrieved and stored
+certDirectory: /opt/app/dcae-certificate
+
+# TLS role -- set to true if microservice acts as server
+# If true, an init container will retrieve a server cert
+# and key from AAF and mount them in certDirectory.
+tlsServer: true
+
+# dependencies
+readinessCheck:
+ wait_for:
+ - dcae-config-binding-service
+ - aaf-cm
+
+# probe configuration
+ initialDelaySeconds: 5
+ periodSeconds: 15
+ path: /healthcheck
+ scheme: HTTP
+ port: 8080
+
+# service configuration
+service:
+ type: NodePort
+ name: dcae-ves-collector
+ ports:
+ - name: http
+ port: 8443
+ plain_port: 8080
+ port_protocol: http
+ nodePort: 17
+ useNodePortExt: true
+
+# initial application configuration
+applicationConfig:
+ collector.dmaap.streamid: fault=ves-fault|syslog=ves-syslog|heartbeat=ves-heartbeat|measurement=ves-measurement|measurementsForVfScaling=ves-measurement|mobileFlow=ves-mobileflow|other=ves-other|stateChange=ves-statechange|thresholdCrossingAlert=ves-thresholdCrossingAlert|voiceQuality=ves-voicequality|sipSignaling=ves-sipsignaling|notification=ves-notification|pnfRegistration=ves-pnfRegistration|3GPP-FaultSupervision=ves-3gpp-fault-supervision|3GPP-Heartbeat=ves-3gpp-heartbeat|3GPP-Provisioning=ves-3gpp-provisioning|3GPP-PerformanceAssurance=ves-3gpp-performance-assurance
+ collector.inputQueue.maxPending: "8096"
+ collector.keystore.file.location: /opt/app/dcae-certificate/cert.jks
+ collector.keystore.passwordfile: /opt/app/dcae-certificate/jks.pass
+ collector.truststore.file.location: /opt/app/dcae-certificate/trust.jks
+ collector.truststore.passwordfile: /opt/app/dcae-certificate/trust.pass
+ collector.schema.checkflag: "1"
+ collector.schema.file: "{\"v1\":\"./etc/CommonEventFormat_27.2.json\",\"v2\":\"./etc/CommonEventFormat_27.2.json\",\"v3\":\"./etc/CommonEventFormat_27.2.json\",\"v4\":\"./etc/CommonEventFormat_27.2.json\",\"v5\":\"./etc/CommonEventFormat_28.4.1.json\",\"v7\":\"./etc/CommonEventFormat_30.2_ONAP.json\"}"
+ collector.externalSchema.checkflag: 1
+ collector.externalSchema.schemasLocation: "./etc/externalRepo/"
+ collector.externalSchema.mappingFileLocation: "./etc/externalRepo/schema-map.json"
+ event.externalSchema.schemaRefPath: $.event.stndDefinedFields.schemaReference
+ event.externalSchema.stndDefinedDataPath: $.event.stndDefinedFields.data
+ collector.service.port: "8080"
+ collector.service.secure.port: "8443"
+ event.transform.flag: "0"
+ auth.method: "certBasicAuth"
+ header.authlist: "sample1,$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6|demouser,$2a$10$1cc.COcqV/d3iT2N7BjPG.S6ZKv2jpb9a5MV.o7lMih/GpjJRX.Ce"
+ services_calls: []
+ streams_publishes:
+ ves-fault:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.SEC_FAULT_OUTPUT"
+ type: message_router
+ ves-measurement:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT"
+ type: message_router
+ ves-notification:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT"
+ type: message_router
+ ves-pnfRegistration:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.VES_PNFREG_OUTPUT"
+ type: message_router
+ ves-heartbeat:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT"
+ type: message_router
+ ves-other:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.SEC_OTHER_OUTPUT"
+ type: message_router
+ ves-3gpp-fault-supervision:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT"
+ type: message_router
+ ves-3gpp-provisioning:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT"
+ type: message_router
+ ves-3gpp-heartbeat:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT"
+ type: message_router
+ ves-3gpp-performance-assurance:
+ dmaap_info:
+ topic_url:
+ "http://message-router:3904/events/unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT"
+ type: message_router
+ collector.dynamic.config.update.frequency: "5"
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 2Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 4Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
diff --git a/kubernetes/dcaegen2-services/requirements.yaml b/kubernetes/dcaegen2-services/requirements.yaml
new file mode 100644
index 0000000..14918af
--- /dev/null
+++ b/kubernetes/dcaegen2-services/requirements.yaml
@@ -0,0 +1,38 @@
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: '@local'
+ - name: dcae-ms-healthcheck
+ version: ~7.x-0
+ repository: 'file://components/dcae-ms-healthcheck'
+ condition: dcae-ms-healthcheck.enabled
+ - name: dcae-prh
+ version: ~7.x-0
+ repository: 'file://components/dcae-prh'
+ condition: dcae-bootstrap.enabled
+ - name: dcae-tcagen2
+ version: ~7.x-0
+ repository: 'file://components/dcae-tcagen2'
+ condition: dcae-tcagen2.enabled
+ - name: dcae-ves-collector
+ version: ~7.x-0
+ repository: 'file://components/dcae-ves-collector'
+ condition: dcae-ves-collector.enabled
+ - name: dcae-hv-ves-collector
+ version: ~7.x-0
+ repository: 'file://components/dcae-hv-ves-collector'
+ condition: dcae-hv-ves-collector.enabled
diff --git a/kubernetes/dcaegen2-services/resources/expected-components.json b/kubernetes/dcaegen2-services/resources/expected-components.json
new file mode 100644
index 0000000..948c479
--- /dev/null
+++ b/kubernetes/dcaegen2-services/resources/expected-components.json
@@ -0,0 +1,28 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+[
+{{- $ctx := . }}
+{{- $components := tuple "dcae-hv-ves-collector" "dcae-prh" "dcae-tcagen2" "dcae-ves-collector" }}
+{{- range $i, $v := $components }}
+{{- if index $ctx.Values . "enabled" }}
+{{- if $i }},{{ end }}
+{{ $v | quote | indent 2 }}
+{{- end -}}
+{{- end }}
+]
diff --git a/kubernetes/dcaegen2-services/templates/configmap.yaml b/kubernetes/dcaegen2-services/templates/configmap.yaml
new file mode 100644
index 0000000..a2c7c56
--- /dev/null
+++ b/kubernetes/dcaegen2-services/templates/configmap.yaml
@@ -0,0 +1,27 @@
+{{/*
+#============LICENSE_START========================================================
+# ================================================================================
+# Copyright (c) 2020 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.release" . }}-dcae-expected-microservices
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }}
\ No newline at end of file
diff --git a/kubernetes/dcaegen2-services/values.yaml b/kubernetes/dcaegen2-services/values.yaml
new file mode 100644
index 0000000..25df24d
--- /dev/null
+++ b/kubernetes/dcaegen2-services/values.yaml
@@ -0,0 +1,25 @@
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Control deployment of DCAE microservices at ONAP installation time
+dcae-ms-healthcheck:
+ enabled: true
+dcae-hv-ves-collector:
+ enabled: true
+dcae-prh:
+ enabled: true
+dcae-tcagen2:
+ enabled: true
+dcae-ves-collector:
+ enabled: true
diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
index 312eaa4..1135c05 100644
--- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
@@ -55,7 +55,7 @@
# Application configuration defaults.
#################################################################
# application image
-image: onap/org.onap.dcaegen2.deployments.cm-container:4.4.0
+image: onap/org.onap.dcaegen2.deployments.cm-container:4.4.2
pullPolicy: Always
# name of shared ConfigMap with kubeconfig for multiple clusters
diff --git a/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/templates/deployment.yaml
index b244d91..929b380 100644
--- a/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/templates/deployment.yaml
+++ b/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/templates/deployment.yaml
@@ -51,8 +51,7 @@
value: {{ .Values.schemaMap.directory }}/{{ .Values.schemaMap.filename }}
volumeMounts:
- name: schema-map
- mountPath: {{ .Values.schemaMap.directory }}/{{ .Values.schemaMap.filename }}
- subPath: {{ .Values.schemaMap.filename }}
+ mountPath: {{ .Values.schemaMap.directory }}
volumes:
- name: schema-map
configMap:
diff --git a/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/values.yaml b/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/values.yaml
index 66978bd..2209feb 100644
--- a/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-ves-openapi-manager/values.yaml
@@ -31,7 +31,7 @@
schemaMap:
filename: "schema-map.json"
- directory: "/app"
+ directory: "/app/mappings"
liveness:
initialDelaySeconds: 30
diff --git a/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml b/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
index 356149c..3366b00 100644
--- a/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
@@ -41,7 +41,7 @@
initialDelaySeconds: 10
periodSeconds: 10
# application image
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.0.0
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.1.0
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml
index 4f46962..68146fe 100755
--- a/kubernetes/onap/requirements.yaml
+++ b/kubernetes/onap/requirements.yaml
@@ -62,6 +62,10 @@
version: ~7.x-0
repository: '@local'
condition: dcaegen2.enabled
+ - name: dcaegen2-services
+ version: ~7.x-0
+ repository: '@local'
+ condition: dcaegen2-services.enabled
- name: dcaemod
version: ~7.x-0
repository: '@local'
diff --git a/kubernetes/onap/resources/environments/core-onap.yaml b/kubernetes/onap/resources/environments/core-onap.yaml
index 9932691..d77a289 100644
--- a/kubernetes/onap/resources/environments/core-onap.yaml
+++ b/kubernetes/onap/resources/environments/core-onap.yaml
@@ -71,6 +71,8 @@
enabled: false
dcaegen2:
enabled: false
+dcaegen2-services:
+ enabled: false
dmaap:
enabled: true
esr:
diff --git a/kubernetes/onap/resources/environments/dev.yaml b/kubernetes/onap/resources/environments/dev.yaml
index 8471349..58976ae 100644
--- a/kubernetes/onap/resources/environments/dev.yaml
+++ b/kubernetes/onap/resources/environments/dev.yaml
@@ -75,6 +75,8 @@
enabled: false
dcaegen2:
enabled: false
+dcaegen2-services:
+ enabled: false
dmaap:
enabled: false
esr:
diff --git a/kubernetes/onap/resources/environments/disable-allcharts.yaml b/kubernetes/onap/resources/environments/disable-allcharts.yaml
index c7dcdfc..6380168 100644
--- a/kubernetes/onap/resources/environments/disable-allcharts.yaml
+++ b/kubernetes/onap/resources/environments/disable-allcharts.yaml
@@ -45,6 +45,8 @@
enabled: false
dcaegen2:
enabled: false
+dcaegen2-services:
+ enabled: false
dmaap:
enabled: false
esr:
diff --git a/kubernetes/onap/resources/environments/minimal-onap.yaml b/kubernetes/onap/resources/environments/minimal-onap.yaml
index 0186a9c..9fd5d3d 100644
--- a/kubernetes/onap/resources/environments/minimal-onap.yaml
+++ b/kubernetes/onap/resources/environments/minimal-onap.yaml
@@ -66,6 +66,8 @@
enabled: false
dcaegen2:
enabled: false
+dcaegen2-services:
+ enabled: false
dmaap:
enabled: true
esr:
diff --git a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml
index 2481623..70e8ac2 100644
--- a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml
+++ b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml
@@ -98,6 +98,8 @@
enabled: false
dcaegen2:
enabled: false
+dcaegen2-services:
+ enabled: false
dmaap:
enabled: true
esr:
diff --git a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml
index 63a8a74..d8153e0 100644
--- a/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml
+++ b/kubernetes/onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml
@@ -40,6 +40,8 @@
enabled: true
dcaegen2:
enabled: true
+dcaegen2-services:
+ enabled: true
dmaap:
enabled: true
esr:
diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml
index c8551cb..70f7cf8 100644
--- a/kubernetes/onap/resources/overrides/onap-all.yaml
+++ b/kubernetes/onap/resources/overrides/onap-all.yaml
@@ -48,6 +48,8 @@
enabled: true
dcaegen2:
enabled: true
+dcaegen2-services:
+ enabled: true
dcaemod:
enabled: true
dmaap:
diff --git a/kubernetes/onap/resources/overrides/onap-vfw.yaml b/kubernetes/onap/resources/overrides/onap-vfw.yaml
index a0602eb..caa7601 100644
--- a/kubernetes/onap/resources/overrides/onap-vfw.yaml
+++ b/kubernetes/onap/resources/overrides/onap-vfw.yaml
@@ -33,6 +33,8 @@
enabled: true
dcaegen2:
enabled: true
+dcaegen2-services:
+ enabled: true
dmaap:
enabled: true
log:
diff --git a/kubernetes/onap/resources/overrides/sm-onap.yaml b/kubernetes/onap/resources/overrides/sm-onap.yaml
index bd8ed9d..9c26655 100644
--- a/kubernetes/onap/resources/overrides/sm-onap.yaml
+++ b/kubernetes/onap/resources/overrides/sm-onap.yaml
@@ -70,6 +70,8 @@
enabled: false
dcaegen2:
enabled: false
+dcaegen2-services:
+ enabled: false
esr:
enabled: false
log:
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index d5d3e10..30155dc 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -305,6 +305,8 @@
enabled: false
dcaegen2:
enabled: false
+dcaegen2-services:
+ enabled: false
dcaemod:
enabled: false
dmaap:
diff --git a/kubernetes/sdnc/resources/config/bin/installSdncDb.sh b/kubernetes/sdnc/resources/config/bin/installSdncDb.sh
index 11ed7f4..42abf54 100755
--- a/kubernetes/sdnc/resources/config/bin/installSdncDb.sh
+++ b/kubernetes/sdnc/resources/config/bin/installSdncDb.sh
@@ -37,8 +37,8 @@
# Create tablespace and user account
mysql -h ${MYSQL_HOST} -u root -p${MYSQL_PASSWORD} mysql <<-END
CREATE DATABASE IF NOT EXISTS ${SDNC_DB_DATABASE};
-CREATE USER '${SDNC_DB_USER}'@'localhost' IDENTIFIED BY '${SDNC_DB_PASSWORD}';
-CREATE USER '${SDNC_DB_USER}'@'%' IDENTIFIED BY '${SDNC_DB_PASSWORD}';
+CREATE USER IF NOT EXISTS '${SDNC_DB_USER}'@'localhost' IDENTIFIED BY '${SDNC_DB_PASSWORD}';
+CREATE USER IF NOT EXISTS '${SDNC_DB_USER}'@'%' IDENTIFIED BY '${SDNC_DB_PASSWORD}';
GRANT ALL PRIVILEGES ON ${SDNC_DB_DATABASE}.* TO '${SDNC_DB_USER}'@'localhost' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON ${SDNC_DB_DATABASE}.* TO '${SDNC_DB_USER}'@'%' WITH GRANT OPTION;
flush privileges;
diff --git a/kubernetes/vid/templates/deployment.yaml b/kubernetes/vid/templates/deployment.yaml
index 8872863..478b442 100644
--- a/kubernetes/vid/templates/deployment.yaml
+++ b/kubernetes/vid/templates/deployment.yaml
@@ -63,6 +63,8 @@
- -c
- |
export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ export VID_TRUSTSTORE_PLAIN_PASSWORD=${VID_TRUSTSTORE_PASSWORD}
+ export VID_TRUSTSTORE_PASSWORD=`java -cp /usr/local/tomcat/webapps/vid/WEB-INF/lib/jetty-util-9.4.20.v20190813.jar org.eclipse.jetty.util.security.Password ${VID_TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
/tmp/vid/localize.sh
{{- end }}
ports:
@@ -139,6 +141,8 @@
- mountPath: /tmp/logback.xml
name: vid-logback
subPath: logback.xml
+ - mountPath: /opt/app/vid
+ name: vid-cache
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -168,6 +172,8 @@
- name: filebeat-conf
configMap:
name: {{ include "common.fullname" . }}-filebeat-configmap
+ - name: vid-cache
+ emptyDir: {}
- name: vid-logs
emptyDir: {}
- name: vid-data-filebeat
diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml
index 5e4a0ec..91132e2 100644
--- a/kubernetes/vid/values.yaml
+++ b/kubernetes/vid/values.yaml
@@ -64,7 +64,7 @@
else
echo "*** changing them into shell safe ones"
export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
- export TRUSTORE_PASSWD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+ export TRUSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
cd {{ .Values.credsPath }}
keytool -storepasswd -new "${KEYSTORE_PASSWD}" \
-storepass "${cadi_keystore_password_jks}" \
@@ -79,7 +79,7 @@
-storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }}
echo "*** save the generated passwords"
echo "VID_KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop
- echo "VID_TRUSTSTORE_PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp" >> mycreds.prop
+ echo "VID_TRUSTSTORE_PASSWORD=${TRUSTORE_PASSWD}" >> mycreds.prop
echo "*** change ownership of certificates to targeted user"
chown -R 1000 .
fi
@@ -88,7 +88,7 @@
enabled: true
# application image
-image: onap/vid:7.0.0
+image: onap/vid:8.0.2
pullPolicy: Always
# application configuration
diff --git a/kubernetes/vnfsdk/requirements.yaml b/kubernetes/vnfsdk/requirements.yaml
index b668359..3a4aed7 100644
--- a/kubernetes/vnfsdk/requirements.yaml
+++ b/kubernetes/vnfsdk/requirements.yaml
@@ -16,6 +16,9 @@
- name: common
version: ~7.x-0
repository: '@local'
+ - name: certInitializer
+ version: ~7.x-0
+ repository: '@local'
- name: postgres
version: ~7.x-0
repository: '@local'
diff --git a/kubernetes/vnfsdk/resources/nginx/nginx.conf b/kubernetes/vnfsdk/resources/nginx/nginx.conf
new file mode 100644
index 0000000..d26cc5d
--- /dev/null
+++ b/kubernetes/vnfsdk/resources/nginx/nginx.conf
@@ -0,0 +1,63 @@
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+daemon off;
+
+#pid /run/nginx.pid;
+
+events {
+ worker_connections 500;
+ # multi_accept on;
+}
+http {
+
+ ##
+ # Basic Settings
+ ##
+
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ keepalive_timeout 65;
+ types_hash_max_size 2048;
+
+ #Comment or disable the access_log once tested to avoid runtime logs
+# access_log /var/log/nginx/access.log format gzip;
+ access_log off;
+ error_log /var/log/nginx/error.log;
+
+ server {
+ listen *:8703 ssl;
+ server_name
+ ssl on;
+ ssl_certificate {{ .Values.certInitializer.credsPath }}/certs/cert.pem;
+ ssl_certificate_key {{ .Values.certInitializer.credsPath }}/certs/cert.key;
+ ssl_session_cache builtin:1000 shared:SSL:80m;
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
+ ssl_prefer_server_ciphers on;
+ ssl_session_timeout 10m;
+ keepalive_timeout 70;
+
+ location / {
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_pass http://localhost:8702;
+ proxy_read_timeout 90;
+ proxy_redirect off;
+ }
+ }
+}
\ No newline at end of file
diff --git a/kubernetes/vnfsdk/templates/configmap.yaml b/kubernetes/vnfsdk/templates/configmap.yaml
index c41c3ef..d063793 100644
--- a/kubernetes/vnfsdk/templates/configmap.yaml
+++ b/kubernetes/vnfsdk/templates/configmap.yaml
@@ -26,3 +26,16 @@
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-nginx
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/nginx/*").AsConfig . | indent 2 }}
\ No newline at end of file
diff --git a/kubernetes/vnfsdk/templates/deployment.yaml b/kubernetes/vnfsdk/templates/deployment.yaml
index 7e4ad5b..89eba2f 100644
--- a/kubernetes/vnfsdk/templates/deployment.yaml
+++ b/kubernetes/vnfsdk/templates/deployment.yaml
@@ -35,7 +35,7 @@
release: {{ include "common.release" . }}
name: {{ include "common.name" . }}
spec:
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- command:
- sh
args:
@@ -75,10 +75,13 @@
name: {{ include "common.name" . }}
resources:
{{ include "common.resources" . | indent 12 }}
- volumeMounts:
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
- mountPath: /service/webapps/ROOT/WEB-INF/classes/mybatis/configuration/configuration.xml
name: init-data
subPath: configuration.xml
+ - mountPath: /etc/nginx/nginx.conf
+ name: nginx
+ subPath: nginx.conf
readinessProbe:
tcpSocket:
port: {{ .Values.service.internalPort }}
@@ -86,10 +89,13 @@
periodSeconds: {{ .Values.readiness.periodSeconds }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: init-data-input
configMap:
name: {{ include "common.fullname" . }}
+ - name: nginx
+ configMap:
+ name: {{ include "common.fullname" . }}-nginx
- name: init-data
emptyDir:
medium: Memory
diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml
index 28a2ac4..0fbee4c 100644
--- a/kubernetes/vnfsdk/values.yaml
+++ b/kubernetes/vnfsdk/values.yaml
@@ -34,6 +34,37 @@
passwordPolicy: generate
#################################################################
+# AAF part
+#################################################################
+certInitializer:
+ nameOverride: refrepo-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: refrepo
+ fqi: refrepo@refrepo.onap.org
+ fqi_namespace: org.onap.refrepo
+ public_fqdn: refrepo.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ aaf_add_config: |
+ echo "*** transform AAF certs into pem files"
+ mkdir -p {{ .Values.credsPath }}/certs
+ echo "keystore password: $$cadi_keystore_password_p12"
+ openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
+ -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
+ -passin pass:$cadi_keystore_password_p12 \
+ -passout pass:$cadi_keystore_password_p12
+ echo "*** copy key"
+ cp {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
+ {{ .Values.credsPath }}/certs/cert.key
+ echo "*** change ownership of certificates to targeted user"
+ chown -R 999 {{ .Values.credsPath }}/certs
+
+
+#################################################################
# Application configuration defaults.
#################################################################
# application image
@@ -102,7 +133,7 @@
service:
type: NodePort
name: refrepo
- portName: refrepo
+ portName: https
nodePort: 97
internalPort: 8703