### Push O2 service images to local registry (with auth user admin)
```sh
-sudo docker tag o2imsdms:latest registry.local:9001/admin/o2imsdms:0.1.4
-sudo docker image push registry.local:9001/admin/o2imsdms:0.1.4
+sudo docker tag o2imsdms:latest registry.local:9001/o-ran-sc/pti-o2imsdms:2.0.0
+sudo docker image push registry.local:9001/o-ran-sc/pti-o2imsdms:2.0.0
```
cd /home/sysadmin/
source /etc/platform/openrc
cat <<EOF>ocloud-override.yaml
+imagePullSecrets:
+ - default-registry-key
+
o2ims:
serviceaccountname: admin-oran-o2
- image:
- repository: registry.local:9001/admin/o2imsdms
- tag: 0.1.4
+ images:
+ tags:
+ o2service: registry.local:9001/o-ran-sc/pti-o2imsdms:2.0.0
+ postgres: docker.io/library/postgres:9.6
+ redis: docker.io/library/redis:alpine
pullPolicy: IfNotPresent
logginglevel: "DEBUG"
app: o2api
spec:
serviceAccountName: {{ .Values.o2ims.serviceaccountname }}
- # imagePullSecrets:
- # - name: {{ .Values.o2ims.imagePullSecrets }}
+ {{- if .Values.imagePullSecrets }}
imagePullSecrets:
- - name: {{ .Values.o2ims.serviceaccountname }}-registry-secret
+ {{- range .Values.imagePullSecrets }}
+ - name: {{ . }}
+ {{- end }}
+ {{- end }}
{{- if .Values.o2ims.affinity }}
affinity:
{{ toYaml .Values.o2ims.affinity | indent 8 }}
{{- end }}
containers:
- name: postgres
- image: postgres:9.6
+ image: "{{ .Values.o2ims.images.tags.postgres }}"
ports:
- containerPort: 5432
env:
- name: db-pv
mountPath: /var/lib/postgresql/data
- name: redis
- image: redis:alpine
+ image: "{{ .Values.o2ims.images.tags.redis }}"
ports:
- containerPort: 6379
- name: o2pubsub
- image: "{{ .Values.o2ims.image.repository }}:{{ .Values.o2ims.image.tag }}"
+ image: "{{ .Values.o2ims.images.tags.o2service }}"
command: ["/bin/bash", "/opt/o2pubsub_start.sh"]
env:
- name: DB_HOST
mountPath: /configs/smoca.crt
subPath: config.json
- name: watcher
- image: "{{ .Values.o2ims.image.repository }}:{{ .Values.o2ims.image.tag }}"
+ image: "{{ .Values.o2ims.images.tags.o2service }}"
command: ["/bin/bash", "/opt/o2watcher_start.sh"]
env:
- name: API_HOST_EXTERNAL_FLOATING
subPath: config.json
readOnly: true
- name: o2api
- image: "{{ .Values.o2ims.image.repository }}:{{ .Values.o2ims.image.tag }}"
+ image: "{{ .Values.o2ims.images.tags.o2service }}"
ports:
- containerPort: 80
env:
readOnly: true
{{- if .Values.o2dms.helm_cli_enable }}
- name: helmcli
- image: "{{ .Values.o2ims.image.repository }}:{{ .Values.o2ims.image.tag }}"
+ image: "{{ .Values.o2ims.images.tags.o2service }}"
ports:
- containerPort: 22
env:
nameOverride: ""
fullnameOverride: ""
-applicationconfig: ""
-
-servercrt: ""
-
-serverkey: ""
-
-smocacrt: ""
+# The default value "" doesn't work with binaryData,
+# So generate the value with:
+# echo "" | base64
+# Cg==
+applicationconfig: Cg==
+servercrt: Cg==
+serverkey: Cg==
+smocacrt: Cg==
resources:
cpu: 1
db:
storageSize: 10Gi
+# ImagePullSecrets for operator ServiceAccount, list of secrets in the same
+# namespace used to pull operator image. Must be set for any cluster configured
+# with private docker registry.
+imagePullSecrets:
+ - default-registry-key
+
o2ims:
serviceaccountname: admin-oran-o2
- image:
- repository: registry.local:9001/admin/o2imsdms
- tag: 0.1.1
+ images:
+ tags:
+ o2service: nexus3.o-ran-sc.org:10004/o-ran-sc/pti-o2imsdms:2.0.0
+ postgres: docker.io/library/postgres:9.6
+ redis: docker.io/library/redis:alpine
pullPolicy: IfNotPresent
logginglevel: "WARNING"
cat <<EOF>o2service-override.yaml
+ imagePullSecrets:
+ - default-registry-key
+
o2ims:
serviceaccountname: admin-oran-o2
- image:
- repository: nexus3.o-ran-sc.org:10004/o-ran-sc/pti-o2imsdms
- tag: 2.0.0
+ images:
+ tags:
+ o2service: nexus3.o-ran-sc.org:10004/o-ran-sc/pti-o2imsdms:2.0.0
+ postgres: docker.io/library/postgres:9.6
+ redis: docker.io/library/redis:alpine
pullPolicy: IfNotPresent
logginglevel: "DEBUG"
return res(environ, start_response)
+def _internal_err_response_wrapper(environ, start_response):
+ res = Response(mimetype='text/plain', status=500)
+ return res(environ, start_response)
+
+
class authmiddleware():
'''
if ret is True:
logger.info(
"auth success with oauth token: " + auth_token)
- return self.app(environ, start_response)
+ try:
+ return self.app(environ, start_response)
+ except Exception as ex:
+ logger.error(
+ 'Internal exception happend \
+ ed {}'.format(str(ex)), exc_info=True)
+ return \
+ _internal_err_response_wrapper(environ,
+ start_response)
else:
raise AuthFailureExp(
'Bearer realm="Authentication Failed"')
return _response_wrapper(environ, start_response, ex.dictize())
except AuthFailureExp as ex:
return _response_wrapper(environ, start_response, ex.dictize())
- except Exception:
- hint = 'Bearer realm="Authentication Required"'
- return _response_wrapper(environ, start_response,
- AuthRequiredExp(hint).dictize())
+ except Exception as ex:
+ logger.error('Internal exception happended {}'.format(
+ str(ex)), exc_info=True)
+ return _internal_err_response_wrapper(environ, start_response)