[OOF] Use certInitializer for OOF pods
Remove Hardcoded certificates from OOF
Resturcture OOF charts
Issue-ID: OPTFRA-803
Signed-off-by: krishnaa96 <krishna.moorthy6@wipro.com>
Change-Id: Ibe886a44fcbf22bb3443fbb8ec8e37ddc7636ffe
diff --git a/kubernetes/oof/components/oof-cmso/values.yaml b/kubernetes/oof/components/oof-cmso/values.yaml
new file mode 100644
index 0000000..e83e2de
--- /dev/null
+++ b/kubernetes/oof/components/oof-cmso/values.yaml
@@ -0,0 +1,153 @@
+# Copyright © 2018 AT&T
+# Copyright (C) 2020 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: cmso-db-root-password
+ name: &rootPassword '{{ include "common.release" . }}-cmso-db-root-password'
+ type: password
+ password: ''
+ policy: generate
+ - uid: cmso-service-db-secret
+ name: &serviceDbCreds '{{ include "common.release" . }}-cmso-service-db-secret'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.db.service.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.db.service.userName }}'
+ password: '{{ .Values.config.db.service.userPassword }}'
+ passwordPolicy: generate
+ - uid: cmso-db-secret
+ name: &optimizerDbCreds '{{ include "common.release" . }}-cmso-optimizer-db-secret'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.db.optimizer.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.db.optimizer.userName }}'
+ password: '{{ .Values.config.db.optimizer.userPassword }}'
+ passwordPolicy: generate
+
+mariadb-galera:
+ replicaCount: 1
+ nameOverride: &containerName cmso-db
+ service:
+ type: ClusterIP
+ name: &serviceName oof-cmso-dbhost
+ portName: cmso-dbhost
+ nfsprovisionerPrefix: cmso
+ sdnctlPrefix: cmso
+ persistence:
+ mountSubPath: cmso/data
+ enabled: true
+ disableNfsProvisioner: true
+ config:
+ mariadbRootPasswordExternalSecret: *rootPassword
+ # userCredentialsExternalSecret: *dbCreds
+ # mysqlDatabase: cmso
+ externalConfig: |
+ [mysqld]
+ lower_case_table_names = 1
+
+global:
+ commonConfigPrefix: "oof-cmso"
+ truststoreFile: "truststoreONAPall.jks"
+ keystoreFile: "org.onap.oof.jks"
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ truststorePassword:
+ authentication: aaf-auth
+ busyBoxImage: busybox:1.30
+ busyBoxRepository: docker.io
+
+mariadb-init:
+ mariadbGalera:
+ containerName: *containerName
+ serviceName: *serviceName
+ servicePort: 3306
+ userRootSecret: *rootPassword
+ config:
+ userCredentialsExternalSecret: *serviceDbCreds
+ mysqlDatabase: cmso
+ mysqlAdditionalDatabases:
+ optimizer:
+ externalSecret: *optimizerDbCreds
+ nameOverride: cmso-db-config
+
+flavor: small
+
+config:
+ log:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+ db:
+ service:
+ # userCredentialsExternalsecret: some secret
+ userName: cmso-admin
+ # userPassword: password
+ optimizer:
+ userName: cmso-optimizer
+
+#sub-charts configuration
+certInitializer: &certInitConfig
+ fqdn: "oof.onap"
+ app_ns: "org.osaaf.aaf"
+ fqi: "oof@oof.onap.org"
+ fqi_namespace: org.onap.oof
+ public_fqdn: "oof.onap.org"
+ aafDeployFqi: "deployer@people.osaaf.org"
+ aafDeployPass: demo123456!
+ cadi_latitude: "0.0"
+ cadi_longitude: "0.0"
+ credsPath: /opt/app/osaaf/local
+ appMountPath: /share/etc/osaaf
+ aaf_add_config: >
+ cd {{ .Values.credsPath }};
+ /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} | grep cadi_keystore_password_jks= | cut -d= -f 2 > {{ .Values.credsPath }}/.pass 2>&1;
+ find ./ -type f -exec sed -i -e 's/\/opt\/app\/osaaf\/local/\/share\/etc\/osaaf\/local/g' {} \;
+
+oof-cmso-service:
+ enabled: true
+ certInitializer:
+ << : *certInitConfig
+ nameOverride: oof-cmso-service-cert-initializer
+ config:
+ db:
+ userCredentialsExternalSecret: *serviceDbCreds
+ host: oof-cmso-dbhost
+ container: cmso-db
+ mysqlDatabase: cmso
+
+oof-cmso-optimizer:
+ enabled: true
+ certInitializer:
+ << : *certInitConfig
+ nameOverride: oof-cmso-optimizer-cert-initializer
+ config:
+ enabled: true
+ db:
+ userCredentialsExternalSecret: *optimizerDbCreds
+ host: oof-cmso-dbhost
+ container: cmso-db
+ mysqlDatabase: optimizer
+
+oof-cmso-topology:
+ enabled: true
+ certInitializer:
+ << : *certInitConfig
+ nameOverride: oof-cmso-topology-cert-initializer
+
+oof-cmso-ticketmgt:
+ enabled: true
+ certInitializer:
+ << : *certInitConfig
+ nameOverride: oof-cmso-ticketmgt-cert-initializer