Merge "Add the realtime clients to"
diff --git a/kubernetes/aaf/.helmignore b/kubernetes/aaf/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/kubernetes/aaf/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/aaf/charts/aaf-cm/.helmignore b/kubernetes/aaf/charts/aaf-cm/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cm/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/aaf/charts/aaf-cm/Chart.yaml b/kubernetes/aaf/charts/aaf-cm/Chart.yaml
new file mode 100644
index 0000000..00832d6
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cm/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAF Certificate Manager
+name: aaf-cm
+version: 2.0.0
\ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-cm/templates/NOTES.txt b/kubernetes/aaf/charts/aaf-cm/templates/NOTES.txt
new file mode 100644
index 0000000..c60c745
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cm/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/aaf/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml
similarity index 70%
copy from kubernetes/aaf/templates/deployment.yaml
copy to kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml
index 2a4e7d2..652e2ac 100644
--- a/kubernetes/aaf/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml
@@ -24,21 +24,34 @@
namespace: {{ include "common.namespace" . }}
spec:
replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
template:
metadata:
labels:
app: {{ include "common.name" . }}
- name: {{ include "common.fullname" . }}
+ release: {{ .Release.Name }}
spec:
initContainers:
- command:
+ - /root/job_complete.py
+ args:
+ - -j
+ - {{ .Release.Name }}-aaf-create-config
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-job-complete
+ - command:
- /root/ready.py
args:
- --container-name
- aaf-cs
+ - --container-name
+ - aaf-locate
env:
- name: NAMESPACE
valueFrom:
@@ -52,12 +65,16 @@
- env:
- name: CASSANDRA_CLUSTER
value: cassandra_container
+ name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/cm/bin/cm >> /opt/app/osaaf/logs/cm/stdout`date -I` 2>> /opt/app/osaaf/logs/cm/stderr`date -I`"]
volumeMounts:
- - mountPath: /data
- name: aaf-data
- name: {{ include "common.name" . }}
+ - mountPath: /opt/app/osaaf
+ name: aaf-persistent-vol
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
@@ -82,10 +99,16 @@
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
-
volumes:
- - name: aaf-data
- configMap:
- name: {{ include "common.fullname" . }}
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: aaf-persistent-vol
+ {{- if .Values.global.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ .Release.Name }}-aaf-pvc
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/templates/service.yaml b/kubernetes/aaf/charts/aaf-cm/templates/service.yaml
similarity index 94%
rename from kubernetes/aaf/templates/service.yaml
rename to kubernetes/aaf/charts/aaf-cm/templates/service.yaml
index 587e07a..281aa1c 100644
--- a/kubernetes/aaf/templates/service.yaml
+++ b/kubernetes/aaf/charts/aaf-cm/templates/service.yaml
@@ -29,11 +29,11 @@
#Example internal target port if required
#targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/aaf/charts/aaf-cm/values.yaml b/kubernetes/aaf/charts/aaf-cm/values.yaml
new file mode 100644
index 0000000..75b1a7b
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cm/values.yaml
@@ -0,0 +1,86 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:1.1.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/aaf/aaf_cm:2.1.0-SNAPSHOT
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+config: {}
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ name: aaf-cm
+ type: ClusterIP
+ portName: aaf-cm
+ #targetPort
+ internalPort: 8150
+ #port
+ externalPort: 8150
+
+ingress:
+ enabled: false
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+# limits:
+# cpu: 2
+# memory: 4Gi
+# requests:
+# cpu: 2
+# memory: 4Gi
diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/ecomp.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/ecomp.cql
deleted file mode 100644
index 6fddf65..0000000
--- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/ecomp.cql
+++ /dev/null
@@ -1,169 +0,0 @@
-USE authz;
-
-// Create Root pass
-INSERT INTO cred (id,ns,type,cred,expires)
- VALUES ('dgl@openecomp.org','org.openecomp',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31');
-
-INSERT INTO cred (id,ns,type,cred,expires)
- VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31');
-
-INSERT INTO cred (id,ns,type,cred,expires)
- VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC',1,0xab3831f27b39d7a039f9a92aa2bbfe51,'2020-12-31');
-
-
-// Create 'com' root NS
-INSERT INTO ns (name,scope,description,parent,type)
- VALUES('com',1,'Root Namespace',null,1);
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('com','admin',{'com.access|*|*'},'Com Admins');
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('com','owner',{'com.access|*|read'},'Com Owners');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('com','access','*','read',{'com.owner'},'Com Read Access');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('com','access','*','*',{'com.admin'},'Com Write Access');
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('dgl@openecomp.org','com.owner','2020-12-31','com','owner');
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('dgl@openecomp.org','com.admin','2020-12-31','com','admin');
-
-// Create org root NS
-INSERT INTO ns (name,scope,description,parent,type)
- VALUES('org',1,'Root Namespace Org',null,1);
-
-INSERT INTO ns (name,scope,description,parent,type)
- VALUES('org.openecomp.dcae',3,'DCAE Namespace Org','org.openecomp',3);
-
-INSERT INTO ns (name,scope,description,parent,type)
- VALUES('org.openecomp.dmaapBC',3,'DMaaP BC Namespace Org','org.openecomp',3);
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org','admin',{'org.access|*|*'},'Com Admins');
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org','owner',{'org.access|*|read'},'Com Owners');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org','access','*','read',{'org.owner'},'Com Read Access');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org','access','*','*',{'org.admin'},'Com Write Access');
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('dgl@openecomp.org','org.owner','2020-12-31','org','owner');
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('dgl@openecomp.org','org.admin','2020-12-31','org','admin');
-
-
-// Create com.att
-
-INSERT INTO ns (name,scope,description,parent,type)
- VALUES('com.att',2,'AT&T Namespace','com',2);
-
-INSERT INTO role(ns, name, perms,description)
- VALUES('com.att','admin',{'com.att.access|*|*'},'AT&T Admins');
-
-INSERT INTO role(ns, name, perms,description)
- VALUES('com.att','owner',{'com.att.access|*|read'},'AT&T Owners');
-
-INSERT INTO perm(ns, type, instance, action, roles,description)
- VALUES ('com.att','access','*','read',{'com.att.owner'},'AT&T Read Access');
-
-INSERT INTO perm(ns, type, instance, action, roles,description)
- VALUES ('com.att','access','*','*',{'com.att.admin'},'AT&T Write Access');
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('dgl@openecomp.org','com.att.owner','2020-12-31','com.att','owner');
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('dgl@openecomp.org','com.att.admin','2020-12-31','com.att','admin');
-
-// Create com.att.aaf
-
-INSERT INTO ns (name,scope,description,parent,type)
- VALUES('com.att.aaf',3,'Application Authorization Framework','com.att',3);
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('com.att.aaf','admin',{'com.att.aaf.access|*|*'},'AAF Admins');
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('com.att.aaf','owner',{'com.att.aaf.access|*|read'},'AAF Owners');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('com.att.aaf','access','*','read',{'com.att.aaf.owner'},'AAF Read Access');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('com.att.aaf','access','*','*',{'com.att.aaf.admin'},'AAF Write Access');
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('dgl@openecomp.org','com.att.aaf.admin','2020-12-31','com.att.aaf','admin');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('dgl@openecomp.org','com.att.aaf.owner','2020-12-31','com.att.aaf','owner');
-
-
-// Create org.openecomp
-INSERT INTO ns (name,scope,description,parent,type)
- VALUES('org.openecomp',2,'Open EComp NS','com.att',2);
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.openecomp','admin',{'org.openecomp.access|*|*'},'OpenEcomp Admins');
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.openecomp','owner',{'org.openecomp.access|*|read'},'OpenEcomp Owners');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org.openecomp','access','*','read',{'org.openecomp.owner'},'OpenEcomp Read Access');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org.openecomp','access','*','*',{'org.openecomp.admin'},'OpenEcomp Write Access');
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('dgl@openecomp.org','org.openecomp.admin','2020-12-31','org.openecomp','admin');
-
-// Create org.openecomp.dmaapBC
-
-INSERT INTO ns (name,scope,description,parent,type)
- VALUES('org.openecomp.dmaapBC',3,'Application Authorization Framework','org.openecomp',3);
-
-//INSERT INTO role(ns, name, perms, description)
-// VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*'},'AAF Admins');
-
-INSERT INTO role(ns, name, perms, description)
-VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.topicFactory|:org.openecomp.dmaapBC.topic:org.openecomp.dmaapBC|create','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub'},'AAF Admins');
-
-//INSERT INTO role(ns, name, perms, description)
-//VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub'},'AAF Admins');
-
-//INSERT INTO role(ns, name, perms, description)
-//VALUES('org.openecomp.dmaapBC','admin',{'org.openecomp.dmaapBC.access|*|*','org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub'},'AAF Admins');
-
-
-
-INSERT INTO role(ns, name, perms, description)
- VALUES('org.openecomp.dmaapBC','owner',{'org.openecomp.dmaapBC.access|*|read'},'AAF Owners');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org.openecomp.dmaapBC','access','*','read',{'org.openecomp.dmaapBC.owner'},'AAF Read Access');
-
-INSERT INTO perm(ns, type, instance, action, roles, description)
- VALUES ('org.openecomp.dmaapBC','access','*','*',{'org.openecomp.dmaapBC.admin'},'AAF Write Access');
-
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('dgl@openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('dgl@openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('m99751@dmaapBC.openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC.admin','2020-12-31','org.openecomp.dmaapBC','admin');
-INSERT INTO user_role(user,role,expires,ns,rname)
- VALUES ('m99501@dmaapBC.openecomp.org','org.openecomp.dmaapBC.owner','2020-12-31','org.openecomp.dmaapBC','owner');
diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/identities.dat b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/identities.dat
deleted file mode 100644
index 98bf99a..0000000
--- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/identities.dat
+++ /dev/null
@@ -1,7 +0,0 @@
-iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e|
-mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna
-bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager
-mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager
-ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager
-iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager
-osaaf|ID of AAF|||||a|bdevl
diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/identities.idx b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/identities.idx
deleted file mode 100644
index 78fc0a5..0000000
--- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/identities.idx
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql
index 81700f8..c06e5ee 100644
--- a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql
+++ b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/init.cql
@@ -1,35 +1,6 @@
-// For Developer Machine single instance
-//
-CREATE KEYSPACE authz
-WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1};
-//
-// From Ravi, 6-17-2014. User for DEVL->TEST
-//
-// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'HYWRCA02': '2', 'BRHMALDC': '2' };
-//
-// PROD
-//
-// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','ALPSGACT': '2','STLSMORC': '2','BRHMALDC': '2' };
-//
-// create user authz with password '<AUTHZ PASSWORD>' superuser;
-// grant all on keyspace authz to authz;
-//
-// For TEST (aaf_test)
-// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'BRHMALDC': '1' };
-//
-// DEVL
-// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC': '2' };
-//
-// TEST / PERF
-// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC': '3','KGMTNC20': '3' };
-//
-// IST
-// CREATE KEYSPACE authz WITH replication = {'class': 'NetworkTopologyStrategy','STLSMORC':'3',
-// 'DLLSTXCF':'3','KGMTNC20':'3','SFLDMIBB':'3','HYWRCA02':'3' };
-//
-// with 6 localized with ccm
-// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' };
-//
+
+// Table Initialization
+// First make sure the keyspace exists.
USE authz;
@@ -51,12 +22,6 @@
);
CREATE INDEX ns_parent on ns(parent);
-
-// Oct 2015, not performant. Made Owner and Attrib first class Roles,
-// April, 2015. Originally, the plan was to utilize Cassandra 2.1.2, however, other team's preferences were to remain at current levels.
-// Therefore, we are taking the separate table approach. (coder Jeremiah Rohwedder)
-// We had dropped this by making first class objects of Responsible (Owner) and Admin. We need this again to mark namespaces
-// as having certain tools, like SWM, etc.
CREATE TABLE ns_attrib (
ns varchar,
key varchar,
@@ -125,10 +90,10 @@
CREATE INDEX cert_x500 ON cert(x500);
CREATE TABLE notify (
- user text,
- type int,
- last timestamp,
- checksum int,
+ user text,
+ type int,
+ last timestamp,
+ checksum int,
PRIMARY KEY (user,type)
);
@@ -155,14 +120,16 @@
sponsor text,
ca text,
dir text,
- appName text,
os_user text,
+ ns text,
notify text,
expires timestamp,
- renewDays int,
+ renewDays int,
+ sans Set<text>,
PRIMARY KEY (mechid,machine)
);
CREATE INDEX artifact_machine ON artifact(machine);
+CREATE INDEX artifact_ns ON artifact(ns);
//
// Non-Critical Table functions
@@ -216,6 +183,7 @@
status varchar, // approval status. pending, approved, denied
memo varchar, // Text for Approval to know what's going on
operation varchar, // List operation to perform
+ last_notified timestamp, // Timestamp for the last time approver was notified
PRIMARY KEY(id)
);
CREATE INDEX appr_approver_idx ON approval(approver);
@@ -223,6 +191,19 @@
CREATE INDEX appr_ticket_idx ON approval(ticket);
CREATE INDEX appr_status_idx ON approval(status);
+CREATE TABLE approved (
+ id timeuuid, // unique Key
+ user varchar, // the user who needs to be approved
+ approver varchar, // user approving
+ type varchar, // approver types i.e. Supervisor, Owner
+ status varchar, // approval status. pending, approved, denied
+ memo varchar, // Text for Approval to know what's going on
+ operation varchar, // List operation to perform
+ PRIMARY KEY(id)
+ );
+CREATE INDEX approved_approver_idx ON approved(approver);
+CREATE INDEX approved_user_idx ON approved(user);
+
CREATE TABLE delegate (
user varchar,
delegate varchar,
@@ -231,6 +212,49 @@
);
CREATE INDEX delg_delg_idx ON delegate(delegate);
+// OAuth Tokens
+CREATE TABLE oauth_token (
+ id text, // Reference
+ client_id text, // Creating Client ID
+ user text, // User requesting
+ active boolean, // Active or not
+ type int, // Type of Token
+ refresh text, // Refresh Token
+ expires timestamp, // Expiration time/Date (signed long)
+ exp_sec bigint, // Seconds from Jan 1, 1970
+ content text, // Content of Token
+ scopes Set<text>, // Scopes
+ state text, // Context string (Optional)
+ req_ip text, // Requesting IP (for logging purpose)
+ PRIMARY KEY(id)
+) with default_time_to_live = 21600; // 6 hours
+CREATE INDEX oauth_token_user_idx ON oauth_token(user);
+
+CREATE TABLE locate (
+ name text, // Component/Server name
+ hostname text, // FQDN of Service/Component
+ port int, // Port of Service
+ major int, // Version, Major
+ minor int, // Version, Minor
+ patch int, // Version, Patch
+ pkg int, // Version, Package (if available)
+ latitude float, // Latitude
+ longitude float, // Longitude
+ protocol text, // Protocol (i.e. http https)
+ subprotocol set<text>, // Accepted SubProtocols, ie. TLS1.1 for https
+ port_key uuid, // Key into locate_ports
+ PRIMARY KEY(name,hostname,port)
+) with default_time_to_live = 1200; // 20 mins
+
+CREATE TABLE locate_ports (
+ id uuid, // Id into locate
+ port int, // SubPort
+ name text, // Name of Other Port
+ protocol text, // Protocol of Other (i.e. JMX, DEBUG)
+ subprotocol set<text>, // Accepted sub protocols or versions
+ PRIMARY KEY(id, port)
+) with default_time_to_live = 1200; // 20 mins;
+
//
// Used by authz-batch processes to ensure only 1 runs at a time
//
diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql
new file mode 100644
index 0000000..52dc5ea
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/keyspace.cql
@@ -0,0 +1,11 @@
+// For Developer Machine single instance
+// CREATE KEYSPACE authz
+// WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1};
+//
+//
+
+// Example of Network Topology, with Datacenter dc1 & dc2
+// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' };
+// Out of the box Docker Cassandra comes with "datacenter1", one instance
+CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'datacenter1': '1' };
+//
diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql
new file mode 100644
index 0000000..e7385ab
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/osaaf.cql
@@ -0,0 +1,122 @@
+USE authz;
+
+// Create 'org' root NS
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org','Root Namespace','.',1,1);
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org','admin',{'org.access|*|*'},'Org Admins');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org','owner',{'org.access|*|read,approve'},'Org Owners');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org','access','*','read,approve',{'org.owner'},'Org Read Access');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org','access','*','*',{'org.admin'},'Org Write Access');
+
+// Create Root pass
+INSERT INTO cred (id,ns,type,cred,expires)
+ VALUES ('initial@osaaf.org','org.osaaf',1,0x008c5926ca861023c1d2a36653fd88e2,'2099-12-31') using TTL 14400;
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('initial@osaaf.org','org.admin','2099-12-31','org','admin') using TTL 14400;
+
+
+// Create org.osaaf
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org.osaaf','OSAAF Namespace','org',2,2);
+
+INSERT INTO role(ns, name, perms,description)
+ VALUES('org.osaaf','admin',{'org.osaaf.access|*|*'},'OSAAF Admins');
+
+INSERT INTO perm(ns, type, instance, action, roles,description)
+ VALUES ('org.osaaf','access','*','*',{'org.osaaf.admin'},'OSAAF Write Access');
+
+INSERT INTO role(ns, name, perms,description)
+ VALUES('org.osaaf','owner',{'org.osaaf.access|*|read,approve'},'OSAAF Owners');
+
+INSERT INTO perm(ns, type, instance, action, roles,description)
+ VALUES ('org.osaaf','access','*','read,appove',{'org.osaaf.owner'},'OSAAF Read Access');
+
+// Create org.osaaf.aaf
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org.osaaf.aaf','Application Authorization Framework','org.osaaf',3,3);
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.osaaf.aaf','admin',{'org.osaaf.aaf.access|*|*'},'AAF Admins');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.osaaf.aaf','access','*','*',{'org.osaaf.aaf.admin'},'AAF Write Access');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.osaaf.aaf','access','*','read,approve',{'org.osaaf.aaf.owner'},'AAF Read Access');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.osaaf.aaf','owner',{'org.osaaf.aaf.access|*|read,approve'},'AAF Owners');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('initial@osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') using TTL 14400;
+
+
+// ONAP Specific Entities
+// ONAP initial env Namespace
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org.onap','ONAP','org',2,2);
+
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org.onap.portal','ONAP Portal','org.onap.portal',3,3);
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.onap.portal','access','*','read',{
+ 'org.onap.portal.owner','org.onap.portal.designer','org.onap.portal.tester','org.onap.portal.ops','org.onap.portal.governor'
+ },'Portal Read Access');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','owner',{'org.onap.portal.access|*|read'},'Portal Owner');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.onap.portal','access','*','*',{'org.onap.portal.admin'},'Portal Write Access');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','admin',{'org.onap.portal.access|*|*'},'Portal Admins');
+
+// DEMO ID (OPS)
+insert into cred (id,type,expires,cred,notes,ns,other) values('demo@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('demo@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
+
+// ADMIN
+insert into cred (id,type,expires,cred,notes,ns,other) values('jh0003@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('jh0003@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
+
+// DESIGNER
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('cs0008@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','designer',{'org.onap.portal.access|*|read'},'Portal Designer');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('cs0008@people.osaaf.org','org.onap.portal.designer','2018-10-31','org.onap.portal','designer');
+
+// TESTER
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('jm0007@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','tester',{'org.onap.portal.access|*|read'},'Portal Tester');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('jm0007@people.osaaf.org','org.onap.portal.tester','2018-10-31','org.onap.portal','tester');
+
+// OPS
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('op0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','ops',{'org.onap.portal.access|*|read'},'Portal Operations');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('op0001@people.osaaf.org','org.onap.portal.ops','2018-10-31','org.onap.portal','ops');
+
+// GOVERNOR
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('gv0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','governor',{'org.onap.portal.access|*|read'},'Portal Governor');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('gv0001@people.osaaf.org','org.onap.portal.governor','2018-10-31','org.onap.portal','governor');
+
diff --git a/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql
new file mode 100644
index 0000000..5e7cfe1
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cs/resources/config/aaf-cs-data/temp_identity.cql
@@ -0,0 +1,8 @@
+USE authz;
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('demo@people.osaaf.org','org.admin','2099-12-31','org','admin') ;
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('demo@people.osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') ;
+
diff --git a/kubernetes/aaf/charts/aaf-cs/templates/NOTES.txt b/kubernetes/aaf/charts/aaf-cs/templates/NOTES.txt
new file mode 100644
index 0000000..c60c745
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-cs/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml
index 15e574f..4253d2f 100644
--- a/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-cs/templates/deployment.yaml
@@ -24,14 +24,11 @@
heritage: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
template:
metadata:
labels:
app: {{ include "common.name" . }}
- name: {{ .Release.Name }}
+ release: {{ .Release.Name }}
spec:
hostname: {{ include "common.name" . }}
containers:
@@ -39,24 +36,45 @@
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}
+ ports:
+ - containerPort: {{ .Values.service.externalPort }}
+ - containerPort: {{ .Values.service.externalPort2 }}
+ - containerPort: {{ .Values.service.externalPort3 }}
+ - containerPort: {{ .Values.service.externalPort4 }}
volumeMounts:
- mountPath: /data
name: aaf-cs-data
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ .Values.service.internalPort3 }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end -}}
readinessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ .Values.service.internalPort3 }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- resources:
+ lifecycle:
+ postStart:
+ exec:
+ command:
+ - /bin/sh
+ - -c
+ - >
+ /bin/sleep 30;
+ cd /data/;
+ cqlsh -u root -p root -f keyspace.cql ;
+ cqlsh -u root -p root -f init.cql ;
+ cqlsh -u root -p root -f osaaf.cql ;
+ cqlsh -u root -p root -f temp_identity.cql
+ resources:
{{ toYaml .Values.resources | indent 12 }}
{{- if .Values.nodeSelector }}
nodeSelector:
@@ -66,8 +84,10 @@
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
-
volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
- name: aaf-cs-data
secret:
secretName: {{ include "common.fullname" . }}
diff --git a/kubernetes/aaf/charts/aaf-cs/templates/service.yaml b/kubernetes/aaf/charts/aaf-cs/templates/service.yaml
index 2e4a619..b1716e4 100644
--- a/kubernetes/aaf/charts/aaf-cs/templates/service.yaml
+++ b/kubernetes/aaf/charts/aaf-cs/templates/service.yaml
@@ -22,6 +22,8 @@
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
+# annotations:
+# service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
spec:
type: {{ .Values.service.type }}
ports:
@@ -30,29 +32,29 @@
#Example internal target port if required
#targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
- port: {{ .Values.service.externalPort2 }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
- name: {{ .Values.service.name }}2
+ name: {{ .Values.service.portName }}2
- port: {{ .Values.service.externalPort3 }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }}
- name: {{ .Values.service.name }}3
+ name: {{ .Values.service.portName }}3
- port: {{ .Values.service.externalPort4 }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }}
- name: {{ .Values.service.name }}4
+ name: {{ .Values.service.portName }}4
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
- port: {{ .Values.service.externalPort2 }}
targetPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.name }}2
+ name: {{ .Values.service.portName }}2
- port: {{ .Values.service.externalPort3 }}
targetPort: {{ .Values.service.internalPort3 }}
- name: {{ .Values.service.name }}3
+ name: {{ .Values.service.portName }}3
- port: {{ .Values.service.externalPort4 }}
targetPort: {{ .Values.service.internalPort4 }}
- name: {{ .Values.service.name }}4
+ name: {{ .Values.service.portName }}4
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/aaf/charts/aaf-cs/values.yaml b/kubernetes/aaf/charts/aaf-cs/values.yaml
index 89b83cd..83bc972f 100644
--- a/kubernetes/aaf/charts/aaf-cs/values.yaml
+++ b/kubernetes/aaf/charts/aaf-cs/values.yaml
@@ -25,7 +25,7 @@
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: library/cassandra:2.1.17
+image: library/cassandra:3.11
pullPolicy: Always
# flag to enable debugging - application support required
@@ -54,8 +54,9 @@
periodSeconds: 10
service:
+ name: aaf-cass
type: ClusterIP
- name: aaf-cs
+ portName: aaf-cs
#targetPort
internalPort: 7000
#port
diff --git a/kubernetes/aaf/charts/aaf-fs/.helmignore b/kubernetes/aaf/charts/aaf-fs/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-fs/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/aaf/charts/aaf-fs/Chart.yaml b/kubernetes/aaf/charts/aaf-fs/Chart.yaml
new file mode 100644
index 0000000..6b0fdcb
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-fs/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAF File Server
+name: aaf-fs
+version: 2.0.0
\ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-fs/templates/NOTES.txt b/kubernetes/aaf/charts/aaf-fs/templates/NOTES.txt
new file mode 100644
index 0000000..c60c745
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-fs/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/aaf/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml
similarity index 69%
copy from kubernetes/aaf/templates/deployment.yaml
copy to kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml
index 2a4e7d2..0bbd6a5 100644
--- a/kubernetes/aaf/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml
@@ -24,21 +24,34 @@
namespace: {{ include "common.namespace" . }}
spec:
replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
template:
metadata:
labels:
app: {{ include "common.name" . }}
- name: {{ include "common.fullname" . }}
+ release: {{ .Release.Name }}
spec:
initContainers:
- command:
+ - /root/job_complete.py
+ args:
+ - -j
+ - {{ .Release.Name }}-aaf-create-config
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-job-complete
+ - command:
- /root/ready.py
args:
- --container-name
- aaf-cs
+ - --container-name
+ - aaf-locate
env:
- name: NAMESPACE
valueFrom:
@@ -52,12 +65,16 @@
- env:
- name: CASSANDRA_CLUSTER
value: cassandra_container
+ name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["/bin/bash","-c","echo hello >> /opt/app/osaaf/logs/fs/stdout`date -I`;ln -s /opt/app/osaaf/data /data;/opt/app/aaf/fs/bin/fs >> /opt/app/osaaf/logs/fs/stdout`date -I` 2>> /opt/app/osaaf/logs/fs/stderr`date -I`"]
volumeMounts:
- - mountPath: /data
- name: aaf-data
- name: {{ include "common.name" . }}
+ - mountPath: /opt/app/osaaf
+ name: aaf-persistent-vol
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
@@ -82,10 +99,16 @@
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
-
volumes:
- - name: aaf-data
- configMap:
- name: {{ include "common.fullname" . }}
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: aaf-persistent-vol
+ {{- if .Values.global.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ .Release.Name }}-aaf-pvc
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/templates/service.yaml b/kubernetes/aaf/charts/aaf-fs/templates/service.yaml
similarity index 94%
copy from kubernetes/aaf/templates/service.yaml
copy to kubernetes/aaf/charts/aaf-fs/templates/service.yaml
index 587e07a..281aa1c 100644
--- a/kubernetes/aaf/templates/service.yaml
+++ b/kubernetes/aaf/charts/aaf-fs/templates/service.yaml
@@ -29,11 +29,11 @@
#Example internal target port if required
#targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/aaf/charts/aaf-fs/values.yaml b/kubernetes/aaf/charts/aaf-fs/values.yaml
new file mode 100644
index 0000000..be0f53d
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-fs/values.yaml
@@ -0,0 +1,86 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:1.1.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/aaf/aaf_fs:2.1.0-SNAPSHOT
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+config: {}
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ name: aaf-fs
+ type: ClusterIP
+ portName: aaf-fs
+ #targetPort
+ internalPort: 8096
+ #port
+ externalPort: 8096
+
+ingress:
+ enabled: false
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+# limits:
+# cpu: 2
+# memory: 4Gi
+# requests:
+# cpu: 2
+# memory: 4Gi
diff --git a/kubernetes/aaf/charts/aaf-gui/.helmignore b/kubernetes/aaf/charts/aaf-gui/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-gui/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/aaf/charts/aaf-gui/Chart.yaml b/kubernetes/aaf/charts/aaf-gui/Chart.yaml
new file mode 100644
index 0000000..d0aea0b
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-gui/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAF GUI
+name: aaf-gui
+version: 2.0.0
\ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-gui/templates/NOTES.txt b/kubernetes/aaf/charts/aaf-gui/templates/NOTES.txt
new file mode 100644
index 0000000..c60c745
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-gui/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/aaf/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml
similarity index 70%
copy from kubernetes/aaf/templates/deployment.yaml
copy to kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml
index 2a4e7d2..ee503ca 100644
--- a/kubernetes/aaf/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml
@@ -24,21 +24,34 @@
namespace: {{ include "common.namespace" . }}
spec:
replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
template:
metadata:
labels:
app: {{ include "common.name" . }}
- name: {{ include "common.fullname" . }}
+ release: {{ .Release.Name }}
spec:
initContainers:
- command:
+ - /root/job_complete.py
+ args:
+ - -j
+ - {{ .Release.Name }}-aaf-create-config
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-job-complete
+ - command:
- /root/ready.py
args:
- --container-name
- aaf-cs
+ - --container-name
+ - aaf-locate
env:
- name: NAMESPACE
valueFrom:
@@ -52,12 +65,16 @@
- env:
- name: CASSANDRA_CLUSTER
value: cassandra_container
+ name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/gui/bin/gui >> /opt/app/osaaf/logs/gui/stdout`date -I` 2>> /opt/app/osaaf/logs/gui/stderr`date -I`"]
volumeMounts:
- - mountPath: /data
- name: aaf-data
- name: {{ include "common.name" . }}
+ - mountPath: /opt/app/osaaf
+ name: aaf-persistent-vol
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
@@ -82,10 +99,16 @@
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
-
volumes:
- - name: aaf-data
- configMap:
- name: {{ include "common.fullname" . }}
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: aaf-persistent-vol
+ {{- if .Values.global.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ .Release.Name }}-aaf-pvc
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/templates/service.yaml b/kubernetes/aaf/charts/aaf-gui/templates/service.yaml
similarity index 94%
copy from kubernetes/aaf/templates/service.yaml
copy to kubernetes/aaf/charts/aaf-gui/templates/service.yaml
index 587e07a..281aa1c 100644
--- a/kubernetes/aaf/templates/service.yaml
+++ b/kubernetes/aaf/charts/aaf-gui/templates/service.yaml
@@ -29,11 +29,11 @@
#Example internal target port if required
#targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/aaf/charts/aaf-gui/values.yaml b/kubernetes/aaf/charts/aaf-gui/values.yaml
new file mode 100644
index 0000000..02c572f
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-gui/values.yaml
@@ -0,0 +1,87 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:1.1.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/aaf/aaf_gui:2.1.0-SNAPSHOT
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+config: {}
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ name: aaf-gui
+ type: NodePort
+ portName: aaf-gui
+ #targetPort
+ internalPort: 8200
+ #port
+ externalPort: 8200
+ nodePort: 51
+
+ingress:
+ enabled: false
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+# limits:
+# cpu: 2
+# memory: 4Gi
+# requests:
+# cpu: 2
+# memory: 4Gi
diff --git a/kubernetes/aaf/charts/aaf-hello/.helmignore b/kubernetes/aaf/charts/aaf-hello/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-hello/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/aaf/charts/aaf-hello/Chart.yaml b/kubernetes/aaf/charts/aaf-hello/Chart.yaml
new file mode 100644
index 0000000..c4029ba
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-hello/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAF Hello
+name: aaf-hello
+version: 2.0.0
\ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-hello/templates/NOTES.txt b/kubernetes/aaf/charts/aaf-hello/templates/NOTES.txt
new file mode 100644
index 0000000..c60c745
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-hello/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/aaf/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml
similarity index 70%
copy from kubernetes/aaf/templates/deployment.yaml
copy to kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml
index 2a4e7d2..b47d878 100644
--- a/kubernetes/aaf/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml
@@ -24,21 +24,34 @@
namespace: {{ include "common.namespace" . }}
spec:
replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
template:
metadata:
labels:
app: {{ include "common.name" . }}
- name: {{ include "common.fullname" . }}
+ release: {{ .Release.Name }}
spec:
initContainers:
- command:
+ - /root/job_complete.py
+ args:
+ - -j
+ - {{ .Release.Name }}-aaf-create-config
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-job-complete
+ - command:
- /root/ready.py
args:
- --container-name
- aaf-cs
+ - --container-name
+ - aaf-locate
env:
- name: NAMESPACE
valueFrom:
@@ -52,12 +65,16 @@
- env:
- name: CASSANDRA_CLUSTER
value: cassandra_container
+ name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/hello/bin/hello >> /opt/app/osaaf/logs/hello/stdout`date -I` 2>> /opt/app/osaaf/logs/hello/stderr`date -I`"]
volumeMounts:
- - mountPath: /data
- name: aaf-data
- name: {{ include "common.name" . }}
+ - mountPath: /opt/app/osaaf
+ name: aaf-persistent-vol
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
@@ -82,10 +99,16 @@
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
-
volumes:
- - name: aaf-data
- configMap:
- name: {{ include "common.fullname" . }}
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: aaf-persistent-vol
+ {{- if .Values.global.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ .Release.Name }}-aaf-pvc
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/templates/service.yaml b/kubernetes/aaf/charts/aaf-hello/templates/service.yaml
similarity index 94%
copy from kubernetes/aaf/templates/service.yaml
copy to kubernetes/aaf/charts/aaf-hello/templates/service.yaml
index 587e07a..281aa1c 100644
--- a/kubernetes/aaf/templates/service.yaml
+++ b/kubernetes/aaf/charts/aaf-hello/templates/service.yaml
@@ -29,11 +29,11 @@
#Example internal target port if required
#targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/aaf/charts/aaf-hello/values.yaml b/kubernetes/aaf/charts/aaf-hello/values.yaml
new file mode 100644
index 0000000..ad95b07
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-hello/values.yaml
@@ -0,0 +1,86 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:1.1.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/aaf/aaf_hello:2.1.0-SNAPSHOT
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+config: {}
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ name: aaf-hello
+ type: ClusterIP
+ portName: aaf-hello
+ #targetPort
+ internalPort: 8130
+ #port
+ externalPort: 8130
+
+ingress:
+ enabled: false
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+# limits:
+# cpu: 2
+# memory: 4Gi
+# requests:
+# cpu: 2
+# memory: 4Gi
diff --git a/kubernetes/aaf/charts/aaf-locate/.helmignore b/kubernetes/aaf/charts/aaf-locate/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-locate/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/aaf/charts/aaf-locate/Chart.yaml b/kubernetes/aaf/charts/aaf-locate/Chart.yaml
new file mode 100644
index 0000000..db50ec3
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-locate/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAF Locate
+name: aaf-locate
+version: 2.0.0
\ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-locate/templates/NOTES.txt b/kubernetes/aaf/charts/aaf-locate/templates/NOTES.txt
new file mode 100644
index 0000000..c60c745
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-locate/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/aaf/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml
similarity index 71%
rename from kubernetes/aaf/templates/deployment.yaml
rename to kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml
index 2a4e7d2..de5a46e 100644
--- a/kubernetes/aaf/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml
@@ -24,17 +24,28 @@
namespace: {{ include "common.namespace" . }}
spec:
replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
template:
metadata:
labels:
app: {{ include "common.name" . }}
- name: {{ include "common.fullname" . }}
+ release: {{ .Release.Name }}
spec:
initContainers:
- command:
+ - /root/job_complete.py
+ args:
+ - -j
+ - {{ .Release.Name }}-aaf-create-config
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-job-complete
+ - command:
- /root/ready.py
args:
- --container-name
@@ -52,12 +63,16 @@
- env:
- name: CASSANDRA_CLUSTER
value: cassandra_container
+ name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/locate/bin/locate >> /opt/app/osaaf/logs/locate/stdout`date -I` 2>> /opt/app/osaaf/logs/locate/stderr`date -I`"]
volumeMounts:
- - mountPath: /data
- name: aaf-data
- name: {{ include "common.name" . }}
+ - mountPath: /opt/app/osaaf
+ name: aaf-persistent-vol
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
@@ -82,10 +97,16 @@
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
-
volumes:
- - name: aaf-data
- configMap:
- name: {{ include "common.fullname" . }}
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: aaf-persistent-vol
+ {{- if .Values.global.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ .Release.Name }}-aaf-pvc
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/templates/service.yaml b/kubernetes/aaf/charts/aaf-locate/templates/service.yaml
similarity index 94%
copy from kubernetes/aaf/templates/service.yaml
copy to kubernetes/aaf/charts/aaf-locate/templates/service.yaml
index 587e07a..281aa1c 100644
--- a/kubernetes/aaf/templates/service.yaml
+++ b/kubernetes/aaf/charts/aaf-locate/templates/service.yaml
@@ -29,11 +29,11 @@
#Example internal target port if required
#targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/aaf/charts/aaf-locate/values.yaml b/kubernetes/aaf/charts/aaf-locate/values.yaml
new file mode 100644
index 0000000..fbed947
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-locate/values.yaml
@@ -0,0 +1,90 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:1.1.0
+
+# If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines.
+# persistence:
+# mountPath: /dockerdata
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/aaf/aaf_locate:2.1.0-SNAPSHOT
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+config: {}
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ name: aaf-locate
+ type: ClusterIP
+ portName: aaf-locate
+ #targetPort
+ internalPort: 8095
+ #port
+ externalPort: 8095
+
+ingress:
+ enabled: false
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+# limits:
+# cpu: 2
+# memory: 4Gi
+# requests:
+# cpu: 2
+# memory: 4Gi
diff --git a/kubernetes/aaf/charts/aaf-oauth/.helmignore b/kubernetes/aaf/charts/aaf-oauth/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-oauth/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/aaf/charts/aaf-oauth/Chart.yaml b/kubernetes/aaf/charts/aaf-oauth/Chart.yaml
new file mode 100644
index 0000000..bcb135b
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-oauth/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAF OAuth
+name: aaf-oauth
+version: 2.0.0
\ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/NOTES.txt b/kubernetes/aaf/charts/aaf-oauth/templates/NOTES.txt
new file mode 100644
index 0000000..c60c745
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-oauth/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/aaf/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml
similarity index 70%
copy from kubernetes/aaf/templates/deployment.yaml
copy to kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml
index 2a4e7d2..00d6ee0 100644
--- a/kubernetes/aaf/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml
@@ -24,21 +24,34 @@
namespace: {{ include "common.namespace" . }}
spec:
replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
template:
metadata:
labels:
app: {{ include "common.name" . }}
- name: {{ include "common.fullname" . }}
+ release: {{ .Release.Name }}
spec:
initContainers:
- command:
+ - /root/job_complete.py
+ args:
+ - -j
+ - {{ .Release.Name }}-aaf-create-config
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-job-complete
+ - command:
- /root/ready.py
args:
- --container-name
- aaf-cs
+ - --container-name
+ - aaf-locate
env:
- name: NAMESPACE
valueFrom:
@@ -52,12 +65,16 @@
- env:
- name: CASSANDRA_CLUSTER
value: cassandra_container
+ name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/oauth/bin/oauth >> /opt/app/osaaf/logs/oauth/stdout`date -I` 2>> /opt/app/osaaf/logs/oauth/stderr`date -I`"]
volumeMounts:
- - mountPath: /data
- name: aaf-data
- name: {{ include "common.name" . }}
+ - mountPath: /opt/app/osaaf
+ name: aaf-persistent-vol
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
@@ -82,10 +99,16 @@
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
-
volumes:
- - name: aaf-data
- configMap:
- name: {{ include "common.fullname" . }}
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: aaf-persistent-vol
+ {{- if .Values.global.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ .Release.Name }}-aaf-pvc
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/templates/service.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml
similarity index 94%
copy from kubernetes/aaf/templates/service.yaml
copy to kubernetes/aaf/charts/aaf-oauth/templates/service.yaml
index 587e07a..281aa1c 100644
--- a/kubernetes/aaf/templates/service.yaml
+++ b/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml
@@ -29,11 +29,11 @@
#Example internal target port if required
#targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/aaf/charts/aaf-oauth/values.yaml b/kubernetes/aaf/charts/aaf-oauth/values.yaml
new file mode 100644
index 0000000..4311696
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-oauth/values.yaml
@@ -0,0 +1,86 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:1.1.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/aaf/aaf_oauth:2.1.0-SNAPSHOT
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+config: {}
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ name: aaf-oauth
+ type: ClusterIP
+ portName: aaf-oauth
+ #targetPort
+ internalPort: 8140
+ #port
+ externalPort: 8140
+
+ingress:
+ enabled: false
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+# limits:
+# cpu: 2
+# memory: 4Gi
+# requests:
+# cpu: 2
+# memory: 4Gi
diff --git a/kubernetes/aaf/charts/aaf-service/Chart.yaml b/kubernetes/aaf/charts/aaf-service/Chart.yaml
new file mode 100644
index 0000000..3461f1a
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-service/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAF Service
+name: aaf-service
+version: 2.0.0
diff --git a/kubernetes/aaf/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml
similarity index 70%
copy from kubernetes/aaf/templates/deployment.yaml
copy to kubernetes/aaf/charts/aaf-service/templates/deployment.yaml
index 2a4e7d2..9fd6eba 100644
--- a/kubernetes/aaf/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml
@@ -24,21 +24,34 @@
namespace: {{ include "common.namespace" . }}
spec:
replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
template:
metadata:
labels:
app: {{ include "common.name" . }}
- name: {{ include "common.fullname" . }}
+ release: {{ .Release.Name }}
spec:
initContainers:
- command:
+ - /root/job_complete.py
+ args:
+ - -j
+ - {{ .Release.Name }}-aaf-create-config
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-job-complete
+ - command:
- /root/ready.py
args:
- --container-name
- aaf-cs
+ - --container-name
+ - aaf-locate
env:
- name: NAMESPACE
valueFrom:
@@ -52,12 +65,16 @@
- env:
- name: CASSANDRA_CLUSTER
value: cassandra_container
+ name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ["/bin/bash","-c"," ln -s /opt/app/osaaf/data /data;/opt/app/aaf/service/bin/service >> /opt/app/osaaf/logs/service/stdout`date -I` 2>> /opt/app/osaaf/logs/service/stderr`date -I`"]
volumeMounts:
- - mountPath: /data
- name: aaf-data
- name: {{ include "common.name" . }}
+ - mountPath: /opt/app/osaaf
+ name: aaf-persistent-vol
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
@@ -82,10 +99,16 @@
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
-
volumes:
- - name: aaf-data
- configMap:
- name: {{ include "common.fullname" . }}
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: aaf-persistent-vol
+ {{- if .Values.global.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ .Release.Name }}-aaf-pvc
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/templates/service.yaml b/kubernetes/aaf/charts/aaf-service/templates/service.yaml
similarity index 94%
copy from kubernetes/aaf/templates/service.yaml
copy to kubernetes/aaf/charts/aaf-service/templates/service.yaml
index 587e07a..281aa1c 100644
--- a/kubernetes/aaf/templates/service.yaml
+++ b/kubernetes/aaf/charts/aaf-service/templates/service.yaml
@@ -29,11 +29,11 @@
#Example internal target port if required
#targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.name }}
+ name: {{ .Values.service.portName }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/aaf/charts/aaf-service/values.yaml b/kubernetes/aaf/charts/aaf-service/values.yaml
new file mode 100644
index 0000000..33c1644
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-service/values.yaml
@@ -0,0 +1,87 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/aaf/aaf_service:2.1.0-SNAPSHOT
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+config: {}
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ name: aaf-service
+ type: NodePort
+ portName: aaf-service
+ #targetPort
+ internalPort: 8100
+ #port
+ externalPort: 8100
+ nodePort: 50
+
+ingress:
+ enabled: false
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+# limits:
+# cpu: 2
+# memory: 4Gi
+# requests:
+# cpu: 2
+# memory: 4Gi
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml
index 26f0304..ddfc7c6 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml
+++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml
@@ -75,4 +75,5 @@
- name: localtime
hostPath:
path: /etc/localtime
-
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml
index 07b8c33..53e7286 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml
+++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml
@@ -21,10 +21,10 @@
persistence: {}
# application image
-repository: docker.io
+repository: nexus3.onap.org:10001
image:
- consul: consul:1.0.6
- vault: vault:0.10.0
+ consul: library/consul:1.0.6
+ vault: library/vault:0.10.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/aaf/requirements.yaml b/kubernetes/aaf/requirements.yaml
index fb4321d..1e8f788 100644
--- a/kubernetes/aaf/requirements.yaml
+++ b/kubernetes/aaf/requirements.yaml
@@ -1,7 +1,18 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
dependencies:
- name: common
version: ~2.0.0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
- repository: '@local'
+ repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/aaf/resources/config/aaf-data/identities.dat b/kubernetes/aaf/resources/config/aaf-data/identities.dat
deleted file mode 100644
index 95eb51d..0000000
--- a/kubernetes/aaf/resources/config/aaf-data/identities.dat
+++ /dev/null
@@ -1,9 +0,0 @@
-iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e|
-mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna
-bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager
-mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager
-ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager
-iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager
-osaaf|ID of AAF|||||a|bdevl
-m99751|ID of AAF|||||a|bdevl
-m99501|ID of AAF|||||a|bdevl
diff --git a/kubernetes/aaf/resources/config/backup/backup.sh b/kubernetes/aaf/resources/config/backup/backup.sh
new file mode 100644
index 0000000..1359d3d
--- /dev/null
+++ b/kubernetes/aaf/resources/config/backup/backup.sh
@@ -0,0 +1,32 @@
+# BEGIN Store prev
+BD=/opt/app/osaaf/backup
+if [ -e "$BD/6day" ]; then
+ rm -Rf $BD/6day
+fi
+
+PREV=$BD/6day
+for D in $BD/5day $BD/4day $BD/3day $BD/2day $BD/yesterday; do
+ if [ -e "$D" ]; then
+ mv "$D" "$PREV"
+ fi
+ PREV="$D"
+done
+
+if [ -e "$BD/today" ]; then
+ if [ -e "$BD/backup.log" ]; then
+ mv $BD/backup.log $BD/today
+ fi
+ gzip $BD/today/*
+ mv $BD/today $BD/yesterday
+fi
+
+mkdir $BD/today
+
+# END Store prev
+date
+docker exec -t aaf_cass bash -c "mkdir -p /opt/app/cass_backup"
+docker container cp $BD/cbackup.sh aaf_cass:/opt/app/cass_backup/backup.sh
+# echo "login as Root, then run \nbash /opt/app/cass_backup/backup.sh"
+docker exec -t aaf_cass bash /opt/app/cass_backup/backup.sh
+docker container cp aaf_cass:/opt/app/cass_backup/. $BD/today
+date
diff --git a/kubernetes/aaf/resources/config/backup/cbackup.sh b/kubernetes/aaf/resources/config/backup/cbackup.sh
new file mode 100644
index 0000000..9c91d0c
--- /dev/null
+++ b/kubernetes/aaf/resources/config/backup/cbackup.sh
@@ -0,0 +1,8 @@
+cd /opt/app/cass_backup
+DATA="ns role perm ns_attrib user_role cred cert x509 delegate approval approved future notify artifact health history"
+PWD=cassandra
+CQLSH="cqlsh -u cassandra -k authz -p $PWD"
+for T in $DATA ; do
+ echo "Creating $T.dat"
+ $CQLSH -e "COPY authz.$T TO '$T.dat' WITH DELIMITER='|'"
+done
diff --git a/kubernetes/aaf/resources/config/data/identities.dat b/kubernetes/aaf/resources/config/data/identities.dat
new file mode 100644
index 0000000..39d18a1
--- /dev/null
+++ b/kubernetes/aaf/resources/config/data/identities.dat
@@ -0,0 +1,27 @@
+#
+# Sample Identities.dat
+# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with
+# out-of-the-box tire-kicking, or even for Small companies
+#
+# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing
+# batch feeds, as is appropriate for your company.
+#
+# Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split
+# out AppIDs, choose your own status indicators, or whatever you use.
+# 0 - unique ID
+# 1 - full name
+# 2 - first name
+# 3 - last name
+# 4 - phone
+# 5 - official email
+# 6 - employment status e=employee, c=contractor, a=application, n=no longer with company
+# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
+#
+
+iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e|
+mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna
+bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager
+mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager
+ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager
+iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager
+osaaf|ID of AAF|||||a|bdevl
diff --git a/kubernetes/aaf/resources/config/data/sample.identities.dat b/kubernetes/aaf/resources/config/data/sample.identities.dat
new file mode 100644
index 0000000..39d18a1
--- /dev/null
+++ b/kubernetes/aaf/resources/config/data/sample.identities.dat
@@ -0,0 +1,27 @@
+#
+# Sample Identities.dat
+# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with
+# out-of-the-box tire-kicking, or even for Small companies
+#
+# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing
+# batch feeds, as is appropriate for your company.
+#
+# Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split
+# out AppIDs, choose your own status indicators, or whatever you use.
+# 0 - unique ID
+# 1 - full name
+# 2 - first name
+# 3 - last name
+# 4 - phone
+# 5 - official email
+# 6 - employment status e=employee, c=contractor, a=application, n=no longer with company
+# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
+#
+
+iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@osaaf.com|e|
+mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@osaaf.com|e|iowna
+bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.develper@osaaf.com|e|mmanager
+mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@osaaf.com|e|mmanager
+ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@osaaf.com|c|mmanager
+iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@osaaf.com|n|mmanager
+osaaf|ID of AAF|||||a|bdevl
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.cm.props b/kubernetes/aaf/resources/config/etc/org.osaaf.cm.props
new file mode 100644
index 0000000..d634cfe
--- /dev/null
+++ b/kubernetes/aaf/resources/config/etc/org.osaaf.cm.props
@@ -0,0 +1,14 @@
+##
+## org.osaaf.cm.props
+## AAF Certificate Manager properties
+## Note: Link to CA Properties in "local" dir
+##
+cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/local/org.osaaf.cm.ca.props
+aaf_component=AAF_NS.cm:2.1.0.0
+port=8150
+cadi_registration_hostname={{.Values.config.cmServiceName}}
+#Certman
+cm_public_dir=/opt/app/osaaf/public
+cm_trust_cas=AAF_RootCA.cer
+
+
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.common.props b/kubernetes/aaf/resources/config/etc/org.osaaf.common.props
new file mode 100644
index 0000000..8b75e70
--- /dev/null
+++ b/kubernetes/aaf/resources/config/etc/org.osaaf.common.props
@@ -0,0 +1,29 @@
+############################################################
+# Common properties for all AAF Components
+# on 2018-03-02 06:59.628-0500
+############################################################
+# Pull in Global Coordinates and Certificate Information
+aaf_root_ns=org.osaaf.aaf
+aaf_trust_perm=org.osaaf.aaf|org.onap|trust
+
+cadi_prop_files=/opt/app/osaaf/local/org.osaaf.location.props:/opt/app/osaaf/local/org.osaaf.aaf.props
+cadi_protocols=TLSv1.1,TLSv1.2
+
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+cadi_loginpage_url=https://AAF_LOCATE_URL/AAF_NS.gui:2.0/login
+
+# Standard for this App/Machine
+aaf_env=DEV
+aaf_data_dir=/opt/app/osaaf/data
+cadi_loglevel=DEBUG
+
+# Domain Support (which will accept)
+aaf_domain_support=.com:.org
+
+# Basic Auth
+aaf_default_realm=people.osaaf.org
+
+# OAuth2
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.fs.props b/kubernetes/aaf/resources/config/etc/org.osaaf.fs.props
new file mode 100644
index 0000000..d499f97
--- /dev/null
+++ b/kubernetes/aaf/resources/config/etc/org.osaaf.fs.props
@@ -0,0 +1,10 @@
+##
+## org.osaaf.locator
+## AAF Locator Properties
+##
+cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props
+aaf_component=AAF_NS.fs:2.1.0.0
+port=8096
+cadi_registration_hostname={{.Values.config.fsServiceName}}
+
+aaf_public_dir=/opt/app/osaaf/public
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.gui.props b/kubernetes/aaf/resources/config/etc/org.osaaf.gui.props
new file mode 100644
index 0000000..86b3aa6
--- /dev/null
+++ b/kubernetes/aaf/resources/config/etc/org.osaaf.gui.props
@@ -0,0 +1,31 @@
+##
+## org.osaaf.locator
+## AAF Locator Properties
+##
+cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/etc/org.osaaf.orgs.props
+aaf_component=AAF_NS.gui:2.1.0.0
+port=8200
+cadi_registration_hostname={{.Values.config.guiServiceName}}
+
+aaf_gui_title=AAF
+aaf_gui_copyright=(c) 2018 AT&T Intellectual Property. All rights reserved.
+aaf_gui_theme=theme/onap
+cadi_loginpage_url=https://AAF_LOCATE_URL/com.att.aaf.gui:2.0/login
+
+# GUI URLS and Help URLS
+cm_url=https://{{.Values.config.cmServiceName}}:8150
+gw_url=https://{{.Values.config.locateServiceName}}:8095
+fs_url=http://{{.Values.config.fsServiceName}}:8096
+
+aaf_url.gui_onboard=https://wiki.web.att.com/display/aaf/OnBoarding
+aaf_url.cuigui=https://wiki.web.att.com/display/aaf/Using+the+Command+Prompt
+
+aaf_url.aaf_help=https://wiki.onap.org/display/DW/Application+Authorization+Framework+Documentation
+aaf_url.aaf_help.sub=Bootstrapping+AAF,Installation+Guide
+aaf_url.aaf_help.sub.Bootstrapping+AAF=https://wiki.onap.org/display/DW/Bootstrapping+AAF
+aaf_url.aaf_help.sub.Installation+Guide=https://wiki.onap.org/display/DW/AAF+Installation+Guide
+#aaf_url.cadi_help=
+aaf_url.tools=AAF+Projects,AAF+Jira,AAF+Calendar
+aaf_url.tool=AAF+Jira=https://jira.onap.org/secure/RapidBoard.jspa?rapidView=69&projectKey=AAF&view=detail&selectedIssue=AAF-134
+aaf_url.tool.AAF+Projects=https://gerrit.onap.org/r/#/admin/projects/?filter=aaf%2F
+aaf_url.tool.AAF+Calendar=https://wiki.onap.org/pages/viewpage.action?pageId=6587439
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.hello.props b/kubernetes/aaf/resources/config/etc/org.osaaf.hello.props
new file mode 100644
index 0000000..d832aaf
--- /dev/null
+++ b/kubernetes/aaf/resources/config/etc/org.osaaf.hello.props
@@ -0,0 +1,8 @@
+##
+## org.osaaf.locator
+## AAF Locator Properties
+##
+cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props
+aaf_component=AAF_NS.hello:2.1.0.0
+port=8130
+cadi_registration_hostname={{.Values.config.helloServiceName}}
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.locate.props b/kubernetes/aaf/resources/config/etc/org.osaaf.locate.props
new file mode 100644
index 0000000..47a174e
--- /dev/null
+++ b/kubernetes/aaf/resources/config/etc/org.osaaf.locate.props
@@ -0,0 +1,8 @@
+##
+## org.osaaf.locator
+## AAF Locator Properties
+##
+cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props
+aaf_component=AAF_NS.locator:2.1.0.0
+port=8095
+cadi_registration_hostname={{.Values.config.locateServiceName}}
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.log4j.props b/kubernetes/aaf/resources/config/etc/org.osaaf.log4j.props
new file mode 100644
index 0000000..9f10802
--- /dev/null
+++ b/kubernetes/aaf/resources/config/etc/org.osaaf.log4j.props
@@ -0,0 +1,51 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+log4j.appender.INIT=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.INIT.File=${LOG4J_FILENAME_init}
+log4j.appender.INIT.DatePattern='.'yyyy-MM-dd
+log4j.appender.INIT.layout=org.apache.log4j.PatternLayout
+log4j.appender.INIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n
+
+log4j.appender.SRVR=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.SRVR.File=${LOG4J_FILENAME_service}
+log4j.appender.SRVR.DatePattern='.'yyyy-MM-dd
+log4j.appender.SRVR.layout=org.apache.log4j.PatternLayout
+log4j.appender.SRVR.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %p [%c] %m %n
+
+log4j.appender.AUDIT=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.AUDIT.File=${LOG4J_FILENAME_audit}
+log4j.appender.AUDIT.DatePattern='.'yyyy-MM-dd
+log4j.appender.AUDIT.layout=org.apache.log4j.PatternLayout
+log4j.appender.AUDIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n
+
+log4j.appender.stdout=org.apache.log4j.ConsoleAppender
+log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
+log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] %m %n
+
+# General Apache libraries
+log4j.rootLogger=WARN.SRVR
+log4j.logger.org.apache=WARN,SRVR
+log4j.logger.com.datastax=WARN,SRVR
+log4j.logger.init=INFO,INIT
+log4j.logger.service=${LOGGING_LEVEL},SRVR
+log4j.logger.audit=INFO,AUDIT
+# Additional configs, not cauth with Root Logger
+log4j.logger.io.netty=INFO,SRVR
+log4j.logger.org.eclipse=INFO,SRVR
+
+
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.oauth.props b/kubernetes/aaf/resources/config/etc/org.osaaf.oauth.props
new file mode 100644
index 0000000..82e80c7
--- /dev/null
+++ b/kubernetes/aaf/resources/config/etc/org.osaaf.oauth.props
@@ -0,0 +1,8 @@
+##
+## org.osaaf.locator
+## AAF Locator Properties
+##
+cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props
+aaf_component=AAF_NS.oauth:2.1.0.0
+port=8140
+cadi_registration_hostname={{.Values.config.oauthServiceName}}
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.orgs.props b/kubernetes/aaf/resources/config/etc/org.osaaf.orgs.props
new file mode 100644
index 0000000..66bfd2f
--- /dev/null
+++ b/kubernetes/aaf/resources/config/etc/org.osaaf.orgs.props
@@ -0,0 +1,11 @@
+#
+# Define Organizations for use in some of the components. Not all use them
+#
+Organization.org.osaaf=org.onap.aaf.org.DefaultOrg
+org.osaaf.mailHost=smtp.mail.att.com
+org.osaaf.mailFrom=DL-aaf-support@aaf.att.com
+org.osaaf.default=true
+org.osaaf.also_supports=org.osaaf.people
+
+
+
diff --git a/kubernetes/aaf/resources/config/etc/org.osaaf.service.props b/kubernetes/aaf/resources/config/etc/org.osaaf.service.props
new file mode 100644
index 0000000..ff3e0b5
--- /dev/null
+++ b/kubernetes/aaf/resources/config/etc/org.osaaf.service.props
@@ -0,0 +1,8 @@
+##
+## org.osaaf.service
+## AAF Service Properties
+##
+cadi_prop_files=/opt/app/osaaf/etc/org.osaaf.common.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/etc/org.osaaf.orgs.props
+aaf_component=AAF_NS.service:2.1.0.0
+port=8100
+cadi_registration_hostname={{.Values.config.serviceServiceName}}
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.p12 b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.p12
new file mode 100644
index 0000000..63aedd2
--- /dev/null
+++ b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.cm.p12
Binary files differ
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.keyfile b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.keyfile
new file mode 100644
index 0000000..7206ad9
--- /dev/null
+++ b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.keyfile
@@ -0,0 +1,27 @@
+rmaOaytuFLnhz07oilUO0nO_mZ18XInIi56OoezdUTR5f1GR45lp_nX7marcYv7j2ZS-dpWOSur0
+sK5M-ByrgxfUPyk749Ex4nGSMLnAq-nFMaREpGZPmNP-ul_vCxCmaHUnWKPJB4jx_K_osKPb0-ng
+tqX0hnpbmcq4okV94MUdUs084ymM5LU-qVU_oYbLUM4dXatobe1go8eX2umrutZbQTjz75i4UEcF
+Dv9nDwVqHRGUFMU0NeJlrSlRSO-eiDgVtoSCBGtIkDdKPBTUT3wachHmUBiSBJ3GF05yQP1CwWzz
+AQRSwphP11xKI7tSViT5RoxjxfQZiVEbeyg9g9BROe_pLyIDskoW_ujdnPOWRcSIx6Q4J0eew3kb
+yqcWUPf1K2nSyBSshlsQ6A9NSOLz_KhyIvP_1OG82m1gir3I77Usl7QqMF8IBXCjJ-H_qqR1u-By
+qm_AFjagYA2TgF2YQN-fcneom_5_cA74_xwJ41juhOP72ZWGkX1bAdbiKf85uYo2H3g5HeNWijQL
+y4wJ4qFrSptQRyV2Ntf9OLgpOsKsPPiLlNBugmCjHBMaPMbQAYRbsyCH2nKdjjTG3c6iF5Cj9Jco
+6McvcrYYuq3ynH-2HoL-T-Zgl2AXLxqK4_dl_H243H-GutoJsmIkELLGS_pCpSt4t7xaDvzqxrTj
+4qZ1OjozcpnsqM8HebS28IgoqFaOmrCMqO1MLM_CjAyliTy31P28XEbcYvjEY-FWmnJRSpMLc1Pz
+-KOH-2V8uTqn5YlUsFt2TNnc8lEwMH6GSV1vkgxwPQaMUgWV2svc0FfBmTLZI4zNmpMu4cGjaG-f
+Z8r_hX7pDPANBTaqFxTp999dnaS3lLdZMNbJNEKFF0xxdRuBzsPKDiLa7ItixInZlUcEnwJVWOhC
+kcI2J0cEFGxHxWYmYdqyJIvQzjebk6iDqB-mLi0ai-_XYm1niCxZizT_XJADo9LQtTzq1V6pMgYR
+PPfbDKoiYRK6D8nbWsGNOh6xOS7zs8qrnTPxwu5CuZX_EFoejmooHTrXEqw2RzRFw9XqXM8p50C3
+YrwI2lA6kTQItGm0yftAxqfbhbjJp_K1P91ckOYL3ZSYze_hXRmguwYuT5NWlKhBtm5aawuDjXEg
+yn7PnRTT0smW40hbYbks5L-2VVxTd3tith6Ltqh95miL6vpG5ByDDQlZCWwkq7XH7iScejDvT6UN
+jF1K86mNa8CLXuuSzGl1li1CMxoVzW55G3s0-ICDHqjytiUkiUen2V9VzGT9h4BgDfzbShf31M4_
+biO4NL-mkqlDBbh-KcrYjvNj5qQwHSiLSLuQQBoBtJ3hG9jCu4YBYVWJYctV8r3Js_sGDH4rl5w1
+ujEF6QHWZIF73-u53G_LtvoXBnQcrBW8oLpqP-1Pz5d1bio--bRsNa5qAAilNbYmttiKYOYJn4My
+c6QvzF81SqTRZy0Fd0NK_hMCglPkH7sd32UX-LBquvQ_yDqB_ml_pADJhWcfuD4iPAQjR2Vgclxf
+GPCDva6YpJDzjjnaExDYmGFVFpbIPLfvGUCit_9zAycx0nW1J_cVT1BWFHijjAh_gnIpa6MtY3BE
+G3d8ee6_LAQvvVdBwZ955UwyRd-C7Buc7Xcccw-8hcNBKqOCDlE9j4tie2SdO9m53vZRzcLY6Aiw
+BiulIAllqHZQYs0OBcaYgbNgJU-gn9ZMWgS9i3ijPvTTBSNX7y7k4L1a4QOceyuOtt7nkv024YUS
+acTRmaGotRBuVfI-C0L4Q9NL56_nUATB5ca2GqgLEKnWKsiN3T9cBg4Ji88E8OdiVcoO8segB-0d
+QwWCqCZ8_z_R7zBMlDqpfu5wbvoVx0w9JhLgO9f7eoRozqA3qGLv94i1pN6LuU-Q7YPz4jVxmbb_
+2CHyP1n-o1ZWHfWdz6aByXEzrAZdvjfEWwwMYV5l5jFilTXaCNOCjr9S4YjNn0HITdl7E64C06Im
+3QWOsnDv9z1APjnFo12KH_1yWscU0t9gx7FG210Ug6C-G3Bko_tm_YOp0Lkum4qrnxgHMf_a
\ No newline at end of file
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.p12 b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.p12
new file mode 100644
index 0000000..f40a755
--- /dev/null
+++ b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.p12
Binary files differ
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.props b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.props
new file mode 100644
index 0000000..37a9d62
--- /dev/null
+++ b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.props
@@ -0,0 +1,17 @@
+############################################################
+# Properties Generated by AT&T Certificate Manager
+# by jg1555
+# on 2018-02-21T10:28:08.909-0600
+# @copyright 2016, AT&T
+############################################################
+cm_url=https://{{.Values.config.cmServiceName}}:8150
+#hostname=aaf.osaaf.org
+aaf_env=DEV
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US
+cadi_keyfile=/opt/app/osaaf/local/org.osaaf.aaf.keyfile
+cadi_keystore=/opt/app/osaaf/local/org.osaaf.aaf.p12
+cadi_keystore_password=enc:fDY3WPPqHCMQaZdox2UfpRoEq6b9wUqS-aepo0NiqEFa2t7uYHBdxfQAuEwj9Lwb
+#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)>
+cadi_alias=aaf-authz@aaf.osaaf.org
+cadi_truststore=/opt/app/osaaf/local/org.osaaf.aaf.trust.p12
+cadi_truststore_password=enc:5nzj6v3Rb0oZPV1zCxg8EJFfkFvWFGJflLB0i_FN0Np
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf.trust.p12 b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.trust.p12
new file mode 100644
index 0000000..d01e856
--- /dev/null
+++ b/kubernetes/aaf/resources/config/local/org.osaaf.aaf.trust.p12
Binary files differ
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.aaf_new-24e41f2f436018568cbdecdc1edbd605.p12 b/kubernetes/aaf/resources/config/local/org.osaaf.aaf_new-24e41f2f436018568cbdecdc1edbd605.p12
new file mode 100644
index 0000000..f40a755
--- /dev/null
+++ b/kubernetes/aaf/resources/config/local/org.osaaf.aaf_new-24e41f2f436018568cbdecdc1edbd605.p12
Binary files differ
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.cassandra.props b/kubernetes/aaf/resources/config/local/org.osaaf.cassandra.props
new file mode 100644
index 0000000..17f238b
--- /dev/null
+++ b/kubernetes/aaf/resources/config/local/org.osaaf.cassandra.props
@@ -0,0 +1,29 @@
+############################################################
+# Cassandra properties for AAF Components needing
+# on 2018-03-02 06:59.628-0500
+############################################################
+# LOCAL Cassandra
+cassandra.clusters={{.Values.config.csServiceName}}
+cassandra.clusters.port=9042
+#need this to be fully qualified name when REAL AAF integration
+cassandra.clusters.user=cassandra
+cassandra.clusters.password=enc:gF_I93pTRMIvj3rof-dx-yK84XYT1UKGf98s1LAJyWV
+
+# Name for exception that has happened in the past
+cassandra.reset.exceptions=com.datastax.driver.core.exceptions.NoHostAvailableException:"no host was tried":"Connection has been closed"
+
+# Example Consistency Settings for Clusters with at least instances
+#cassandra.writeConsistency.ns=LOCAL_QUORUM
+#cassandra.writeConsistency.perm=LOCAL_QUORUM
+#cassandra.writeConsistency.role=LOCAL_QUORUM
+#cassandra.writeConsistency.user_role=LOCAL_QUORUM
+#cassandra.writeConsistency.cred=LOCAL_QUORUM
+#cassandra.writeConsistency.ns_attrib=LOCAL_QUORUM
+
+# Consistency Settings when Single Instance
+cassandra.writeConsistency.ns=ONE
+cassandra.writeConsistency.perm=ONE
+cassandra.writeConsistency.role=ONE
+cassandra.writeConsistency.user_role=ONE
+cassandra.writeConsistency.cred=ONE
+cassandra.writeConsistency.ns_attrib=ONE
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.cm.ca.props b/kubernetes/aaf/resources/config/local/org.osaaf.cm.ca.props
new file mode 100644
index 0000000..8843705
--- /dev/null
+++ b/kubernetes/aaf/resources/config/local/org.osaaf.cm.ca.props
@@ -0,0 +1,11 @@
+##
+## org.osaaf.cm.ca.props
+## Properties to access Certifiate Authority
+##
+
+#Certman
+cm_ca.local=org.onap.aaf.auth.cm.ca.LocalCA,/opt/app/osaaf/local/org.osaaf.aaf.cm.p12;aaf_cm_ca;enc:asFEWMNqjH7GktBLb9EGl6L1zfS2qMH5ZS5Zd90KVT5B9ZyRsqx7Gb73YllO8Hyw
+cm_ca.local.idDomains=org.osaaf
+cm_ca.local.baseSubject=/OU=OSAAF/O=ONAP/C=US
+cm_ca.local.perm_type=org.osaaf.aaf.ca
+
diff --git a/kubernetes/aaf/resources/config/local/org.osaaf.location.props b/kubernetes/aaf/resources/config/local/org.osaaf.location.props
new file mode 100644
index 0000000..fd52d6d
--- /dev/null
+++ b/kubernetes/aaf/resources/config/local/org.osaaf.location.props
@@ -0,0 +1,12 @@
+##
+## org.osaaf.location.props
+##
+## Localized Machine Information
+##
+# Almeda California
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
+
+#cadi_registration_hostname=aaf-onap-beijing-test.osaaf.org
+cadi_trust_masks=10.12.6/24
+aaf_locate_url=https://{{.Values.config.locateServiceName}}:8095
diff --git a/kubernetes/aaf/resources/config/public/AAF_RootCA.cer b/kubernetes/aaf/resources/config/public/AAF_RootCA.cer
new file mode 100644
index 0000000..e9a50d7
--- /dev/null
+++ b/kubernetes/aaf/resources/config/public/AAF_RootCA.cer
@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV
+BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx
+NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK
+DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7
+XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn
+H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM
+pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7
+NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg
+2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY
+wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd
+ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM
+P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6
+aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY
+PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G
+A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ
+UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN
+BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz
+L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9
+7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx
+c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf
+jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2
+RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h
+PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF
+CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+
+Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A
+cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR
+ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX
+dYY=
+-----END CERTIFICATE-----
diff --git a/kubernetes/aaf/resources/config/public/aaf_2_0.xsd b/kubernetes/aaf/resources/config/public/aaf_2_0.xsd
new file mode 100644
index 0000000..59d4331
--- /dev/null
+++ b/kubernetes/aaf/resources/config/public/aaf_2_0.xsd
@@ -0,0 +1,527 @@
+<!-- Used by AAF (ATT inc 2013) -->
+<xs:schema
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:aaf="urn:aaf:v2_0"
+ targetNamespace="urn:aaf:v2_0"
+ elementFormDefault="qualified">
+
+<!--
+ June 2, 2017, adding Roles, Perms, etc to NSRequest for Onboarding purposes.
+
+ Note: jan 22, 2015. Deprecating the "force" element in the "Request" Structure. Do that
+ with Query Params.
+
+ Eliminate in 3.0
+ -->
+<!--
+ Errors
+ Note: This Error Structure has been made to conform to the AT&T TSS Policies
+ -->
+ <xs:element name="error">
+ <xs:complexType>
+ <xs:sequence>
+ <!--
+ Unique message identifier of the format ‘ABCnnnn’ where ‘ABC’ is
+ either ‘SVC’ for Service Exceptions or ‘POL’ for Policy Exception.
+ Exception numbers may be in the range of 0001 to 9999 where :
+ * 0001 to 0199 are reserved for common exception messages
+ * 0200 to 0999 are reserved for Parlay Web Services specification use
+ * 1000-9999 are available for exceptions
+ -->
+ <xs:element name="messageId" type="xs:string" minOccurs="1" maxOccurs="1"/>
+
+ <!--
+ Message text, with replacement
+ variables marked with %n, where n is
+ an index into the list of <variables>
+ elements, starting at 1
+ -->
+ <xs:element name="text" type="xs:string" minOccurs="1" maxOccurs="1"/>
+
+ <!--
+ List of zero or more strings that
+ represent the contents of the variables
+ used by the message text. -->
+ <xs:element name="variables" type="xs:string" minOccurs="0" maxOccurs="unbounded" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+<!--
+ Requests
+ -->
+ <xs:complexType name="Request">
+ <xs:sequence>
+ <xs:element name="start" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+ <xs:element name="end" type="xs:dateTime" minOccurs="1" maxOccurs="1"/>
+ <!-- Deprecated. Use Query Command
+ <xs:element name="force" type="xs:string" minOccurs="1" maxOccurs="1" default="false"/>
+ -->
+ </xs:sequence>
+ </xs:complexType>
+
+<!--
+ Keys
+ -->
+ <xs:element name="keys">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="key" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+
+<!--
+ Permissions
+-->
+ <xs:complexType name = "pkey">
+ <xs:sequence>
+ <xs:element name="type" type="xs:string"/>
+ <xs:element name="instance" type="xs:string"/>
+ <xs:element name="action" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:element name="permKey">
+ <xs:complexType >
+ <xs:complexContent>
+ <xs:extension base="aaf:pkey" />
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="perm">
+ <xs:complexType >
+ <xs:complexContent>
+ <xs:extension base="aaf:pkey">
+ <xs:sequence>
+ <xs:element name="roles" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
+ <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- This data not filled in unless Requested -->
+ <xs:element name="ns" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="perms">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element ref="aaf:perm" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="permRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element name="type" type="xs:string"/>
+ <xs:element name="instance" type="xs:string"/>
+ <xs:element name="action" type="xs:string"/>
+ <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
+ <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+
+<!--
+ Roles
+-->
+ <xs:complexType name="rkey">
+ <xs:sequence>
+ <xs:element name="name" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:element name="roleKey">
+ <xs:complexType >
+ <xs:complexContent>
+ <xs:extension base="aaf:rkey" />
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="role">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:rkey">
+ <xs:sequence>
+ <xs:element name="perms" type="aaf:pkey" minOccurs="0" maxOccurs="unbounded"/>
+ <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
+ <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- This data not filled in unless Requested -->
+ <xs:element name="ns" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="roles">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element ref="aaf:role" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="roleRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
+ <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <!-- Added userRole return types jg1555 9/16/2015 -->
+ <xs:element name="userRole">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="role" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="expires" type="xs:date" minOccurs="1" maxOccurs="1" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <!-- Added userRoles return types jg1555 9/16/2015 -->
+ <xs:element name="userRoles">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element ref="aaf:userRole" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="userRoleRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="role" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="rolePermRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element name="perm" type="aaf:pkey" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="role" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="nsRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="admin" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+ <xs:element name="responsible" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+ <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
+ <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Note: dec 11, 2015. Request-able NS Type JG -->
+ <xs:element name="type" type="xs:string" minOccurs="0" maxOccurs="1"/>
+
+ <!-- "scope" is deprecated and unused as of AAF 2.0.11. It will be removed in future versions
+ <xs:element name="scope" type="xs:int" minOccurs="0" maxOccurs="1"/>
+
+
+ <xs:element ref="aaf:roleRequest" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="aaf:permRequest" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="aaf_id" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <xs:element ref="aaf:userRoleRequest" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name = "attrib" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name = "key" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name = "value" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+
+ -->
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="nsAttribRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element name="ns" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name = "attrib" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name = "key" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name = "value" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name = "nss">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name = "ns" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name = "name" type = "xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name = "responsible" type = "xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name = "admin" type = "xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
+ <xs:element name = "description" type = "xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Note: Dec 16, 2015. Added description field. Verify backward compatibility. JG -->
+ <xs:element name = "attrib" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name = "key" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name = "value" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+<!--
+ Users
+-->
+ <xs:element name="users">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="user" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="id" type="xs:string" minOccurs="1" maxOccurs="1" />
+ <!-- Changed type to dateTime, because of importance of Certs -->
+ <xs:element name="expires" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+ <!-- need to differentiate User Cred Types, jg1555 5/20/2015
+ This Return Object is shared by multiple functions:
+ Type is not returned for "UserRole", but only "Cred"
+ -->
+ <xs:element name="type" type="xs:int" minOccurs="0" maxOccurs="1" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+<!--
+ Certs
+ Added jg1555 5/20/2015 to support identifying Certificate based Services
+ -->
+ <xs:element name="certs">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="cert" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="id" type="xs:string" minOccurs="1" maxOccurs="1" />
+ <xs:element name="x500" type="xs:string" minOccurs="1" maxOccurs="1" />
+ <xs:element name="expires" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+ <xs:element name="fingerprint" type="xs:hexBinary" minOccurs="1" maxOccurs="1" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+<!--
+ Credentials
+-->
+ <xs:element name="credRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element name="id" type="xs:string"/>
+ <xs:element name="type" type="xs:int" minOccurs="0" maxOccurs="1"/>
+ <xs:choice >
+ <xs:element name="password" type="xs:string" />
+ <xs:element name="entry" type="xs:string" />
+ </xs:choice>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+<!--
+ Multi Request
+ -->
+
+ <xs:element name="multiRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element ref="aaf:nsRequest" minOccurs="0" maxOccurs="1"/>
+ <xs:element ref="aaf:nsAttribRequest" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="aaf:roleRequest" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="aaf:permRequest" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="aaf:credRequest" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="aaf:userRoleRequest" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="aaf:rolePermRequest" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+<!--
+ History
+ -->
+ <xs:element name="history">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="item" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="YYYYMM" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="timestamp" type="xs:dateTime" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="subject" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="target" type = "xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="action" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="memo" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+<!--
+ Approvals
+ -->
+ <xs:complexType name="approval">
+ <xs:sequence>
+ <!-- Note, id is set by system -->
+ <xs:element name="id" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <xs:element name="ticket" type="xs:string"/>
+ <xs:element name="user" type="xs:string"/>
+ <xs:element name="approver" type="xs:string"/>
+ <xs:element name="type" type="xs:string"/>
+ <xs:element name="memo" type="xs:string"/>
+ <xs:element name="updated" type="xs:dateTime"/>
+ <xs:element name="status">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="approve"/>
+ <xs:enumeration value="reject"/>
+ <xs:enumeration value="pending"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ <xs:element name="operation">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="C"/>
+ <xs:enumeration value="U"/>
+ <xs:enumeration value="D"/>
+ <xs:enumeration value="G"/>
+ <xs:enumeration value="UG"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:element name="approvals">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="approvals" type="aaf:approval" minOccurs="1" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+<!--
+ Delegates
+-->
+ <xs:complexType name="delg">
+ <xs:sequence>
+ <xs:element name="user" type="xs:string"/>
+ <xs:element name="delegate" type="xs:string"/>
+ <xs:element name="expires" type="xs:date"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:element name="delgRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="delegate" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="delgs">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="delgs" type="aaf:delg" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <!-- jg 3/11/2015 New for 2.0.8 -->
+ <xs:element name="api">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="route" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="meth" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="path" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="param" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="desc" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="comments" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="contentType" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="expected" type="xs:int" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="explicitErr" type="xs:int" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+</xs:schema>
\ No newline at end of file
diff --git a/kubernetes/aaf/resources/config/public/iframe_denied_test.html b/kubernetes/aaf/resources/config/public/iframe_denied_test.html
new file mode 100644
index 0000000..613e9c7
--- /dev/null
+++ b/kubernetes/aaf/resources/config/public/iframe_denied_test.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html>
+<body>
+
+<iframe src="https://mithrilcsp.sbc.com:8095/gui/home">
+ <p>Your browser does not support iframes.</p>
+</iframe>
+
+</body>
+</html>
diff --git a/kubernetes/aaf/resources/config/public/truststoreONAP.p12 b/kubernetes/aaf/resources/config/public/truststoreONAP.p12
new file mode 100644
index 0000000..d01e856
--- /dev/null
+++ b/kubernetes/aaf/resources/config/public/truststoreONAP.p12
Binary files differ
diff --git a/kubernetes/aaf/resources/config/public/truststoreONAPall.jks b/kubernetes/aaf/resources/config/public/truststoreONAPall.jks
new file mode 100644
index 0000000..ff844b1
--- /dev/null
+++ b/kubernetes/aaf/resources/config/public/truststoreONAPall.jks
Binary files differ
diff --git a/kubernetes/aaf/templates/configmap.yaml b/kubernetes/aaf/templates/configmap.yaml
index c7cf9ae..cfa57f7 100644
--- a/kubernetes/aaf/templates/configmap.yaml
+++ b/kubernetes/aaf/templates/configmap.yaml
@@ -15,7 +15,42 @@
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ .Release.Name }}-aaf-backup
namespace: {{ include "common.namespace" . }}
data:
-{{ (.Files.Glob "resources/config/aaf-data/*").AsConfig | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/backup/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ .Release.Name }}-aaf-public
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/public/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ .Release.Name }}-aaf-local
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/local/org.osaaf.location.props").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/local/org.osaaf.cm.ca.props").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/local/org.osaaf.cassandra.props").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/local/org.osaaf.aaf.props").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ .Release.Name }}-aaf-etc
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/etc/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ .Release.Name }}-aaf-data
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/data/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/aaf/templates/job.yaml b/kubernetes/aaf/templates/job.yaml
new file mode 100644
index 0000000..7ce871e
--- /dev/null
+++ b/kubernetes/aaf/templates/job.yaml
@@ -0,0 +1,132 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-create-config
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ template:
+ metadata:
+ labels:
+ app: aaf-init-job
+ release: {{ .Release.Name }}
+ spec:
+ containers:
+ - command: ["/bin/bash","-c","if [ ! -d /data/backup ]; then mkdir /data/data && cp -Ra /data1/data/..data/* /data/data/ && mkdir /data/etc && cp -Ra /data1/etc/..data/* data/etc/ && mkdir /data/backup && cp -Ra /data1/backup/..data/* /data/backup/ && cp -Ra /data1/public /data/ && cp -Ra /data1/local /data && mkdir -p /data/logs/oauth && mkdir -p /data/logs/hello && mkdir -p /data/logs/fs && mkdir -p /data/logs/gui && mkdir -p /data/logs/locate && mkdir -p /data/logs/cm && mkdir -p /data/logs/service; fi; exit 0"]
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: aaf-init-job
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /data
+ name: aaf-persistent-data
+ - mountPath: /data1/etc
+ name: aaf-etc
+ - mountPath: /data1/data
+ name: aaf-data
+ - mountPath: /data1/public/iframe_denied_test.html
+ name: aaf-public
+ subPath: iframe_denied_test.html
+ - mountPath: /data1/public/aaf_2_0.xsd
+ name: aaf-public
+ subPath: aaf_2_0.xsd
+ - mountPath: /data1/public/truststoreONAP.p12
+ name: aaf-public-secret
+ subPath: truststoreONAP.p12
+ - mountPath: /data1/public/AAF_RootCA.cer
+ name: aaf-public-secret
+ subPath: AAF_RootCA.cer
+ - mountPath: /data1/public/truststoreONAPall.jks
+ name: aaf-public-secret
+ subPath: truststoreONAPall.jks
+ - mountPath: /data1/local/org.osaaf.location.props
+ name: aaf-local
+ subPath: org.osaaf.location.props
+ - mountPath: /data1/local/org.osaaf.cm.ca.props
+ name: aaf-local
+ subPath: org.osaaf.cm.ca.props
+ - mountPath: /data1/local/org.osaaf.cassandra.props
+ name: aaf-local
+ subPath: org.osaaf.cassandra.props
+ - mountPath: /data1/local/org.osaaf.aaf.props
+ name: aaf-local
+ subPath: org.osaaf.aaf.props
+ - mountPath: /data1/local/org.osaaf.aaf.trust.p12
+ name: aaf-local-secret
+ subPath: org.osaaf.aaf.trust.p12
+ - mountPath: /data1/local/org.osaaf.aaf.p12
+ name: aaf-local-secret
+ subPath: org.osaaf.aaf.p12
+ - mountPath: /data1/local/org.osaaf.aaf.keyfile
+ name: aaf-local-secret
+ subPath: org.osaaf.aaf.keyfile
+ - mountPath: /data1/local/org.osaaf.aaf.cm.p12
+ name: aaf-local-secret
+ subPath: org.osaaf.aaf.cm.p12
+ - mountPath: /data1/backup
+ name: aaf-backup
+ resources:
+{{ toYaml .Values.resources | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: aaf-local-secret
+ secret:
+ secretName: {{ .Release.Name }}-aaf-local-secret
+ - name: aaf-public-secret
+ secret:
+ secretName: {{ .Release.Name }}-aaf-public-secret
+ - name: aaf-etc
+ configMap:
+ name: {{ .Release.Name }}-aaf-etc
+ - name: aaf-local
+ configMap:
+ name: {{ .Release.Name }}-aaf-local
+ - name: aaf-backup
+ configMap:
+ name: {{ .Release.Name }}-aaf-backup
+ - name: aaf-public
+ configMap:
+ name: {{ .Release.Name }}-aaf-public
+ - name: aaf-data
+ configMap:
+ name: {{ .Release.Name }}-aaf-data
+ - name: aaf-persistent-data
+ {{- if .Values.global.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ .Release.Name }}-aaf-pvc
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
+ restartPolicy: OnFailure
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/templates/pv.yaml b/kubernetes/aaf/templates/pv.yaml
new file mode 100644
index 0000000..d9b58f6
--- /dev/null
+++ b/kubernetes/aaf/templates/pv.yaml
@@ -0,0 +1,37 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.size}}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+{{- end -}}
diff --git a/kubernetes/aaf/templates/pvc.yaml b/kubernetes/aaf/templates/pvc.yaml
new file mode 100644
index 0000000..255c277
--- /dev/null
+++ b/kubernetes/aaf/templates/pvc.yaml
@@ -0,0 +1,48 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ .Release.Name }}-aaf-pvc
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ selector:
+ matchLabels:
+ name: {{ include "common.fullname" . }}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
diff --git a/kubernetes/aaf/templates/secrets.yaml b/kubernetes/aaf/templates/secrets.yaml
new file mode 100644
index 0000000..d67601c
--- /dev/null
+++ b/kubernetes/aaf/templates/secrets.yaml
@@ -0,0 +1,47 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Release.Name}}-aaf-local-secret
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.trust.p12").AsSecrets | indent 2 }}
+{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.p12").AsSecrets | indent 2 }}
+{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.keyfile").AsSecrets | indent 2 }}
+{{ (.Files.Glob "resources/config/local/org.osaaf.aaf.cm.p12").AsSecrets | indent 2 }}
+type: Opaque
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Release.Name}}-aaf-public-secret
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ (.Files.Glob "resources/config/public/truststoreONAP.p12").AsSecrets | indent 2 }}
+{{ (.Files.Glob "resources/config/public/AAF_RootCA.cer").AsSecrets | indent 2 }}
+{{ (.Files.Glob "resources/config/public/truststoreONAPall.jks").AsSecrets | indent 2 }}
+type: Opaque
+
diff --git a/kubernetes/aaf/values.yaml b/kubernetes/aaf/values.yaml
index 5f23100..805d3d1 100644
--- a/kubernetes/aaf/values.yaml
+++ b/kubernetes/aaf/values.yaml
@@ -20,24 +20,21 @@
repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.0
-
-# If mountPath is over NFS (e.g. /dockerdata-nfs is NFS mounted between the nodes), uncomment following lines.
-# persistence:
-# mountPath: /dockerdata
+ persistence:
+ enabled: true
#################################################################
# Application configuration defaults.
#################################################################
-# application image
-repository: nexus3.onap.org:10001
-image: onap/aaf/authz-service:latest
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config: {}
+config:
+ serviceServiceName: aaf-service
+ locateServiceName: aaf-locate
+ cmServiceName: aaf-cm
+ fsServiceName: aaf-fs
+ guiServiceName: aaf-gui
+ helloServiceName: aaf-hello
+ oauthServiceName: aaf-oauth
+ csServiceName: aaf-cass
# default number of instances
replicaCount: 1
@@ -58,18 +55,30 @@
initialDelaySeconds: 10
periodSeconds: 10
-service:
- type: NodePort
- name: aaf-authz
- #targetPort
- internalPort: 8101
- #port
- externalPort: 8101
- nodePort: 99
-
ingress:
enabled: false
+## Persist data to a persitent volume
+persistence:
+ ## A manually managed Persistent Volume and Claim
+ ## Requires persistence.enabled: true
+ ## If defined, PVC must be created manually before volume will be bound
+ # existingClaim:
+ volumeReclaimPolicy: Retain
+
+ ## database data Persistent Volume Storage Class
+ ## If defined, storageClassName: <storageClass>
+ ## If set to "-", storageClassName: "", which disables dynamic provisioning
+ ## If undefined (the default) or set to null, no storageClassName spec is
+ ## set, choosing the default provisioner. (gp2 on AWS, standard on
+ ## GKE, AWS & OpenStack)
+ ##
+ # storageClass: "-"
+ accessMode: ReadWriteMany
+ size: 2Gi
+ mountPath: /dockerdata-nfs
+ mountSubPath: aaf/data
+
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
diff --git a/kubernetes/aai/charts/aai-cassandra/templates/volumes.yaml b/kubernetes/aai/charts/aai-cassandra/templates/volumes.yaml
index 0e1a3df..f45a450 100644
--- a/kubernetes/aai/charts/aai-cassandra/templates/volumes.yaml
+++ b/kubernetes/aai/charts/aai-cassandra/templates/volumes.yaml
@@ -5,7 +5,7 @@
apiVersion: v1
kind: PersistentVolume
metadata:
- name: {{ $root.Values.service.name }}-{{ $i }}
+ name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }}
namespace: {{ $root.Release.Namespace }}
labels:
type: {{ $root.Values.persistence.storageType }}
@@ -22,4 +22,4 @@
path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }}
persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }}
{{ end }}
-#{{ end }}
\ No newline at end of file
+#{{ end }}
diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aai_keystore b/kubernetes/aai/charts/aai-resources/resources/config/aai_keystore
deleted file mode 100644
index 1ddef0c..0000000
--- a/kubernetes/aai/charts/aai-resources/resources/config/aai_keystore
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/charts/aai-resources/templates/configmap.yaml b/kubernetes/aai/charts/aai-resources/templates/configmap.yaml
index 5e371ea..373819e 100644
--- a/kubernetes/aai/charts/aai-resources/templates/configmap.yaml
+++ b/kubernetes/aai/charts/aai-resources/templates/configmap.yaml
@@ -53,12 +53,3 @@
namespace: {{ include "common.namespace" . }}
data:
{{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-auth-secret
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/config/aai_keystore").AsSecrets . | indent 2 }}
diff --git a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml
index 6c65bce..bc0f171 100644
--- a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml
@@ -34,6 +34,7 @@
release: {{ .Release.Name }}
name: {{ include "common.name" . }}
annotations:
+ checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
msb.onap.org/service-info: '[
{
"serviceName": "_aai-cloudInfrastructure",
@@ -453,7 +454,7 @@
- mountPath: /opt/app/aai-resources/resources/etc/appprops/aaiconfig.properties
name: {{ include "common.fullname" . }}-aaiconfig-conf
subPath: aaiconfig.properties
- - mountPath: /var/log/onap
+ - mountPath: /opt/aai/logroot/AAI-RES
name: {{ include "common.fullname" . }}-logs
- mountPath: /opt/app/aai-resources/resources/logback.xml
name: {{ include "common.fullname" . }}-log-conf
@@ -542,7 +543,7 @@
name: {{ include "common.fullname" . }}-realm-configmap
- name: {{ include "common.fullname" . }}-auth-sec
secret:
- secretName: {{ include "common.fullname" . }}-auth-secret
+ secretName: aai-auth-secret
restartPolicy: {{ .Values.restartPolicy }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties
index 3d4ec09..35b714a 100644
--- a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties
+++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties
@@ -7,10 +7,10 @@
# Instance of ECOMP Portal where the app has been on-boarded
# use insecure http for dev purposes to avoid self-signed certificate
-ecomp_rest_url = http://portalapps.{{.Release.Namespace}}:8989/ONAPPORTAL/auxapi
+ecomp_rest_url = http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/auxapi
# Standard global logon page
-ecomp_redirect_url = http://portalapps.{{.Release.Namespace}}:8989/ONAPPORTAL/login.htm
+ecomp_redirect_url = http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/login.htm
# Name of cookie to extract on login request
csp_cookie_name = EPService
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aai_keystore b/kubernetes/aai/charts/aai-traversal/resources/config/aai_keystore
deleted file mode 100644
index 1ddef0c..0000000
--- a/kubernetes/aai/charts/aai-traversal/resources/config/aai_keystore
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml b/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml
index cc88444..373819e 100644
--- a/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml
+++ b/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml
@@ -53,12 +53,3 @@
namespace: {{ include "common.namespace" . }}
data:
{{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-auth-secret
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/config/aai_keystore").AsSecrets . | indent 2 }}
\ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
index bda80a0..3bc349f 100644
--- a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
@@ -34,6 +34,7 @@
release: {{ .Release.Name }}
name: {{ include "common.name" . }}
annotations:
+ checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
msb.onap.org/service-info: '[
{
"serviceName": "_aai-generic-query",
@@ -287,7 +288,7 @@
- mountPath: /opt/app/aai-traversal/resources/etc/appprops/aaiconfig.properties
name: {{ include "common.fullname" . }}-aaiconfig-conf
subPath: aaiconfig.properties
- - mountPath: /var/log/onap
+ - mountPath: /opt/aai/logroot/AAI-GQ
name: {{ include "common.fullname" . }}-logs
- mountPath: /opt/app/aai-traversal/resources/logback.xml
name: {{ include "common.fullname" . }}-log-conf
@@ -375,7 +376,7 @@
name: {{ include "common.fullname" . }}-realm-configmap
- name: {{ include "common.fullname" . }}-auth-sec
secret:
- secretName: {{ include "common.fullname" . }}-auth-secret
+ secretName: aai-auth-secret
restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aai/charts/aai-traversal/templates/job.yaml b/kubernetes/aai/charts/aai-traversal/templates/job.yaml
index b9b2501..9d0acf6 100644
--- a/kubernetes/aai/charts/aai-traversal/templates/job.yaml
+++ b/kubernetes/aai/charts/aai-traversal/templates/job.yaml
@@ -125,7 +125,7 @@
name: {{ include "common.fullname" . }}-realm-configmap
- name: {{ include "common.fullname" . }}-auth-sec
secret:
- secretName: {{ include "common.fullname" . }}-auth-secret
+ secretName: aai-auth-secret
restartPolicy: OnFailure
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aai/resources/config/aai/aai_keystore b/kubernetes/aai/resources/config/aai/aai_keystore
new file mode 100644
index 0000000..16d93a7
--- /dev/null
+++ b/kubernetes/aai/resources/config/aai/aai_keystore
Binary files differ
diff --git a/kubernetes/aai/templates/configmap.yaml b/kubernetes/aai/templates/configmap.yaml
index 592e412..00d2a80 100644
--- a/kubernetes/aai/templates/configmap.yaml
+++ b/kubernetes/aai/templates/configmap.yaml
@@ -13,6 +13,25 @@
name: aai-deployment-configmap
namespace: {{ include "common.namespace" . }}
data:
-{{ tpl (.Files.Glob "resources/config/haproxy/*").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/haproxy/haproxy.cfg").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-haproxy-secret
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/haproxy/aai.pem").AsSecrets . | indent 2 }}
+# This is a shared key for both resources and traversal
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-auth-secret
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/aai/aai_keystore").AsSecrets . | indent 2 }}
diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml
index e879818..b29f8a2 100644
--- a/kubernetes/aai/values.yaml
+++ b/kubernetes/aai/values.yaml
@@ -57,7 +57,7 @@
# application image
dockerhubRepository: registry.hub.docker.com
-image: aaionap/haproxy:1.1.0
+image: aaionap/haproxy:1.2.1
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml
index 76cbf45..c200c55 100644
--- a/kubernetes/common/dgbuilder/values.yaml
+++ b/kubernetes/common/dgbuilder/values.yaml
@@ -34,7 +34,7 @@
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/ccsdk-dgbuilder-image:0.2.1-SNAPSHOT
+image: onap/ccsdk-dgbuilder-image:0.2-STAGING-latest
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/consul/resources/config/consul-agent-config/aai-hbase-health.json b/kubernetes/consul/resources/config/consul-agent-config/aai-hbase-health.json
index 6b42e0c..8d0abd7 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/aai-hbase-health.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/aai-hbase-health.json
@@ -5,7 +5,7 @@
{
"id": "hbase-aai",
"name": "HBase Health Check",
- "http": "http://hbase.{{ .Values.nsPrefix }}:8080/status/cluster",
+ "http": "http://hbase:8080/status/cluster",
"method": "GET",
"header": {
"Cache-Control": ["no-cache"],
diff --git a/kubernetes/consul/resources/config/consul-agent-config/aai-search-data-service-health.json b/kubernetes/consul/resources/config/consul-agent-config/aai-search-data-service-health.json
index 2a111d6..0817a19 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/aai-search-data-service-health.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/aai-search-data-service-health.json
@@ -5,7 +5,7 @@
{
"id": "elasticsearch",
"name": "Search Data Service Document Store",
- "http": "http://aai-elasticsearch.{{ .Values.nsPrefix }}:9200/_cat/indices?v",
+ "http": "http://aai-elasticsearch:9200/_cat/indices?v",
"interval": "15s",
"timeout": "1s"
},
@@ -18,7 +18,7 @@
{
"id": "search-data-service-availability",
"name": "Search Data Service Availability",
- "script": "curl -k --cert /consul/certs/client-cert-onap.crt.pem --cert-type PEM --key /consul/certs/client-cert-onap.key.pem --key-type PEM https://search-data-service.{{ .Values.nsPrefix }}:9509/services/search-data-service/v1/jaxrsExample/jaxrs-services/echo/up 2>&1 | grep 'Up'",
+ "script": "curl -k --cert /consul/certs/client-cert-onap.crt.pem --cert-type PEM --key /consul/certs/client-cert-onap.key.pem --key-type PEM https://search-data-service:9509/services/search-data-service/v1/jaxrsExample/jaxrs-services/echo/up 2>&1 | grep 'Up'",
"interval": "15s"
},
{
diff --git a/kubernetes/consul/resources/config/consul-agent-config/aai-services-health.json b/kubernetes/consul/resources/config/consul-agent-config/aai-services-health.json
index 0274cd5..f06dec2 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/aai-services-health.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/aai-services-health.json
@@ -5,7 +5,7 @@
{
"id": "aai-service",
"name": "Core A&AI",
- "http": "https://aai-service.{{ .Values.nsPrefix }}:8443/aai/util/echo",
+ "http": "https://aai-service:8443/aai/util/echo",
"header": {
"Authorization": ["Basic QUFJOkFBSQ=="],
"X-TransactionId": ["ConsulHealthCheck"],
@@ -18,7 +18,7 @@
{
"id": "aai-resources",
"name": "Resources Microservice",
- "http": "https://aai-resources.{{ .Values.nsPrefix }}:8447/aai/util/echo",
+ "http": "https://aai-resources:8447/aai/util/echo",
"header": {
"Authorization": ["Basic QUFJOkFBSQ=="],
"X-TransactionId": ["ConsulHealthCheck"],
@@ -31,7 +31,7 @@
{
"id": "aai-traversal",
"name": "Traversal Microservice",
- "http": "https://aai-traversal.{{ .Values.nsPrefix }}:8446/aai/util/echo",
+ "http": "https://aai-traversal:8446/aai/util/echo",
"header": {
"Authorization": ["Basic QUFJOkFBSQ=="],
"X-TransactionId": ["ConsulHealthCheck"],
diff --git a/kubernetes/consul/resources/config/consul-agent-config/appc-dbbuilder.json b/kubernetes/consul/resources/config/consul-agent-config/appc-dbbuilder.json
index 9505246..c863617 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/appc-dbbuilder.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/appc-dbbuilder.json
@@ -5,7 +5,7 @@
{
"id": "appc-dgbuilder",
"name": "APPC-Dgbuilder Server Health Check",
- "http": "http://appc-dgbuilder.{{ .Values.nsPrefix }}:3000/",
+ "http": "http://appc-dgbuilder:3000/",
"method": "HEAD",
"header": {
"Authorization": ["Basic ZGd1c2VyOnRlc3QxMjM="],
diff --git a/kubernetes/consul/resources/config/consul-agent-config/appc-sdnctldb01-healthcheck.json b/kubernetes/consul/resources/config/consul-agent-config/appc-sdnctldb01-healthcheck.json
index f36251a..230d31f 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/appc-sdnctldb01-healthcheck.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/appc-sdnctldb01-healthcheck.json
@@ -3,9 +3,9 @@
"name": "Health Check: APPC-SDN-CTL-DB-01",
"checks": [
{
- "id": "appc-sdnctldb01.{{ .Values.nsPrefix }}",
+ "id": "appc-sdnctldb01",
"name": "APPC SDNCTLDB01 Health Check",
- "tcp": "appc-sdnctldb01.{{ .Values.nsPrefix }}:3306",
+ "tcp": "appc-sdnctldb01:3306",
"interval": "10s",
"timeout": "1s"
}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/appc-sdnctldb02-healthcheck.json b/kubernetes/consul/resources/config/consul-agent-config/appc-sdnctldb02-healthcheck.json
index 8c8171f..da669e3 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/appc-sdnctldb02-healthcheck.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/appc-sdnctldb02-healthcheck.json
@@ -3,9 +3,9 @@
"name": "Health Check: APPC-SDN-CTL-DB-02",
"checks": [
{
- "id": "appc-sdnctldb02.{{ .Values.nsPrefix }}",
+ "id": "appc-sdnctldb02",
"name": "APPC SDNCTLDB02 Health Check",
- "tcp": "appc-sdnctldb02.{{ .Values.nsPrefix }}:3306",
+ "tcp": "appc-sdnctldb02:3306",
"interval": "10s",
"timeout": "1s"
}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/appc-sdnhost.json b/kubernetes/consul/resources/config/consul-agent-config/appc-sdnhost.json
index ec6db9d..1548cab 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/appc-sdnhost.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/appc-sdnhost.json
@@ -5,7 +5,7 @@
{
"id": "appc-sdnhost",
"name": "APPC SDN Host Health Check",
- "http": "http://appc-sdnhost.{{ .Values.nsPrefix }}:8282/apidoc/explorer/index.html",
+ "http": "http://appc-sdnhost:8282/apidoc/explorer/index.html",
"method": "HEAD",
"header": {
"Authorization": ["Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ=="],
diff --git a/kubernetes/consul/resources/config/consul-agent-config/log-elastic-search.json b/kubernetes/consul/resources/config/consul-agent-config/log-elastic-search.json
index d14b164..284220e 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/log-elastic-search.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/log-elastic-search.json
@@ -5,7 +5,7 @@
{
"id": "log-elasticsearch-server",
"name": "Log Elastic Search Health Check",
- "http": "http://elasticsearch.{{ .Values.nsPrefix }}:9200/_cluster/health?pretty",
+ "http": "http://elasticsearch:9200/_cluster/health?pretty",
"method": "GET",
"tls_skip_verify": true,
"interval": "15s",
@@ -14,7 +14,7 @@
{
"id": "log-elasticsearch-tcp",
"name": "Log Elastic Search TCP Health Check",
- "tcp": "elasticsearchtcp.{{ .Values.nsPrefix }}:9300",
+ "tcp": "elasticsearchtcp:9300",
"interval": "15s",
"timeout": "1s"
}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/log-kibana.json b/kubernetes/consul/resources/config/consul-agent-config/log-kibana.json
index cc72bbf..09cc85e 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/log-kibana.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/log-kibana.json
@@ -5,7 +5,7 @@
{
"id": "log-kibana-server",
"name": "Log kibana Health Check",
- "http": "http://kibana.{{ .Values.nsPrefix }}:5601/status",
+ "http": "http://kibana:5601/status",
"method": "HEAD",
"tls_skip_verify": true,
"interval": "15s",
diff --git a/kubernetes/consul/resources/config/consul-agent-config/log-logstash.json b/kubernetes/consul/resources/config/consul-agent-config/log-logstash.json
index 9eb60fd..87b51db 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/log-logstash.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/log-logstash.json
@@ -5,7 +5,7 @@
{
"id": "log-logstash-internal-server-gi",
"name": "Log Stash Health Check - General Information",
- "http": "http://logstashinternal.{{ .Values.nsPrefix }}:9600/?pretty",
+ "http": "http://logstashinternal:9600/?pretty",
"method": "GET",
"tls_skip_verify": true,
"interval": "15s",
@@ -14,7 +14,7 @@
{
"id": "log-logstash-internal-server-node-info",
"name": "Log Stash Health Check - Node Information",
- "http": "http://logstashinternal.{{ .Values.nsPrefix }}:9600/_node/?pretty",
+ "http": "http://logstashinternal:9600/_node/?pretty",
"method": "GET",
"tls_skip_verify": true,
"interval": "15s",
@@ -23,7 +23,7 @@
{
"id": "log-logstash-internal-server-os-info",
"name": "Log Stash Health Check - OS Information",
- "http": "http://logstashinternal.{{ .Values.nsPrefix }}:9600/_node/os?pretty",
+ "http": "http://logstashinternal:9600/_node/os?pretty",
"method": "GET",
"tls_skip_verify": true,
"interval": "15s",
@@ -32,7 +32,7 @@
{
"id": "log-logstash-internal-server-jvm-info",
"name": "Log Stash Health Check - JVM Information",
- "http": "http://logstashinternal.{{ .Values.nsPrefix }}:9600/_node/jvm?pretty",
+ "http": "http://logstashinternal:9600/_node/jvm?pretty",
"method": "GET",
"tls_skip_verify": true,
"interval": "15s",
@@ -41,7 +41,7 @@
{
"id": "log-logstash-internal-server-plugin-info",
"name": "Log Stash Health Check - Plugin Information",
- "http": "http://logstashinternal.{{ .Values.nsPrefix }}:9600/_node/plugins?pretty",
+ "http": "http://logstashinternal:9600/_node/plugins?pretty",
"method": "GET",
"tls_skip_verify": true,
"interval": "15s",
@@ -50,7 +50,7 @@
{
"id": "log-logstash-internal-server-node-stat",
"name": "Log Stash Health Check - Node Stats",
- "http": "http://logstashinternal.{{ .Values.nsPrefix }}:9600/_node/stats?pretty",
+ "http": "http://logstashinternal:9600/_node/stats?pretty",
"method": "GET",
"tls_skip_verify": true,
"interval": "15s",
@@ -59,7 +59,7 @@
{
"id": "log-logstash-internal-server-jvm-stat",
"name": "Log Stash Health Check - JVM Stats",
- "http": "http://logstashinternal.{{ .Values.nsPrefix }}:9600/_node/stats/jvm?pretty",
+ "http": "http://logstashinternal:9600/_node/stats/jvm?pretty",
"method": "GET",
"tls_skip_verify": true,
"interval": "15s",
@@ -68,7 +68,7 @@
{
"id": "log-logstash-internal-server-process-stat",
"name": "Log Stash Health Check - Process Stats",
- "http": "http://logstashinternal.{{ .Values.nsPrefix }}:9600/_node/stats/process?pretty",
+ "http": "http://logstashinternal:9600/_node/stats/process?pretty",
"method": "GET",
"tls_skip_verify": true,
"interval": "15s",
@@ -77,7 +77,7 @@
{
"id": "log-logstash-internal-server-os-stat",
"name": "Log Stash Health Check - OS Stats",
- "http": "http://logstashinternal.{{ .Values.nsPrefix }}:9600/_node/stats/os?pretty",
+ "http": "http://logstashinternal:9600/_node/stats/os?pretty",
"method": "GET",
"tls_skip_verify": true,
"interval": "15s",
@@ -86,7 +86,7 @@
{
"id": "log-logstash-tcp",
"name": "Log Stash File Beat TCP Health Check",
- "tcp": "logstash.{{ .Values.nsPrefix }}:5044",
+ "tcp": "logstash:5044",
"interval": "15s",
"timeout": "1s"
}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/mr-dmaap-health.json b/kubernetes/consul/resources/config/consul-agent-config/mr-dmaap-health.json
index aa345ac..386e226 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/mr-dmaap-health.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/mr-dmaap-health.json
@@ -2,7 +2,7 @@
"service": {
"name": "Health Check: Message Router - DMaaP",
"check": {
- "http": "http://message-router.{{ .Release.Namespace }}:3904/topics",
+ "http": "http://message-router:3904/topics",
"interval": "30s",
"timeout": "1s"
}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/msb-health.json b/kubernetes/consul/resources/config/consul-agent-config/msb-health.json
index d15c2ef..ad4e422 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/msb-health.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/msb-health.json
@@ -3,34 +3,34 @@
"name": "Health Check: MSB",
"checks": [
{
- "id": "msb-eag.{{ .Values.nsPrefix }}",
+ "id": "msb-eag",
"name": "MSB eag Health Check",
- "http": "http://msb-eag.{{ .Values.nsPrefix }}:80/iui/microservices/default.html",
+ "http": "http://msb-eag:80/iui/microservices/default.html",
"method": "HEAD",
"tls_skip_verify": true,
"interval": "15s",
"timeout": "1s"
},
{
- "id": "msb-iag.{{ .Values.nsPrefix }}",
+ "id": "msb-iag",
"name": "MSB iag Health Check",
- "http": "http://msb-iag.{{ .Values.nsPrefix }}:80/iui/microservices/default.html",
+ "http": "http://msb-iag:80/iui/microservices/default.html",
"method": "HEAD",
"tls_skip_verify": true,
"interval": "15s",
"timeout": "1s"
},
{
- "id": "msb-consul.{{ .Values.nsPrefix }}",
+ "id": "msb-consul",
"name": "MSB consul Health Check",
- "tcp": "msb-consul.{{ .Values.nsPrefix }}:8500",
+ "tcp": "msb-consul:8500",
"interval": "15s",
"timeout": "1s"
},
{
- "id": "msb-discovery.{{ .Values.nsPrefix }}",
+ "id": "msb-discovery",
"name": "MSB discovery Health Check",
- "tcp": "msb-discovery.{{ .Values.nsPrefix }}:10081",
+ "tcp": "msb-discovery:10081",
"interval": "15s",
"timeout": "1s"
}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/mso-health.json b/kubernetes/consul/resources/config/consul-agent-config/mso-health.json
deleted file mode 100644
index 1df7714..0000000
--- a/kubernetes/consul/resources/config/consul-agent-config/mso-health.json
+++ /dev/null
@@ -1,28 +0,0 @@
-{
- "service": {
- "name": "Health Check: MSO",
- "checks": [
- {
- "id": "mso-api-healthcheck",
- "name": "MSO API Health Check",
- "script": "/consul/scripts/mso-api-script.sh",
- "interval": "10s",
- "timeout": "1s"
- },
- {
- "id": "mso-camunda-healthcheck",
- "name": "MSO Camunda Health Check",
- "script": "/consul/scripts/mso-camunda-script.sh",
- "interval": "10s",
- "timeout": "1s"
- },
- {
- "id": "mso-jra-healthcheck",
- "name": "MSO JRA Health Check",
- "script": "/consul/scripts/mso-jra-script.sh",
- "interval": "10s",
- "timeout": "1s"
- }
- ]
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/mso-mariabdb.json b/kubernetes/consul/resources/config/consul-agent-config/mso-mariabdb.json
deleted file mode 100644
index 54bd2ef..0000000
--- a/kubernetes/consul/resources/config/consul-agent-config/mso-mariabdb.json
+++ /dev/null
@@ -1,15 +0,0 @@
-{
- "service": {
- "name": "Health Check: MSO - MariaDb",
- "checks": [
- {
- "id": "mso-mariadb",
- "name": "MSO Mariadb Health Check",
- "script": "/consul/scripts/mso-mariadb-script.sh",
- "interval": "10s",
- "timeout": "1s"
- }
- ]
-
- }
-}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json b/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json
index dba7c77..3757f4a 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/multicloud-health-check.json
@@ -5,7 +5,7 @@
{
"id": "framework",
"name": "Framework Health Check",
- "http": "http://framework.{{ .Values.nsPrefix }}:9001/api/multicloud/v0/swagger.json",
+ "http": "http://framework:9001/api/multicloud/v0/swagger.json",
"method": "HEAD",
"header": {
"Cache-Control": ["no-cache"],
@@ -19,7 +19,7 @@
{
"id": "multicloud-ocata",
"name": "Multicloud Ocata Health Check",
- "http": "http://multicloud-ocata.{{ .Values.nsPrefix }}:9006/api/multicloud-ocata/v0/swagger.json",
+ "http": "http://multicloud-ocata:9006/api/multicloud-ocata/v0/swagger.json",
"method": "HEAD",
"header": {
"Cache-Control": ["no-cache"],
@@ -33,7 +33,7 @@
{
"id": "multicloud-vio",
"name": "Multicloud Vio Health Check",
- "http": "http://multicloud-vio.{{ .Values.nsPrefix }}:9004/api/multicloud-vio/v0/swagger.json",
+ "http": "http://multicloud-vio:9004/api/multicloud-vio/v0/swagger.json",
"method": "HEAD",
"header": {
"Cache-Control": ["no-cache"],
@@ -47,7 +47,7 @@
{
"id": "multicloud-windriver",
"name": "Multicloud Windriver Health Check",
- "http": "http://multicloud-windriver.{{ .Values.nsPrefix }}:9005/api/multicloud-titanium_cloud/v0/swagger.json",
+ "http": "http://multicloud-windriver:9005/api/multicloud-titanium_cloud/v0/swagger.json",
"method": "HEAD",
"header": {
"Cache-Control": ["no-cache"],
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/aai-search-storage-write-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/aai-search-storage-write-script.sh
index 3d26f6e..9ee0945 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/aai-search-storage-write-script.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/aai-search-storage-write-script.sh
@@ -1,6 +1,6 @@
-if curl -s -X PUT http://aai-elasticsearch.{{ .Values.nsPrefix }}:9200/searchhealth/stats/testwrite -d @/consul/scripts/aai-search-storage-write-doc.txt | grep '\"created\":true'; then
- if curl -s -X DELETE http://aai-elasticsearch.{{ .Values.nsPrefix }}:9200/searchhealth/stats/testwrite | grep '\"failed\":0'; then
- if curl -s -X GET http://aai-elasticsearch.{{ .Values.nsPrefix }}:9200/searchhealth/stats/testwrite | grep '\"found\":false'; then
+if curl -s -X PUT http://aai-elasticsearch:9200/searchhealth/stats/testwrite -d @/consul/scripts/aai-search-storage-write-doc.txt | grep '\"created\":true'; then
+ if curl -s -X DELETE http://aai-elasticsearch:9200/searchhealth/stats/testwrite | grep '\"failed\":0'; then
+ if curl -s -X GET http://aai-elasticsearch:9200/searchhealth/stats/testwrite | grep '\"found\":false'; then
echo Successful PUT, DELETE, GET from Search Document Storage 2>&1
exit 0
else
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/appc-dbhost-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/appc-dbhost-script.sh
index 5f91c5e..112809c 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/appc-dbhost-script.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/appc-dbhost-script.sh
@@ -1,6 +1,6 @@
-APPC_DBHOST_POD=$(/consul/bin/kubectl -n {{ .Values.nsPrefix }} get pod | grep -o "appc-dbhost-[^[:space:]]*")
+APPC_DBHOST_POD=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "appc-dbhost-[^[:space:]]*")
if [ -n "$APPC_DBHOST_POD" ]; then
- if /consul/bin/kubectl -n {{ .Values.nsPrefix }} exec -it $APPC_DBHOST_POD -- ./healthcheck.sh |grep -i "mysqld is alive"; then
+ if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $APPC_DBHOST_POD -- ./healthcheck.sh |grep -i "mysqld is alive"; then
echo Success. APPC DBHost is running. 2>&1
exit 0
else
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/data-router-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/data-router-script.sh
index 035e7c8..c85efc3 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/data-router-script.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/data-router-script.sh
@@ -1,8 +1,8 @@
-NAME=$(/consul/bin/kubectl -n {{ .Values.nsPrefix }} get pod | grep -o "aai-data-router[^[:space:]]*")
+NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "aai-data-router[^[:space:]]*")
if [ -n "$NAME" ]; then
- if /consul/bin/kubectl -n {{ .Values.nsPrefix }} exec -it $NAME -- ps -efww | grep 'java' | grep 'data-router' > /dev/null; then
+ if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- ps -efww | grep 'java' | grep 'data-router' > /dev/null; then
echo Success. Synapse process is running. 2>&1
exit 0
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/model-loader-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/model-loader-script.sh
index 9a4b4df..a8babec 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/model-loader-script.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/model-loader-script.sh
@@ -1,8 +1,8 @@
-NAME=$(/consul/bin/kubectl -n {{ .Values.nsPrefix }} get pod | grep -o "aai-model-loader[^[:space:]]*")
+NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "aai-model-loader[^[:space:]]*")
if [ -n "$NAME" ]; then
- if /consul/bin/kubectl -n {{ .Values.nsPrefix }} exec -it $NAME -- ps -efww | grep 'java' | grep 'model-loader' > /dev/null; then
+ if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- ps -efww | grep 'java' | grep 'model-loader' > /dev/null; then
echo Success. Model Loader process is running. 2>&1
exit 0
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/mr-kafka-health.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/mr-kafka-health.sh
index a109032..6630117 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/mr-kafka-health.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/mr-kafka-health.sh
@@ -1,6 +1,6 @@
-kafkapod=$(/consul/bin/kubectl -n {{ .Values.nsPrefix }} get pod | grep -o "message-router-global-kafka-[^[:space:]]*")
+kafkapod=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "message-router-global-kafka-[^[:space:]]*")
if [ -n "$kafkapod" ]; then
- if /consul/bin/kubectl -n {{ .Values.nsPrefix }} exec -it $kafkapod -- ps ef | grep -i kafka; then
+ if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $kafkapod -- ps ef | grep -i kafka; then
echo Success. Kafka process is running. 2>&1
exit 0
else
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/mr-zookeeper-health.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/mr-zookeeper-health.sh
index 47c42d5..fb34057 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/mr-zookeeper-health.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/mr-zookeeper-health.sh
@@ -1,6 +1,6 @@
-zkpod=$(/consul/bin/kubectl -n {{ .Values.nsPrefix }} get pod | grep -o "message-router-zookeeper-[^[:space:]]*")
+zkpod=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "message-router-zookeeper-[^[:space:]]*")
if [ -n "$zkpod" ]; then
- if /consul/bin/kubectl -n {{ .Values.nsPrefix }} exec -it $zkpod -- ps ef | grep -i zookeeper; then
+ if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $zkpod -- ps ef | grep -i zookeeper; then
echo Success. Zookeeper process is running. 2>&1
exit 0
else
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/mso-api-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/mso-api-script.sh
deleted file mode 100755
index 8f3f85c..0000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/mso-api-script.sh
+++ /dev/null
@@ -1,15 +0,0 @@
-## Query the health check API.
-HEALTH_CHECK_ENDPOINT="http://mso.{{ .Values.nsPrefix }}:8080/ecomp/mso/infra/healthcheck"
-HEALTH_CHECK_RESPONSE=$(curl -s $HEALTH_CHECK_ENDPOINT)
-
-READY=$(echo $HEALTH_CHECK_RESPONSE | grep "Application ready")
-
-if [ -n $READY ]; then
- echo "Query against health check endpoint: $HEALTH_CHECK_ENDPOINT"
- echo "Produces response: $HEALTH_CHECK_RESPONSE"
- echo "Application is not in an available state"
- return 2
-else
- echo "Application is available."
- return 0
-fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/mso-jra-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/mso-jra-script.sh
deleted file mode 100755
index beeb289..0000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/mso-jra-script.sh
+++ /dev/null
@@ -1,15 +0,0 @@
-## Query the health check API.
-HEALTH_CHECK_ENDPOINT="http://mso.{{ .Values.nsPrefix }}:8080/networks/rest/healthcheck"
-HEALTH_CHECK_RESPONSE=$(curl -s $HEALTH_CHECK_ENDPOINT)
-
-READY=$(echo $HEALTH_CHECK_RESPONSE | grep "Application ready")
-
-if [ -n $READY ]; then
- echo "Query against health check endpoint: $HEALTH_CHECK_ENDPOINT"
- echo "Produces response: $HEALTH_CHECK_RESPONSE"
- echo "Application is not in an available state"
- return 2
-else
- echo "Application is available."
- return 0
-fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/mso-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/mso-mariadb-script.sh
deleted file mode 100755
index aa73a73..0000000
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/mso-mariadb-script.sh
+++ /dev/null
@@ -1,14 +0,0 @@
-NAME=$(/consul/bin/kubectl -n {{ .Values.nsPrefix }} get pod | grep -o "mso-mariadb[^[:space:]]*")
-
- if [ -n "$NAME" ]; then
- if /consul/bin/kubectl -n {{ .Values.nsPrefix }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
- echo Success. mariadb process is running. 2>&1
- exit 0
- else
- echo Failed. mariadb process is not running. 2>&1
- exit 1
- fi
- else
- echo Failed. mariadb container is offline. 2>&1
- exit 1
- fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-be-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-be-script.sh
index 00a0564..f007e62 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-be-script.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-be-script.sh
@@ -1,5 +1,5 @@
## Query the health check API.
-HEALTH_CHECK_ENDPOINT="http://sdc-fe.{{ .Values.nsPrefix }}:8181/sdc1/rest/healthCheck"
+HEALTH_CHECK_ENDPOINT="http://sdc-fe:8181/sdc1/rest/healthCheck"
HEALTH_CHECK_RESPONSE=$(curl -s $HEALTH_CHECK_ENDPOINT)
## Strip out the ON_BOARDING section from the response XML (otherwise we will
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-cs-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-cs-script.sh
index 9950cc9..a9ba31a 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-cs-script.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-cs-script.sh
@@ -1,5 +1,5 @@
## Query the health check API.
-HEALTH_CHECK_ENDPOINT="http://sdc-fe.{{ .Values.nsPrefix }}:8181/sdc1/rest/healthCheck"
+HEALTH_CHECK_ENDPOINT="http://sdc-fe:8181/sdc1/rest/healthCheck"
HEALTH_CHECK_RESPONSE=$(curl -s $HEALTH_CHECK_ENDPOINT)
## Strip out the ON_BOARDING section from the response XML (otherwise we will
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-fe-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-fe-script.sh
index 27f3b22..4e3664b 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-fe-script.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-fe-script.sh
@@ -1,5 +1,5 @@
## Query the health check API.
-HEALTH_CHECK_ENDPOINT="http://sdc-fe.{{ .Values.nsPrefix }}:8181/sdc1/rest/healthCheck"
+HEALTH_CHECK_ENDPOINT="http://sdc-fe:8181/sdc1/rest/healthCheck"
HEALTH_CHECK_RESPONSE=$(curl -s $HEALTH_CHECK_ENDPOINT)
## Strip out the ON_BOARDING section from the response XML (otherwise we will
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-titan-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-titan-script.sh
index c5955f3..85fc431 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-titan-script.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/sdc-titan-script.sh
@@ -1,5 +1,5 @@
## Query the health check API.
-HEALTH_CHECK_ENDPOINT="http://sdc-fe.{{ .Values.nsPrefix }}:8181/sdc1/rest/healthCheck"
+HEALTH_CHECK_ENDPOINT="http://sdc-fe:8181/sdc1/rest/healthCheck"
HEALTH_CHECK_RESPONSE=$(curl -s $HEALTH_CHECK_ENDPOINT)
## Strip out the ON_BOARDING section from the response XML (otherwise we will
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdnc-dbhost-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/sdnc-dbhost-script.sh
index 27b9b9f..7406481 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/sdnc-dbhost-script.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/sdnc-dbhost-script.sh
@@ -1,6 +1,6 @@
-SDNC_DBHOST_POD=$(/consul/bin/kubectl -n {{ .Values.nsPrefix }} get pod | grep -o "sdnc-dbhost-[^[:space:]]*")
+SDNC_DBHOST_POD=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "sdnc-dbhost-[^[:space:]]*")
if [ -n "$SDNC_DBHOST_POD" ]; then
- if /consul/bin/kubectl -n {{ .Values.nsPrefix }} exec -it $SDNC_DBHOST_POD -- ./healthcheck.sh |grep -i "mysqld is alive"; then
+ if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $SDNC_DBHOST_POD -- ./healthcheck.sh |grep -i "mysqld is alive"; then
echo Success. SDNC DBHost is running. 2>&1
exit 0
else
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/search-data-service-availability.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/search-data-service-availability.sh
index d511873..12bf9bf 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/search-data-service-availability.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/search-data-service-availability.sh
@@ -1,6 +1,6 @@
#!/bin/sh
-SEARCH_SERVICE_NAME="search-data-service.{{ .Values.nsPrefix }}"
+SEARCH_SERVICE_NAME="search-data-service.{{ include "common.namespace" . }}"
SEARCH_SERVICE_PORT=9509
HEALTH_CHECK_INDEX="healthcheck"
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/mso-camunda-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-api-script.sh
similarity index 83%
copy from kubernetes/consul/resources/config/consul-agent-config/scripts/mso-camunda-script.sh
copy to kubernetes/consul/resources/config/consul-agent-config/scripts/so-api-script.sh
index 341ff19..047d2cb 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/mso-camunda-script.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-api-script.sh
@@ -1,5 +1,5 @@
## Query the health check API.
-HEALTH_CHECK_ENDPOINT="http://mso.{{ .Values.nsPrefix }}:8080/mso/healthcheck"
+HEALTH_CHECK_ENDPOINT="http://so:8080/ecomp/mso/infra/healthcheck"
HEALTH_CHECK_RESPONSE=$(curl -s $HEALTH_CHECK_ENDPOINT)
READY=$(echo $HEALTH_CHECK_RESPONSE | grep "Application ready")
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/mso-camunda-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-camunda-script.sh
similarity index 84%
rename from kubernetes/consul/resources/config/consul-agent-config/scripts/mso-camunda-script.sh
rename to kubernetes/consul/resources/config/consul-agent-config/scripts/so-camunda-script.sh
index 341ff19..9ad3ffc 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/mso-camunda-script.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-camunda-script.sh
@@ -1,5 +1,5 @@
## Query the health check API.
-HEALTH_CHECK_ENDPOINT="http://mso.{{ .Values.nsPrefix }}:8080/mso/healthcheck"
+HEALTH_CHECK_ENDPOINT="http://so:8080/mso/healthcheck"
HEALTH_CHECK_RESPONSE=$(curl -s $HEALTH_CHECK_ENDPOINT)
READY=$(echo $HEALTH_CHECK_RESPONSE | grep "Application ready")
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/mso-camunda-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-jra-script.sh
similarity index 83%
copy from kubernetes/consul/resources/config/consul-agent-config/scripts/mso-camunda-script.sh
copy to kubernetes/consul/resources/config/consul-agent-config/scripts/so-jra-script.sh
index 341ff19..96d9c7a 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/mso-camunda-script.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-jra-script.sh
@@ -1,5 +1,5 @@
## Query the health check API.
-HEALTH_CHECK_ENDPOINT="http://mso.{{ .Values.nsPrefix }}:8080/mso/healthcheck"
+HEALTH_CHECK_ENDPOINT="http://so:8080/networks/rest/healthcheck"
HEALTH_CHECK_RESPONSE=$(curl -s $HEALTH_CHECK_ENDPOINT)
READY=$(echo $HEALTH_CHECK_RESPONSE | grep "Application ready")
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh
new file mode 100755
index 0000000..a80a790
--- /dev/null
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/so-mariadb-script.sh
@@ -0,0 +1,14 @@
+NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "so-db[^[:space:]]*")
+
+ if [ -n "$NAME" ]; then
+ if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
+ echo Success. mariadb process is running. 2>&1
+ exit 0
+ else
+ echo Failed. mariadb process is not running. 2>&1
+ exit 1
+ fi
+ else
+ echo Failed. mariadb container is offline. 2>&1
+ exit 1
+ fi
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/sparky-be-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/sparky-be-script.sh
index 7796681..15175aa 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/sparky-be-script.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/sparky-be-script.sh
@@ -1,8 +1,8 @@
-NAME=$(/consul/bin/kubectl -n {{ .Values.nsPrefix }} get pod | grep -o "aai-sparky-be[^[:space:]]*")
+NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "aai-sparky-be[^[:space:]]*")
if [ -n "$NAME" ]; then
- if /consul/bin/kubectl -n {{ .Values.nsPrefix }} exec -it $NAME -- ps -efww | grep 'java' | grep 'sparky' > /dev/null; then
+ if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- ps -efww | grep 'java' | grep 'sparky' > /dev/null; then
echo Success. UI Backend Service process is running. 2>&1
exit 0
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/tabular-db-availability.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/tabular-db-availability.sh
index dc7768f..fe21db5 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/tabular-db-availability.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/tabular-db-availability.sh
@@ -1,6 +1,6 @@
# Query the Hbase service for the cluster status.
-GET_CLUSTER_STATUS_RESPONSE=$(curl -si -X GET -H "Accept: text/xml" http://hbase.{{ .Values.nsPrefix }}:8080/status/cluster)
+GET_CLUSTER_STATUS_RESPONSE=$(curl -si -X GET -H "Accept: text/xml" http://hbase:8080/status/cluster)
if [ -z "$GET_CLUSTER_STATUS_RESPONSE" ]; then
echo "Tabular store is unreachable."
diff --git a/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh b/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh
index bbb080f..bc25011 100755
--- a/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh
+++ b/kubernetes/consul/resources/config/consul-agent-config/scripts/vid-mariadb-script.sh
@@ -1,7 +1,7 @@
-NAME=$(/consul/bin/kubectl -n {{ .Values.nsPrefix }} get pod | grep -o "vid-mariadb[^[:space:]]*")
+NAME=$(/consul/bin/kubectl -n {{ include "common.namespace" . }} get pod | grep -o "vid-mariadb[^[:space:]]*")
if [ -n "$NAME" ]; then
- if /consul/bin/kubectl -n {{ .Values.nsPrefix }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
+ if /consul/bin/kubectl -n {{ include "common.namespace" . }} exec -it $NAME -- bash -c 'mysqladmin status -u root -p$MYSQL_ROOT_PASSWORD' > /dev/null; then
echo Success. mariadb process is running. 2>&1
exit 0
else
diff --git a/kubernetes/consul/resources/config/consul-agent-config/sdc-health.json b/kubernetes/consul/resources/config/consul-agent-config/sdc-health.json
index ec8ec86..105635b 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/sdc-health.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/sdc-health.json
@@ -33,7 +33,7 @@
{
"id": "sdc-catalog-healthcheck",
"name": "SDC Catalog Health Check",
- "http": "https://sdc-be.{{ .Values.nsPrefix }}:8443/asdc/v1/catalog/services",
+ "http": "https://sdc-be:8443/asdc/v1/catalog/services",
"header": {
"Authorization": ["Basic dmlkOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU="],
"X-ECOMP-InstanceID": ["VID"],
diff --git a/kubernetes/consul/resources/config/consul-agent-config/sdnc-dgbuilder.json b/kubernetes/consul/resources/config/consul-agent-config/sdnc-dgbuilder.json
index 6ae14af..72e6be9 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/sdnc-dgbuilder.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/sdnc-dgbuilder.json
@@ -5,7 +5,7 @@
{
"id": "sdnc-dgbuilder",
"name": "SDNC-DGbuilder Health Check",
- "http": "http://sdnc-dgbuilder.{{ .Values.nsPrefix }}:3000/",
+ "http": "http://sdnc-dgbuilder:3000/",
"method": "HEAD",
"header": {
"Authorization": ["Basic ZGd1c2VyOnRlc3QxMjM="],
diff --git a/kubernetes/consul/resources/config/consul-agent-config/sdnc-health.json b/kubernetes/consul/resources/config/consul-agent-config/sdnc-health.json
index 0ee5e89..5f42835 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/sdnc-health.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/sdnc-health.json
@@ -5,7 +5,7 @@
{
"id": "odl-api-healthcheck",
"name": "SDNC API Health Check",
- "http": "http://sdnhost.{{ .Values.nsPrefix }}:8282/restconf/operations/SLI-API:healthcheck",
+ "http": "http://sdnc:8282/restconf/operations/SLI-API:healthcheck",
"method": "POST",
"header": {
"Authorization": ["Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ=="],
diff --git a/kubernetes/consul/resources/config/consul-agent-config/sdnc-portal-health.json b/kubernetes/consul/resources/config/consul-agent-config/sdnc-portal-health.json
index 092df05..d03ce90 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/sdnc-portal-health.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/sdnc-portal-health.json
@@ -5,7 +5,7 @@
{
"id": "sdnc-portal",
"name": "SDNC Portal Health Check",
- "http": "http://sdnc-portal.{{ .Values.nsPrefix }}:8843/login",
+ "http": "http://sdnc-portal:8843/login",
"method": "HEAD",
"header": {
"Cache-Control": ["no-cache"],
diff --git a/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnctldb01-healthcheck.json b/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnctldb01-healthcheck.json
index ed4a29d..e684c09 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnctldb01-healthcheck.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnctldb01-healthcheck.json
@@ -3,9 +3,9 @@
"name": "Health Check: SDNC-SDN-CTL-DB-01",
"checks": [
{
- "id": "sdnctldb01.{{ .Values.nsPrefix }}",
+ "id": "sdnctldb01",
"name": "SDNC SDNCTLDB01 Health Check",
- "tcp": "sdnctldb01.{{ .Values.nsPrefix }}:3306",
+ "tcp": "sdnc-dbhost:3306",
"interval": "10s",
"timeout": "1s"
}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnctldb02-healthcheck.json b/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnctldb02-healthcheck.json
index 8c4700b..ae4820a 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnctldb02-healthcheck.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnctldb02-healthcheck.json
@@ -3,9 +3,9 @@
"name": "Health Check: SDNC-SDN-CTL-DB-02",
"checks": [
{
- "id": "sdnctldb02.{{ .Values.nsPrefix }}",
+ "id": "sdnctldb02",
"name": "SDNC SDNCTLDB02 Health Check",
- "tcp": "sdnctldb02.{{ .Values.nsPrefix }}:3306",
+ "tcp": "sdnc-dbhost:3306",
"interval": "10s",
"timeout": "1s"
}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnhost.json b/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnhost.json
index 585b9c0..604b5be 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnhost.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/sdnc-sdnhost.json
@@ -5,7 +5,7 @@
{
"id": "sdnc-sdnhost",
"name": "SDNC SDN Host Health Check",
- "http": "http://sdnhost.{{ .Values.nsPrefix }}:8282/apidoc/explorer/index.html",
+ "http": "http://sdnhost:8282/apidoc/explorer/index.html",
"method": "HEAD",
"header": {
"Authorization": ["Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ=="],
diff --git a/kubernetes/consul/resources/config/consul-agent-config/so-health.json b/kubernetes/consul/resources/config/consul-agent-config/so-health.json
new file mode 100644
index 0000000..565c4a4
--- /dev/null
+++ b/kubernetes/consul/resources/config/consul-agent-config/so-health.json
@@ -0,0 +1,28 @@
+{
+ "service": {
+ "name": "Health Check: SO",
+ "checks": [
+ {
+ "id": "so-api-healthcheck",
+ "name": "SO API Health Check",
+ "script": "/consul/scripts/so-api-script.sh",
+ "interval": "10s",
+ "timeout": "1s"
+ },
+ {
+ "id": "so-camunda-healthcheck",
+ "name": "SO Camunda Health Check",
+ "script": "/consul/scripts/so-camunda-script.sh",
+ "interval": "10s",
+ "timeout": "1s"
+ },
+ {
+ "id": "so-jra-healthcheck",
+ "name": "SO JRA Health Check",
+ "script": "/consul/scripts/so-jra-script.sh",
+ "interval": "10s",
+ "timeout": "1s"
+ }
+ ]
+ }
+}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/so-mariabdb.json b/kubernetes/consul/resources/config/consul-agent-config/so-mariabdb.json
new file mode 100644
index 0000000..fb55420
--- /dev/null
+++ b/kubernetes/consul/resources/config/consul-agent-config/so-mariabdb.json
@@ -0,0 +1,15 @@
+{
+ "service": {
+ "name": "Health Check: SO - MariaDb",
+ "checks": [
+ {
+ "id": "so-mariadb",
+ "name": "SO Mariadb Health Check",
+ "script": "/consul/scripts/so-mariadb-script.sh",
+ "interval": "10s",
+ "timeout": "1s"
+ }
+ ]
+
+ }
+}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/vfc-health.json b/kubernetes/consul/resources/config/consul-agent-config/vfc-health.json
index 25e670c..3661ac7 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/vfc-health.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/vfc-health.json
@@ -3,114 +3,114 @@
"name": "Health Check: VFC",
"checks": [
{
- "id": "vfc-catalog.{{ .Values.nsPrefix }}",
+ "id": "vfc-catalog",
"name": "VFC catalog Health Check",
- "tcp": "vfc-catalog.{{ .Values.nsPrefix }}:8806",
+ "tcp": "vfc-catalog:8806",
"interval": "15s",
"timeout": "1s"
},
{
- "id": "vfc-emsdriver.{{ .Values.nsPrefix }}",
+ "id": "vfc-emsdriver",
"name": "VFC emsdriver Health Check",
- "tcp": "vfc-emsdriver.{{ .Values.nsPrefix }}:8206",
+ "tcp": "vfc-ems-driver:8206",
"interval": "15s",
"timeout": "1s"
},
{
- "id": "vfc-gvnfmdriver.{{ .Values.nsPrefix }}",
+ "id": "vfc-gvnfmdriver",
"name": "VFC gvnfmdriver Health Check",
- "tcp": "vfc-gvnfmdriver.{{ .Values.nsPrefix }}:8484",
+ "tcp": "vfc-generic-vnfm-driver:8484",
"interval": "15s",
"timeout": "1s"
},
{
- "id": "vfc-hwvnfmdriver.{{ .Values.nsPrefix }}",
+ "id": "vfc-hwvnfmdriver",
"name": "VFC hwvnfmdriver Health Check",
- "tcp": "vfc-hwvnfmdriver.{{ .Values.nsPrefix }}:8482",
+ "tcp": "vfc-huawei-vnfm-driver:8482",
"interval": "15s",
"timeout": "1s"
},
{
- "id": "vfc-jujudriver.{{ .Values.nsPrefix }}",
+ "id": "vfc-jujudriver",
"name": "VFC jujudriver Health Check",
- "tcp": "vfc-jujudriver.{{ .Values.nsPrefix }}:8483",
+ "tcp": "vfc-juju-vnfm-driver:8483",
"interval": "15s",
"timeout": "1s"
},
{
- "id": "vfc-nokiavnfmdriver.{{ .Values.nsPrefix }}",
+ "id": "vfc-nokiavnfmdriver",
"name": "VFC nokiavnfmdriver Health Check",
- "tcp": "vfc-nokiavnfmdriver.{{ .Values.nsPrefix }}:8486",
+ "tcp": "vfc-nokia-vnfm-driver:8486",
"interval": "15s",
"timeout": "1s"
},
{
- "id": "vfc-nokiav2vnfmdriver.{{ .Values.nsPrefix }}",
+ "id": "vfc-nokiav2vnfmdriver",
"name": "VFC nokiav2vnfmdriver Health Check",
- "tcp": "vfc-nokiav2vnfmdriver.{{ .Values.nsPrefix }}:8089",
+ "tcp": "vfc-nokia-v2vnfm-driver:8089",
"interval": "15s",
"timeout": "1s"
},
{
- "id": "vfc-nslcm.{{ .Values.nsPrefix }}",
+ "id": "vfc-nslcm",
"name": "VFC nslcm Health Check",
- "tcp": "vfc-nslcm.{{ .Values.nsPrefix }}:8403",
+ "tcp": "vfc-nslcm:8403",
"interval": "15s",
"timeout": "1s"
},
{
- "id": "vfc-resmgr.{{ .Values.nsPrefix }}",
+ "id": "vfc-resmgr",
"name": "VFC resmgr Health Check",
- "tcp": "vfc-resmgr.{{ .Values.nsPrefix }}:8480",
+ "tcp": "vfc-resmgr:8480",
"interval": "15s",
"timeout": "1s"
},
{
- "id": "vfc-vnflcm.{{ .Values.nsPrefix }}",
+ "id": "vfc-vnflcm",
"name": "VFC vnflcm Health Check",
- "tcp": "vfc-vnflcm.{{ .Values.nsPrefix }}:8801",
+ "tcp": "vfc-vnflcm:8801",
"interval": "15s",
"timeout": "1s"
},
{
- "id": "vfc-vnfmgr.{{ .Values.nsPrefix }}",
+ "id": "vfc-vnfmgr",
"name": "VFC vnfmgr Health Check",
- "tcp": "vfc-vnfmgr.{{ .Values.nsPrefix }}:8803",
+ "tcp": "vfc-vnfmgr:8803",
"interval": "15s",
"timeout": "1s"
},
{
- "id": "vfc-vnfres.{{ .Values.nsPrefix }}",
+ "id": "vfc-vnfres",
"name": "VFC vnfres Health Check",
- "tcp": "vfc-vnfres.{{ .Values.nsPrefix }}:8802",
+ "tcp": "vfc-vnfres:8802",
"interval": "15s",
"timeout": "1s"
},
{
- "id": "vfc-workflow.{{ .Values.nsPrefix }}",
+ "id": "vfc-workflow",
"name": "VFC workflow Health Check",
- "tcp": "vfc-workflow.{{ .Values.nsPrefix }}:10550",
+ "tcp": "vfc-workflow:10550",
"interval": "15s",
"timeout": "1s"
},
{
- "id": "vfc-workflowengineactiviti.{{ .Values.nsPrefix }}",
+ "id": "vfc-workflowengineactiviti",
"name": "VFC workflow-engine Health Check",
- "tcp": "vfc-workflowengineactiviti.{{ .Values.nsPrefix }}:8080",
+ "tcp": "vfc-workflow-engine:8080",
"interval": "15s",
"timeout": "1s"
},
{
- "id": "vfc-ztesdncdriver.{{ .Values.nsPrefix }}",
+ "id": "vfc-ztesdncdriver",
"name": "VFC ztesdncdriver Health Check",
- "tcp": "vfc-ztesdncdriver.{{ .Values.nsPrefix }}:8411",
+ "tcp": "vfc-zte-sdnc-driver:8411",
"interval": "15s",
"timeout": "1s"
},
{
- "id": "vfc-ztevnfmdriver.{{ .Values.nsPrefix }}",
+ "id": "vfc-ztevnfmdriver",
"name": "VFC ztevnfmdriver Health Check",
- "tcp": "vfc-ztevnfmdriver.{{ .Values.nsPrefix }}:8410",
+ "tcp": "vfc-zte-vnfm-driver:8410",
"interval": "15s",
"timeout": "1s"
}
diff --git a/kubernetes/consul/resources/config/consul-agent-config/vid-health.json b/kubernetes/consul/resources/config/consul-agent-config/vid-health.json
index 2dc6f0a..d6d8d4c 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/vid-health.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/vid-health.json
@@ -5,7 +5,7 @@
{
"id": "vid-server",
"name": "VID Server Health Check",
- "http": "http://vid-server.{{ .Values.nsPrefix }}:8080/vid/healthCheck",
+ "http": "http://vid:8080/vid/healthCheck",
"method": "GET",
"header": {
"Authorization": ["Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ=="],
diff --git a/kubernetes/esr/charts/esr-gui/templates/service.yaml b/kubernetes/esr/charts/esr-gui/templates/service.yaml
index 6a274b5..678db1a 100644
--- a/kubernetes/esr/charts/esr-gui/templates/service.yaml
+++ b/kubernetes/esr/charts/esr-gui/templates/service.yaml
@@ -30,7 +30,8 @@
"url": "/esr-gui",
"protocol": "UI",
"port": "{{ .Values.service.internalPort }}",
- "visualRange":"1"
+ "visualRange":"1",
+ "path":"/iui/aai-esr-gui"
}
]'
spec:
diff --git a/kubernetes/msb/resources/config/log/filebeat/filebeat.yml b/kubernetes/msb/resources/config/log/filebeat/filebeat.yml
index 89c6932..0bc14ea 100644
--- a/kubernetes/msb/resources/config/log/filebeat/filebeat.yml
+++ b/kubernetes/msb/resources/config/log/filebeat/filebeat.yml
@@ -21,7 +21,7 @@
#List of logstash server ip addresses with port number.
#But, in our case, this will be the loadbalancer IP address.
#For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
- hosts: ["logstash.{{.Values.nsPrefix}}:5044"]
+ hosts: ["{{.Values.config.logstashServiceName}}:{{.Values.config.logstashPort}}"]
#If enable will do load balancing among availabe Logstash, automatically.
loadbalance: true
diff --git a/kubernetes/msb/values.yaml b/kubernetes/msb/values.yaml
index 2a0dbe2..d9de3fa 100644
--- a/kubernetes/msb/values.yaml
+++ b/kubernetes/msb/values.yaml
@@ -20,3 +20,9 @@
repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+
+# application configuration
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+
diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf
index 7b13116..8e0b882 100644
--- a/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf
+++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf
@@ -30,7 +30,7 @@
UEB_CLUSTER=message-router
REST_PAP_URL=http://{{ .Values.global.pap.nameOverride }}:{{.Values.config.papPort}}/pap/
-REST_PDP_ID=http://{{ include "common.servicename" . }}:{{.Values.service.externalPort}}/pdp/
+REST_PDP_ID=http://${{"{{"}}FQDN{{"}}"}}:{{.Values.service.externalPort}}/pdp/
REST_PDP_CONFIG=/opt/app/policy/servers/pdp/bin/config
REST_PDP_WEBAPPS=/opt/app/policy/servers/pdp/webapps
REST_PDP_REGISTER=true
@@ -46,7 +46,7 @@
node_type=pdp_xacml
resource_name=pdp_1
-dependency_groups=pdplp_1;brmsgw_1
+dependency_groups=brmsgw_1
test_via_jmx=true
#
diff --git a/kubernetes/policy/resources/config/pe/console.conf b/kubernetes/policy/resources/config/pe/console.conf
index 0251048..d972d7c 100644
--- a/kubernetes/policy/resources/config/pe/console.conf
+++ b/kubernetes/policy/resources/config/pe/console.conf
@@ -135,12 +135,12 @@
#-----------------------ONAP-PORTAL-Properties----------------------
-ONAP_REDIRECT_URL=http://portalapps:8989/ONAPPORTAL/login.htm
-ONAP_REST_URL=http://portalapps:8989/ONAPPORTAL/auxapi
+ONAP_REDIRECT_URL=http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/login.htm
+ONAP_REST_URL=http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/auxapi
ONAP_UEB_URL_LIST=
ONAP_PORTAL_INBOX_NAME=
ONAP_UEB_APP_KEY=
ONAP_UEB_APP_SECRET=
ONAP_UEB_APP_MAILBOX_NAME=
APP_DISPLAY_NAME=ONAP Policy
-ONAP_SHARED_CONTEXT_REST_URL=http://portalapps:8989/ONAPPORTAL/context
+ONAP_SHARED_CONTEXT_REST_URL=http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/context
diff --git a/kubernetes/policy/resources/config/pe/pap.conf b/kubernetes/policy/resources/config/pe/pap.conf
index 39199d7..ae9d47c 100644
--- a/kubernetes/policy/resources/config/pe/pap.conf
+++ b/kubernetes/policy/resources/config/pe/pap.conf
@@ -39,7 +39,7 @@
REST_ADMIN_WORKSPACE=workspace
# PDP related properties
-PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-0.{{ .Values.global.pdp.nameOverride }}:{{ .Values.config.pdpPort }}/pdp/,http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-1.{{ .Values.global.pdp.nameOverride }}:{{ .Values.config.pdpPort }}/pdp/
+PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-0.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/,testpdp,alpha123;http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-1.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/
PAP_PDP_HTTP_USER_ID=testpdp
PAP_PDP_HTTP_PASSWORD=alpha123
diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml
index 4ab6e11..c2c9747 100644
--- a/kubernetes/policy/values.yaml
+++ b/kubernetes/policy/values.yaml
@@ -65,7 +65,7 @@
# application configuration
config:
- preloadPolicies: true
+ preloadPolicies: false
pdpPort: 8081
# default number of instances
diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py
index 6e566c3..2235a31 100755
--- a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py
+++ b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py
@@ -1,7 +1,8 @@
# aaf info - everything is from the private oam network (also called onap private network)
-GLOBAL_AAF_SERVER = "http://aaf.{{include "common.namespace" .}}:8101"
-GLOBAL_AAF_USERNAME = "dgl@openecomp.org"
-GLOBAL_AAF_PASSWORD = "ecomp_admin"
+GLOBAL_AAF_SERVER = "https://aaf-service.{{include "common.namespace" .}}:8100"
+GLOBAL_AAF_USERNAME = "demo@people.osaaf.org"
+GLOBAL_AAF_PASSWORD = "demo123456!"
+
# aai info - everything is from the private oam network (also called onap private network)
GLOBAL_AAI_SERVER_PROTOCOL = "https"
GLOBAL_AAI_SERVER_PORT = "8443"
diff --git a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py
index 7bb8c1c..7ce15db 100755
--- a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py
+++ b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py
@@ -1,6 +1,6 @@
# File generated from /opt/config
#
-GLOBAL_INJECTED_AAF_IP_ADDR = "aaf.{{include "common.namespace" .}}"
+GLOBAL_INJECTED_AAF_IP_ADDR = "aaf-service.{{include "common.namespace" .}}"
GLOBAL_INJECTED_AAI1_IP_ADDR = "aai.{{include "common.namespace" .}}"
GLOBAL_INJECTED_AAI2_IP_ADDR = "N/A"
GLOBAL_INJECTED_APPC_IP_ADDR = "appc.{{include "common.namespace" .}}"
@@ -48,10 +48,10 @@
GLOBAL_INJECTED_UBUNTU_1604_IMAGE = "{{ .Values.ubuntu16Image }}"
GLOBAL_INJECTED_VID_IP_ADDR = "vid.{{include "common.namespace" .}}"
GLOBAL_INJECTED_VM_FLAVOR = "{{ .Values.openStackFlavourMedium }}"
-GLOBAL_INJECTED_VNFSDK_IP_ADDR = "vnfsdk.{{include "common.namespace" .}}"
+GLOBAL_INJECTED_VNFSDK_IP_ADDR = "refrepo.{{include "common.namespace" .}}"
GLOBAL_INJECTED_PROPERTIES = {
- "GLOBAL_INJECTED_AAF_IP_ADDR" : "aaf.{{include "common.namespace" .}}",
+ "GLOBAL_INJECTED_AAF_IP_ADDR" : "aaf-service.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_AAI1_IP_ADDR" : "aai.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_AAI2_IP_ADDR" : "N/A",
"GLOBAL_INJECTED_APPC_IP_ADDR" : "appc.{{include "common.namespace" .}}",
@@ -84,7 +84,7 @@
"GLOBAL_INJECTED_OPENSTACK_USERNAME" : "{{ .Values.openStackUserName }}",
"GLOBAL_INJECTED_POLICY_IP_ADDR" : "pdp.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_POLICY_HEALTHCHECK_IP_ADDR" : "drools.{{include "common.namespace" .}}",
- "GLOBAL_INJECTED_PORTAL_IP_ADDR" : "portalapps.{{include "common.namespace" .}}",
+ "GLOBAL_INJECTED_PORTAL_IP_ADDR" : "portal-app.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_PUBLIC_NET_ID" : "{{ .Values.openStackPublicNetId }}",
"GLOBAL_INJECTED_REGION" : "{{ .Values.openStackRegion }}",
"GLOBAL_INJECTED_REMOTE_REPO" : "http://gerrit.onap.org/r/testsuite/properties.git",
@@ -99,5 +99,5 @@
"GLOBAL_INJECTED_UBUNTU_1604_IMAGE" : "{{.Values.ubuntu16Image}}",
"GLOBAL_INJECTED_VID_IP_ADDR" : "vid.{{include "common.namespace" .}}",
"GLOBAL_INJECTED_VM_FLAVOR" : "{{ .Values.openStackFlavourMedium }}",
- "GLOBAL_INJECTED_VNFSDK_IP_ADDR" : "vnfsdk.{{include "common.namespace" .}}"
+ "GLOBAL_INJECTED_VNFSDK_IP_ADDR" : "refrepo.{{include "common.namespace" .}}"
}
diff --git a/kubernetes/vfc/resources/config/logging/filebeat/filebeat.yml b/kubernetes/vfc/resources/config/logging/filebeat/filebeat.yml
index 5967963..0bc14ea 100644
--- a/kubernetes/vfc/resources/config/logging/filebeat/filebeat.yml
+++ b/kubernetes/vfc/resources/config/logging/filebeat/filebeat.yml
@@ -21,8 +21,7 @@
#List of logstash server ip addresses with port number.
#But, in our case, this will be the loadbalancer IP address.
#For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
- #hosts: ["logstash.{{.Values.nsPrefix}}:5044"]
- hosts: ["{{.Release.Name}}-{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+ hosts: ["{{.Values.config.logstashServiceName}}:{{.Values.config.logstashPort}}"]
#If enable will do load balancing among availabe Logstash, automatically.
loadbalance: true
diff --git a/kubernetes/vnfsdk/charts/vnfsdk-postgres/templates/job.yaml b/kubernetes/vnfsdk/charts/vnfsdk-postgres/templates/deployment.yaml
similarity index 73%
rename from kubernetes/vnfsdk/charts/vnfsdk-postgres/templates/job.yaml
rename to kubernetes/vnfsdk/charts/vnfsdk-postgres/templates/deployment.yaml
index 62ca119..88d6238 100644
--- a/kubernetes/vnfsdk/charts/vnfsdk-postgres/templates/job.yaml
+++ b/kubernetes/vnfsdk/charts/vnfsdk-postgres/templates/deployment.yaml
@@ -12,31 +12,33 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: batch/v1
-kind: Job
+apiVersion: extensions/v1beta1
+kind: Deployment
metadata:
- name: {{ include "common.fullname" . }}-config
+ name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
labels:
- app: {{ include "common.name" . }}-job
+ app: {{ include "common.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
template:
metadata:
labels:
- app: {{ include "common.name" . }}-job
+ app: {{ include "common.name" . }}
release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
spec:
- restartPolicy: Never
- hostname: postgres
+ hostname: {{ include "common.name" . }}
containers:
- - name: {{ include "common.name" . }}-job
+ - args:
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
- env:
- - name: DB_HOST
- value: "{{ include "common.servicename" . }}"
+ name: {{ include "common.name" . }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/vnfsdk/charts/vnfsdk-postgres/templates/service.yaml b/kubernetes/vnfsdk/charts/vnfsdk-postgres/templates/service.yaml
index 55221b1..f6208cf 100644
--- a/kubernetes/vnfsdk/charts/vnfsdk-postgres/templates/service.yaml
+++ b/kubernetes/vnfsdk/charts/vnfsdk-postgres/templates/service.yaml
@@ -32,7 +32,7 @@
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
{{- end}}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName | default "http" }}
selector:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
diff --git a/kubernetes/vnfsdk/charts/vnfsdk-postgres/values.yaml b/kubernetes/vnfsdk/charts/vnfsdk-postgres/values.yaml
index 4329a22..c35a1f9 100644
--- a/kubernetes/vnfsdk/charts/vnfsdk-postgres/values.yaml
+++ b/kubernetes/vnfsdk/charts/vnfsdk-postgres/values.yaml
@@ -29,7 +29,7 @@
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/refrepo/postgres:latest
+image: onap/vnfsdk/refrepo/postgres:latest
pullPolicy: Always
# flag to enable debugging - application support required
@@ -55,8 +55,7 @@
service:
type: ClusterIP
- name: vnfsdk-pgset
- portName: vnfsdk-pgset
+ name: postgres
internalPort: 5432
externalPort: 5432
diff --git a/kubernetes/vnfsdk/requirements.yaml b/kubernetes/vnfsdk/requirements.yaml
index caf4149..f639633 100644
--- a/kubernetes/vnfsdk/requirements.yaml
+++ b/kubernetes/vnfsdk/requirements.yaml
@@ -19,6 +19,3 @@
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
- - name: postgres
- version: ~2.0.0
- repository: '@local'
diff --git a/kubernetes/vnfsdk/templates/deployment.yaml b/kubernetes/vnfsdk/templates/deployment.yaml
index 2e5f40b..35bff1e 100644
--- a/kubernetes/vnfsdk/templates/deployment.yaml
+++ b/kubernetes/vnfsdk/templates/deployment.yaml
@@ -38,7 +38,7 @@
- /root/ready.py
args:
- --container-name
- - "{{ index .Values "vnfsdk-postgres" "nameOverride" }}"
+ - "{{ .Values.vnfsdkpostgres.nameOverride }}"
env:
- name: NAMESPACE
valueFrom:
diff --git a/kubernetes/vnfsdk/templates/service.yaml b/kubernetes/vnfsdk/templates/service.yaml
index 55221b1..f6208cf 100644
--- a/kubernetes/vnfsdk/templates/service.yaml
+++ b/kubernetes/vnfsdk/templates/service.yaml
@@ -32,7 +32,7 @@
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
{{- end}}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName | default "http" }}
selector:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml
index 009d42d..887c680 100644
--- a/kubernetes/vnfsdk/values.yaml
+++ b/kubernetes/vnfsdk/values.yaml
@@ -29,12 +29,12 @@
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/refrepo:1.1-STAGING-latest
+image: onap/vnfsdk/refrepo:1.1-STAGING-latest
pullPolicy: Always
#subchart name
-vnfsdk-postgres:
- nameOverride: postgres
+vnfsdkpostgres:
+ nameOverride: vnfsdk-postgres
# flag to enable debugging - application support required
debugEnabled: false